<HTML xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<HEAD><!-- Template generated by Exclaimer Template Editor on 05:06:23 Thursday, 5 January 2017 -->
<STYLE type=text/css>P.65a27fbb-58eb-4ad4-900b-70776e88a84c {
MARGIN: 0cm 0cm 0pt
}
LI.65a27fbb-58eb-4ad4-900b-70776e88a84c {
MARGIN: 0cm 0cm 0pt
}
DIV.65a27fbb-58eb-4ad4-900b-70776e88a84c {
MARGIN: 0cm 0cm 0pt
}
TABLE.65a27fbb-58eb-4ad4-900b-70776e88a84cTable {
MARGIN: 0cm 0cm 0pt
}
DIV.Section1 {
page: Section1
}
</STYLE>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="Generator" content="Microsoft Word 14 (filtered medium)" />
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</HEAD>
<BODY lang="EN-US" link="blue" vlink="purple">
<P>
<div class="WordSection1">
<p class="MsoNormal"><span style=font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D>Hi, Sorry, to “reopen” an old thread, but theoretically syslog-ng would be able to use tls with udp connections.<o:p></o:p></span></p>
<p class="MsoNormal"><span style=font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D><o:p> </o:p></span></p>
<p class="MsoNormal"><span style=font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D>This is called DTLS and defined in rfc4347. And openssl also support it. (But that is right, that syslog-ng currently does no support it.)<o:p></o:p></span></p>
<p class="MsoNormal"><span style=font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style=font-size:10.0pt;font-family:"Tahoma","sans-serif">From:</span></b><span style=font-size:10.0pt;font-family:"Tahoma","sans-serif"> syslog-ng [mailto:syslog-ng-bounces@lists.balabit.hu]
<b>On Behalf Of </b>Scheidler, Balázs<br />
<b>Sent:</b> Tuesday, November 22, 2016 8:22 PM<br />
<b>To:</b> Syslog-ng users' and developers' mailing list<br />
<b>Subject:</b> Re: [syslog-ng] Enable TLS encryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p>Your conclusion is correct. It cannot.<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On Nov 22, 2016 5:23 PM, "PÁSZTOR György" <<a href="mailto:pasztor@linux.gyakg.u-szeged.hu">pasztor@linux.gyakg.u-szeged.hu</a>> wrote:<o:p></o:p></p>
<p class="MsoNormal" style=margin-bottom:12.0pt>Hi,<br />
<br />
"Scheidler, Balázs" <<a href="mailto:balazs.scheidler@balabit.com">balazs.scheidler@balabit.com</a>> írta 2016-11-22 17:38-kor:<br />
> Thats a completely different matter, OpenVPN has its own tcp-like substrate<br />
> running on top of UDP, and not TLS running on UDP.<br />
<br />
Ah. So, that is openvpn specific?<br />
<br />
I didn't dig into the code. I thought openssl has it's own layer to<br />
establish a "connection" even over udp.<br />
<br />
So the conclusion is that, syslog-ng can not run tls over udp?<br />
<br />
Cheers,<br />
Gyu<br />
______________________________________________________________________________<br />
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" target="_blank">
https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br />
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" target="_blank">
http://www.balabit.com/support/documentation/?product=syslog-ng</a><br />
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><o:p></o:p></p>
</div>
</div>
</div>
</div>
<BR /><BR />
<HR id=HR1 />
<BR /><SPAN style="FONT-SIZE: 7.5pt; FONT-FAMILY: Arial; COLOR: #808080">NOTICE:
Morgan Stanley is not acting as a municipal advisor and the opinions or views
contained herein are not intended to be, and do not constitute, advice within
the meaning of Section 975 of the Dodd-Frank Wall Street Reform and Consumer
Protection Act. If you have received this communication in error, please destroy
all electronic and paper copies and notify the sender immediately.
Mistransmission is not intended to waive confidentiality or privilege. Morgan
Stanley reserves the right, to the extent permitted under applicable law, to
monitor electronic communications. This message is subject to terms available at
the following link: http://www.morganstanley.com/disclaimers If you cannot
access these links, please notify us by reply message and we will send the
contents to you. By communicating with Morgan Stanley you consent to the
foregoing and to the voice recording of conversations with personnel of Morgan
Stanley.</SPAN><BR />
<P></P>
<P></P>
<P></P>
<P></P></P></BODY>
</HTML>