localport binding...still not working.
I'm trying to get syslog-ng (1.5.20) to use 514 as its source port when using the udp destination driver as follows:
<<Following taken from my syslog-ng.conf>>
source s_sys { unix-stream("/dev/log"); internal(); }; destination d_syslog { udp("192.168.0.2" destport(514) localport(514)); }; log { source(s_src); destination(d_syslog); };
but it always seems to send the syslog udp datagrams using the next available non-privileged port as its source (>1024). I'm running as root (on RedHat 7.3) and syslogd is not running. Syslog-ng doesn't choke on the config, so I'm assuming its not a syntax problem, but I just can't seem to get it to use 514 as its source port?! Does anyone have any ideas what I may be doing wrong here? Or is it just silently ignoring my request to use port 514?
As it seems the docs is buggy, Robert is right. The bug lies in libol, it only binds the local socket if the local address is defined. So there are two solutions:
* supply localip as well as localport * apply this patch to libol, and recompile
diff -u -r1.26 -r1.28 --- io.c 11 Oct 2001 18:25:14 -0000 1.26 +++ io.c 16 Sep 2002 08:23:22 -0000 1.28 @@ -829,9 +834,9 @@ memcpy(sa, &a->sa, sizeof(a->sa)); return 1; } - if (a->ip && !tcp_addr(in, - a->ip->length, a->ip->data, - a->port)) + if (tcp_addr(in, + a ? a->ip->length : 7, a ? a->ip->data : "0.0.0.0", + a->port)) return 0; else if (!a->ip && !tcp_addr(in, 0, NULL, a->port))
-- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
I tried modifying my syslog-ng.conf as follows: source s_sys { unix-stream("/dev/log"); internal(); }; destination d_syslog { udp("192.168.0.2" destport(514) localip("192.168.0.10") localport(514)); }; log { source(s_src); destination(d_syslog); }; and I'm now getting a segmentation fault. 192.168.0.10 is the IP of the system I'm running on. I also tried 127.0.0.1 as the localip with the same result. Do I have the syntax incorrect? Syslog-ng didn't complain. I also tried the patch, but not being really strong in C/C++ I may have messed something up. I applied the patch, and now make errors out: make_class <io.c > io.c.xt /bin/sh: /home/src/syslog-ng/libol-0.3.3/utils/make_class: \: bad interpreter: No such file or directory make[1]: ***[io.c.x]: Error 126 make[1]: Leaving directory '/home/src/syslog-ng/libol-0.3.3/src` make{[1]: *** [all-recursive] Error 1 Any suggestions? I can live with syslog-ng binding to whatever source port, but I'd have to open up my router access lists a little more than I would like.
On Mon, Sep 16, 2002 at 10:43:15PM -0400, Robert D. Beal wrote:
I also tried the patch, but not being really strong in C/C++ I may have messed something up. I applied the patch, and now make errors out:
make_class <io.c > io.c.xt /bin/sh: /home/src/syslog-ng/libol-0.3.3/utils/make_class: \: bad interpreter: No such file or directory make[1]: ***[io.c.x]: Error 126 make[1]: Leaving directory '/home/src/syslog-ng/libol-0.3.3/src` make{[1]: *** [all-recursive] Error 1
Any suggestions? I can live with syslog-ng binding to whatever source port, but I'd have to open up my router access lists a little more than I would like.
This comes from a missing scheme interpreter, touch io.c.x or install scsh. http://www.campin.net/syslog-ng/faq.html#scheme -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the From field.
participants (2)
-
Nate Campi
-
Robert D. Beal