>Number: 163487
>Category: bin
>Synopsis: syslog.conf filtering syntax broken in 9.0-RC3 (was working in
>8.2)
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Dec 20 19:10:08 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Thomas Johnson
>Release: FreeBSD 9.0-RC3 amd64
>Organization:
ClaimLynx, Inc.
>Environment:
System: FreeBSD blackbox-1.ply.claimlynx.com 9.0-RC3 FreeBSD 9.0-RC3 #1
r228280: Mon Dec 5 18:40:33 PST 2011
[email protected]:/usr/obj/storage/fbsd-sources/9.0/sys/GENERIC amd64
>Description:
When specifying multiple hostnames on a filter line in
/etc/syslog.conf, syslogd seems to not correctly log syslog messages sent from
the listed hosts (or at least the first-listed). As an example, here is a
snippet of the syslog.conf file as configured (and working) on FreeBSD 8.2 i386.
=== syslog.conf snip ===
+shawshank-1.ply.claimlynx.com,shawshank-2.ply.claimlynx.com
!wan_checker
*.* /var/log/wan_checker.log
+*
!*
=== end snip ===
I recently rebuilt this host, using 9.0-RC3 amd64 (fwiw, PC-BSD install media).
I restored the syslog.conf file directly from backups, but with 9.0, messages
that correspond to this combination of host/prog filters are never logged to
the file. When running syslogd manually with debugging, I get the following
output. It appears that the message is received from the remote host, but not
written to the log file.
=== debug output ===
cvthname(10.0.0.252)
validate: dgram from IP 10.0.0.252, port 514, name
shawshank-1.ply.claimlynx.com;
accepted in rule 0.
logmsg: pri 206, flags 0, from shawshank-1, msg Dec 20 12:57:38
wan_checker[35617]: WAN checking loop wakes up at Tue Dec 20 12:57:38 2011
=== end debug ====
>How-To-Repeat:
Add multiple hostnames to a filter, per the syntax in syslog.conf(5).
>Fix:
By rewriting syslog.conf to avoid multiple host filters, syslogd seems to
content to do the right thing. The configuration snippet from the Description
has been rewritten like so.
=== syslog.conf snip ===
!wan_checker
+shawshank-2.ply.claimlynx.com
*.* /var/log/wan_checker.log
+*
+shawshank-1.ply.claimlynx.com
*.* /var/log/wan_checker.log
+*
!*
=== end snip ===
This results in a successful write to the log file
=== debug output ===
cvthname(10.0.0.252)
validate: dgram from IP 10.0.0.252, port 514, name
shawshank-1.ply.claimlynx.com;
accepted in rule 0.
logmsg: pri 206, flags 0, from shawshank-1, msg Dec 20 13:04:20
wan_checker[35617]: WAN checking loop wakes up at Tue Dec 20 13:04:20 2011
Logging to FILE /var/log/wan_checker.log
=== end debug ===
>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
