program destination prob ?
hy! i'm using syslog-ng to send remote log messages over an stunnel to a log server. everything's running quite fine, besides one little problem i have.. i'm starting the stunnel with program("/usr/sbin/stunnel -r 192.168.3.125:6543 -c"); when the stunnel is killed or quits because of a bad connection, syslog-ng doesn't even bother 'bout trying to restart it. is that a wanted behaviour and, or, is there a way to gat syslog-ng to respawn processes called with program() ? thx, thomas
On Fri, Apr 19, 2002 at 12:05:34PM +0200, Thomas Ackermann wrote:
hy! i'm using syslog-ng to send remote log messages over an stunnel to a log server. everything's running quite fine, besides one little problem i have..
i'm starting the stunnel with program("/usr/sbin/stunnel -r 192.168.3.125:6543 -c");
when the stunnel is killed or quits because of a bad connection, syslog-ng doesn't even bother 'bout trying to restart it. is that a wanted behaviour and, or, is there a way to gat syslog-ng to respawn processes called with program() ?
no, currently this is the intended behaviour. try running a wrapper script around stunnel, which restarts it if necessary. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
On Fri, Apr 19, 2002 at 12:05:34PM +0200, Thomas Ackermann wrote:
when the stunnel is killed or quits because of a bad connection, syslog-ng doesn't even bother 'bout trying to restart it. is that a wanted behaviour and, or, is there a way to gat syslog-ng to respawn processes called with program() ?
Run stunnel from inetd on your clients and servers. Let the inetd super-server worry about keeping the connection up. You won't have to create any special wrapper scripts or worry about PID's. We used to do this to provide SSL-ified POP/IMAP access before these daemons started to incorporate the SSL layer natively. -- Chad Walstrom <chewie@wookimus.net> | a.k.a. ^chewie http://www.wookimus.net/ | s.k.a. gunnarr
thx, solved that thing already, a little diffrent.. i'm using bernsteins supervise now to keep the stunnel running, stunnel is started with -d localport -r remote log server:port on the client and the syslog-ng logs into tcp(localhost,localport).. regards, thomas
Chad Walstrom on Fri, Apr 19, 2002 at 10:40:11AM -0500: Hi,
Run stunnel from inetd on your clients and servers. Let the inetd super-server worry about keeping the connection up. You won't have to create any special wrapper scripts or worry about PID's. We used to do this to provide SSL-ified POP/IMAP access before these daemons started to incorporate the SSL layer natively.
you could also run stunnel standalone (from /etc/rc or init-scripts), doing something like: client: stunnel -c -d localhost:514 -r loghost:8514 server: stunnel -d 8514 -r localhost:514 Then make syslog-ng on the server listen on localhost:514 only and make syslog-ng on the clients log to localhost:514. I don't want things that should be running all the time started from inetd. If you really want to keep it minimal, you could check if there is a option in stunnel not to start it in the background, and then run it from inittab with "respawn" :) Regards, -- ____ ____ / _/| - > Gregor Binder <gb@(rootnexus.net|sysfive.com)> | / || _\ \ \__ Id: 0xE2F31C4B Fp: 8B8A 5CE3 B79B FBF1 5518 8871 0EFB AFA3 E2F3 1C4B
participants (4)
-
Balazs Scheidler
-
Chad Walstrom
-
Gregor Binder
-
Thomas Ackermann