2014-12-04 13:43 GMT+01:00 Muhammad Asif <[email protected]>:
> Hi Sir,
>
> when I debug client rsyslog with the following command #rsyslogd -dn
> >rsyslog.stdout.log 2>rsyslog.stderr.log
> It get stuck and I am to cancel it and when i open file rsyslog.stderr.log,
> I found the following line.
> rsyslogd: Could not create tcp listener, ignoring port 514. How can i
> solve it and is it the reason of not sending logs on tls.
>
514 is a well-defined port, so you need root privileges to listen on it. If
your input is primarily via UDP, this can be the reason you don't see any
messages. For testing, simply do
$ sudo rsyslogd ...
HTH
Rainer
>
> Configuration on Client.
> module (load=omrelp)
> action(type="omrelp" target="Server-IP" port="10514" tls="on"
> tls.caCert="/etc/rsyslog.d/cacert.pem"
> tls.myCert="/etc/rsyslog.d/clientcert.pem"
> tls.myPrivKey="/etc/rsyslog.d/clientkey.pem"
> tls.authmode="name"
> tls.permittedpeer=["Server-IP"]
> )
>
> Configuration on Server
>
> module(load="imrelp" ruleset="relp")
>
> input(type="imrelp" port="10514" tls="on"
> tls.caCert="/etc/rsyslog.d/cacert.pem"
> tls.myCert="/etc/rsyslog.d/loggercert.pem"
> tls.myPrivKey="/etc/rsyslog.d/loggerkey.pem"
> tls.authMode="name"
> tls.permittedpeer=["Client-IP"] #That/those common names of the machines
> )
>
> ruleset (name="relp") {
> action(type="omfile" file="/var/log/relp.log")
> }
>
>
>
>
>
> On Thu, Dec 4, 2014 at 4:57 PM, Muhammad Asif <[email protected]>
> wrote:
>
> > Hi,
> >
> > I have solved this issue but now problem is that client rsyslog is not
> > sending anything to server on tls. While logs are being sent on udp 514
> > port. Firewall's ports are open on server. Where problem can be.
> >
> > On Thu, Dec 4, 2014 at 4:15 PM, Muhammad Asif <[email protected]>
> > wrote:
> >
> >> Hi Sir,
> >>
> >> To avoid previous issues, I have installed Ubuntu 14.4 server and
> >> configure relp on tls but i am facing another problem. Can you guide
> where
> >> i am wrong.
> >> Dec 4 16:08:57 logger rsyslogd-2353: imrelp[10514]: error 'TLS
> handshake
> >> failed [gnutls error -15: An unexpected TLS packet was received.]',
> object
> >> 'lstn 10514: conn to clt IP/IP.domain.edu.pk' - input may not work as
> >> intended [try http://www.rsyslog.com/e/2353 ]
> >>
> >> On Wed, Dec 3, 2014 at 3:47 PM, Rainer Gerhards <
> [email protected]
> >> > wrote:
> >>
> >>> I line 784 it tells you that the
> gnutls_certificate_set_verify_function()
> >>> is not available, which means GnuTLS is too old. This function is
> needed
> >>> to
> >>> turn on TLS authentication.
> >>>
> >>> Maybe you have just messed up the install locations for your
> components?
> >>>
> >>> Rainer
> >>>
> >>> 2014-12-03 10:36 GMT+01:00 Muhammad Asif <[email protected]>:
> >>>
> >>> > I am really sorry for inconvenience sir. I could not paste link in
> >>> haste.
> >>> > Please have a look on config.log produced by running ./configure
> >>> > --enable-tls . Thanks
> >>> >
> >>> > http://pastebin.com/ccEiVHA4
> >>> >
> >>> > On Wed, Dec 3, 2014 at 10:05 AM, David Lang <[email protected]> wrote:
> >>> >
> >>> > > I'm assuming that there was supposed to be an attachment that the
> >>> list
> >>> > > filtered out. Either send it to Rainer directly or put it on
> >>> pastebin or
> >>> > > something like that.
> >>> > >
> >>> > > David Lang
> >>> > >
> >>> > > On Wed, 3 Dec 2014, Muhammad Asif wrote:
> >>> > >
> >>> > > Dear Sir,
> >>> > >>
> >>> > >> Please have a look on config.log produced by running ./configure
> >>> > >> --enable-tls . Thanks
> >>> > >>
> >>> > >> On Tue, Dec 2, 2014 at 10:36 PM, Rainer Gerhards <
> >>> > >> [email protected]>
> >>> > >> wrote:
> >>> > >>
> >>> > >> 2014-12-02 15:15 GMT+01:00 Muhammad Asif <[email protected]>:
> >>> > >>>
> >>> > >>> Hi Sir,
> >>> > >>>>
> >>> > >>>> I build librelp 1.2.7 with --enable-tls and --disable-tls but no
> >>> to
> >>> > >>>>
> >>> > >>> avail.
> >>> > >>>
> >>> > >>>> Problem is there. What is the recommended way for buillding
> >>> librelp.
> >>> > >>>>
> >>> > >>>>
> >>> > >>> I would expect that the problem is that GnuTLS is not properly
> >>> > detected.
> >>> > >>> Can you post (probably via a github gist or pastbin or...) a copy
> >>> of
> >>> > your
> >>> > >>> config.log after the librelp ./configure --enable-tls run.
> >>> > >>>
> >>> > >>> Rainer
> >>> > >>>
> >>> > >>>
> >>> > >>> _______________________________________________
> >>> > > rsyslog mailing list
> >>> > > http://lists.adiscon.net/mailman/listinfo/rsyslog
> >>> > > http://www.rsyslog.com/professional-services/
> >>> > > What's up with rsyslog? Follow https://twitter.com/rgerhards
> >>> > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
> >>> myriad
> >>> > > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
> >>> you
> >>> > > DON'T LIKE THAT.
> >>> > >
> >>> > _______________________________________________
> >>> > rsyslog mailing list
> >>> > http://lists.adiscon.net/mailman/listinfo/rsyslog
> >>> > http://www.rsyslog.com/professional-services/
> >>> > What's up with rsyslog? Follow https://twitter.com/rgerhards
> >>> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
> >>> myriad
> >>> > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
> you
> >>> > DON'T LIKE THAT.
> >>> >
> >>> _______________________________________________
> >>> rsyslog mailing list
> >>> http://lists.adiscon.net/mailman/listinfo/rsyslog
> >>> http://www.rsyslog.com/professional-services/
> >>> What's up with rsyslog? Follow https://twitter.com/rgerhards
> >>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
> myriad
> >>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
> >>> DON'T LIKE THAT.
> >>>
> >>
> >>
> >
> _______________________________________________
> rsyslog mailing list
> http://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com/professional-services/
> What's up with rsyslog? Follow https://twitter.com/rgerhards
> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
> DON'T LIKE THAT.
>
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
