Hi Sir,
when I debug client rsyslog with the following command #rsyslogd -dn
>rsyslog.stdout.log 2>rsyslog.stderr.log
It get stuck and I am to cancel it and when i open file rsyslog.stderr.log,
I found the following line.
rsyslogd: Could not create tcp listener, ignoring port 514. How can i
solve it and is it the reason of not sending logs on tls.
Configuration on Client.
module (load=omrelp)
action(type="omrelp" target="Server-IP" port="10514" tls="on"
tls.caCert="/etc/rsyslog.d/cacert.pem"
tls.myCert="/etc/rsyslog.d/clientcert.pem"
tls.myPrivKey="/etc/rsyslog.d/clientkey.pem"
tls.authmode="name"
tls.permittedpeer=["Server-IP"]
)
Configuration on Server
module(load="imrelp" ruleset="relp")
input(type="imrelp" port="10514" tls="on"
tls.caCert="/etc/rsyslog.d/cacert.pem"
tls.myCert="/etc/rsyslog.d/loggercert.pem"
tls.myPrivKey="/etc/rsyslog.d/loggerkey.pem"
tls.authMode="name"
tls.permittedpeer=["Client-IP"] #That/those common names of the machines
)
ruleset (name="relp") {
action(type="omfile" file="/var/log/relp.log")
}
On Thu, Dec 4, 2014 at 4:57 PM, Muhammad Asif <[email protected]> wrote:
> Hi,
>
> I have solved this issue but now problem is that client rsyslog is not
> sending anything to server on tls. While logs are being sent on udp 514
> port. Firewall's ports are open on server. Where problem can be.
>
> On Thu, Dec 4, 2014 at 4:15 PM, Muhammad Asif <[email protected]>
> wrote:
>
>> Hi Sir,
>>
>> To avoid previous issues, I have installed Ubuntu 14.4 server and
>> configure relp on tls but i am facing another problem. Can you guide where
>> i am wrong.
>> Dec 4 16:08:57 logger rsyslogd-2353: imrelp[10514]: error 'TLS handshake
>> failed [gnutls error -15: An unexpected TLS packet was received.]', object
>> 'lstn 10514: conn to clt IP/IP.domain.edu.pk' - input may not work as
>> intended [try http://www.rsyslog.com/e/2353 ]
>>
>> On Wed, Dec 3, 2014 at 3:47 PM, Rainer Gerhards <[email protected]
>> > wrote:
>>
>>> I line 784 it tells you that the gnutls_certificate_set_verify_function()
>>> is not available, which means GnuTLS is too old. This function is needed
>>> to
>>> turn on TLS authentication.
>>>
>>> Maybe you have just messed up the install locations for your components?
>>>
>>> Rainer
>>>
>>> 2014-12-03 10:36 GMT+01:00 Muhammad Asif <[email protected]>:
>>>
>>> > I am really sorry for inconvenience sir. I could not paste link in
>>> haste.
>>> > Please have a look on config.log produced by running ./configure
>>> > --enable-tls . Thanks
>>> >
>>> > http://pastebin.com/ccEiVHA4
>>> >
>>> > On Wed, Dec 3, 2014 at 10:05 AM, David Lang <[email protected]> wrote:
>>> >
>>> > > I'm assuming that there was supposed to be an attachment that the
>>> list
>>> > > filtered out. Either send it to Rainer directly or put it on
>>> pastebin or
>>> > > something like that.
>>> > >
>>> > > David Lang
>>> > >
>>> > > On Wed, 3 Dec 2014, Muhammad Asif wrote:
>>> > >
>>> > > Dear Sir,
>>> > >>
>>> > >> Please have a look on config.log produced by running ./configure
>>> > >> --enable-tls . Thanks
>>> > >>
>>> > >> On Tue, Dec 2, 2014 at 10:36 PM, Rainer Gerhards <
>>> > >> [email protected]>
>>> > >> wrote:
>>> > >>
>>> > >> 2014-12-02 15:15 GMT+01:00 Muhammad Asif <[email protected]>:
>>> > >>>
>>> > >>> Hi Sir,
>>> > >>>>
>>> > >>>> I build librelp 1.2.7 with --enable-tls and --disable-tls but no
>>> to
>>> > >>>>
>>> > >>> avail.
>>> > >>>
>>> > >>>> Problem is there. What is the recommended way for buillding
>>> librelp.
>>> > >>>>
>>> > >>>>
>>> > >>> I would expect that the problem is that GnuTLS is not properly
>>> > detected.
>>> > >>> Can you post (probably via a github gist or pastbin or...) a copy
>>> of
>>> > your
>>> > >>> config.log after the librelp ./configure --enable-tls run.
>>> > >>>
>>> > >>> Rainer
>>> > >>>
>>> > >>>
>>> > >>> _______________________________________________
>>> > > rsyslog mailing list
>>> > > http://lists.adiscon.net/mailman/listinfo/rsyslog
>>> > > http://www.rsyslog.com/professional-services/
>>> > > What's up with rsyslog? Follow https://twitter.com/rgerhards
>>> > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
>>> myriad
>>> > > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
>>> you
>>> > > DON'T LIKE THAT.
>>> > >
>>> > _______________________________________________
>>> > rsyslog mailing list
>>> > http://lists.adiscon.net/mailman/listinfo/rsyslog
>>> > http://www.rsyslog.com/professional-services/
>>> > What's up with rsyslog? Follow https://twitter.com/rgerhards
>>> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
>>> myriad
>>> > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
>>> > DON'T LIKE THAT.
>>> >
>>> _______________________________________________
>>> rsyslog mailing list
>>> http://lists.adiscon.net/mailman/listinfo/rsyslog
>>> http://www.rsyslog.com/professional-services/
>>> What's up with rsyslog? Follow https://twitter.com/rgerhards
>>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
>>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
>>> DON'T LIKE THAT.
>>>
>>
>>
>
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
