On 05/22/2013 06:39 PM, Ted Unangst wrote:
On Wed, May 22, 2013 at 12:06, Gregory Edigarov wrote:
works for me, with only one limitation: now only for resolvable hosts, i.e
one cannot have
+192.168.2.1
* /some/file
Looking at the diff, I think it's not resolvable hosts, but whatever
hostname the sending machine decides to tell you?
no, it is really a resolvable hosts.
works correctly with name in /etc/hosts.
My first thought is that we shouldn't rely on that, and syslogd should
refuse requests entirely from servers it doesn't like. My second
thought is that's what pf is for and spoofing syslog entries is
already pretty easy, so this is fine, but it needs to be documented as
such.
--
With best regards,
Gregory Edigarov
