A few suggestions for /etc/syslog.conf:
* no differentiation between whitespace (tab, space),
* no 20 line limit (this one's a no-brianer),
* default location remains /etc/syslog.conf,
* adopt syslog.conf format similar to named.conf:
options {
listen-on { 127.0.0.1; 192.168.1.1; };
allow-source { 10.8.7/24; 192.168.1.2; };
mark-interval 600;
# directory /var/log; # default
# pid-file /var/run/syslogd.pid; # default
};
facility {
kern { 1-10 kern.messages;
user root; # default
group sysadmin;
perm 640; # default
1 /dev/console; 10 @loghost1; 10 @loghost2;
};
daemon { 10 deamon.messages; };
user { 1 user.messages; };
# ...
};
crypto {
ssl {
require-from { 10.8.7/24; };
allow-from { any; };
};
};
none {
allow-from { 192.168.1/24; };
};
keys {
public { keys/syslog_key.pub;
user 0; group 0; mode 644; };
private { keys/syslog_key;
user 0; group 0; mode 600; };
remote keys/remote_keys;
};
#...
--
Roger Marquis
Roble Systems Consulting
http://www.roble.com/
