I like it and all that it is missing is 1) A mechansim of proving delivery receipt - i.e. reliable delivery of syslog information 2) A mechanism of watermarking or timestamping with a reliable time abse so that the records can stand up to evidentiary use model reqyuirements. 3) A uniform Syslog Event Query Interface (XDAS or DOORS compliant would be nice too!). Todd ----- Original Message ----- From: "Gert Menke" <> To: <syslog-ng@lists.balabit.hu> Sent: Saturday, January 19, 2002 4:17 PM Subject: [syslog-ng][PATCH] netmask-filter
Hi everybody,
I have implemented a new filter for syslog-ng. You can now filter log messages based on their sender's IP address like this:
# match a single host filter f_noc21 { netmask("134.130.3.73"); };
# match a whole subnet filter f_noc { netmask("134.130.3.0/255.255.255.0"); };
I'll attach patches for syslog-ng versions 1.4.14 and 1.5.13.
I have also made a small patch that fixes the behaviour of the emulated inet_aton function in utils.c. (It would not work with "255.255.255.255".) On some architectures you need this patch for my netmask-filter to work properly!
Have fun and tell me what you think about it!
Greetings Gert