[syslog-ng] Syslog-NG and STunnel
Wolfram Schlich
lists at wolfram.schlich.org
Wed Jun 21 01:47:01 CEST 2006
I'm currently trying out this setup:
- logserver at home, connected via ADSL with a fixed IPv4 subnet
- IP address: 192.168.0.1
- syslog-ng listening on 127.0.0.1:514 TCP
- stunnel listening on 192.168.0.1:514 TCP and connecting to 127.0.0.1:514 TCP
- logclient at a remote datacenter
- IP address: 172.16.0.1
- syslog-ng delivering to 127.0.0.1:514 TCP
- stunnel listening on 127.0.0.1:514 TCP and connecting to 192.168.0.1:514 TCP
Here are the STunnel configs:
--8<--[ stunnel.conf on logserver (excluding cert/key stuff) ]--8<--
[syslog-ng]
client = no
accept = 192.168.0.1:514
local = 127.0.0.1
connect = 127.0.0.1:514
--8<--
--8<--[ stunnel.conf on logclient (excluding cert/key stuff) ]--8<--
[syslog-ng]
client = yes
accept = 127.0.0.1:514
local = 172.16.0.1
connect = 192.168.0.1:514
--8<--
This works fine so far, logs are sent over the encrypted tunnel without problems.
Except one situation: the STunnel or Syslog-NG itself on the logserver goes down.
Then this happens on the logclient:
--8<--
syslog-ng[30119]: EOF occurred while idle; fd='33'
--8<--
There are *lots* of those messages, like 20 per second.
Is it possible to prevent Syslog-NG of creating such messages?
--
Wolfram Schlich
More information about the syslog-ng
mailing list