(My apologies in advance if this is off-topic or has been covered before; I only joined the list last week.) On Mon Jun 21 21:19 1999 +0200, Balazs Scheidler wrote:
Has anyone had any success integrating syslog-ng and inetd and/or tcp_wrappers?
Running syslog-ng inside of inetd on a linux 2.0.36 box seems to generate unfavorable results. Each time a remote system reports data to udp 514, the system loads a new instatiation of syslog-ng, until there are literally 50+ copies running parallel.
Any possibility for future support of these services?
Why do you want to run syslog-ng from inside inetd? syslog-ng is designed to run standalone, just as the original native syslogd was.
I think the poster's main point is that it would be nice to use the TCP Wrapper library to handle access control for network connections to syslog-ng. Running syslog-ng from inetd wouldn't be necessary (or desireable) if the standalone binary supported this. Using the TCP Wrapper code is as simple as adding a single call to hosts_ctl() from the appropriate place and linking with -lwrap. As an example, here's a quick patch I wrote to an older version of the Linux sysklogd package to add libwrap support: http://www.uiuc.edu/ph/www/roth/projects/sysklogd-1.3-libwrap-patch For syslog-ng, configure could check for libwrap if it was invoked with --with-libwrap. That would make it an easily-selectable compile-time option. I'm starting to learn my way around the syslog-ng code at the moment, but if I have a chance to add this before anyone else gets to it, I'll send a patch to the list. I'm looking to add a few other features, too, but I'll save that for a seperate message... :) -- Mark D. Roth <roth@uiuc.edu> System Administrator, CCSO Workstation Services Group http://www.uiuc.edu/ph/www/roth