On 2017/09/11 21:27, Alexander Bluhm wrote: > Hi, > > In the default configuration syslogd keeps two *:514 UDP sockets > open. > > udp 0 0 *.514 *.* > udp6 0 0 *.514 *.* > > Several people have asked me why they are in netstat output and > whether it is a security risk. These sockets are used for sending > UDP packets if there is a UDP loghost in syslog.conf. If syslogd > is started with -u, they can receive packets, otherwise they are > disabled with shutdown(SHUT_RD). > > In case we do neither send nor receive, we can close them after > reading the config file. This gives us a cleaner netstat output. > > ok?
ok with me. I have tested that adding a new UDP loghost and reloading syslogd still works.
