On Sun, 2010-05-16 at 19:23 +0000, Robin H. Johnson wrote:

The comparison table: http://www.balabit.com/network-security/syslog-ng/comparing/detailed/

Lists: "Support for network link compression when using TLS" But I can't find it in the OSE at all.

There are NO calls to the OpenSSL COMP* functions, nor any usage of compression functions that I can find.

openssl uses compression if TLSv1 is negotiated by default. The bad thing my last tests showed that it doesn't really help bandwidth wise. But if you look at the unencrypted part of the TLS handshake with ethereal (wireshark) you can see that compression gets enabled. In fact this line got added to the source because if SSLv2 fallback is enabled compression doesn't get enabled during the TLS handshake. SSL_CTX_set_options(self->ssl_ctx, SSL_OP_NO_SSLv2);

The Flex and Yacc grammar DO include a 'compress' keyword, but data from it is not actually used.

That's right.

I'm looking for some reasonable compression to cut down on network traffic one some Gentoo boxes where there is a very limited upstream network connection. Traffic is about 2.4GiB/day, over a 1Mbit link.

Plain gzip after the fact gets >90% compression, but I'd like the logs in near-realtime to the remote logging destinations (multiple).

I do also realize that we're going to be limited by packet compression, unless we keep some form of running dictionary, but I think even with that, we should get a good size reduction.

This feature is already on the table, but we're not there yet. -- Bazsi