[syslog-ng] inetd/tcp_wrappers and syslog-ng

[Mark D. Roth]

(My apologies in advance if this is off-topic or has been covered
before; I only joined the list last week.)

On Mon Jun 21 21:19 1999 +0200, Balazs Scheidler wrote:
> > Has anyone had any success integrating syslog-ng and inetd and/or
> > tcp_wrappers?  
> > 
> > Running syslog-ng inside of inetd on a linux 2.0.36 box seems to generate
> > unfavorable results.  Each time a remote system reports data to udp 514,
> > the system loads a new instatiation of syslog-ng, until there are
> > literally 50+ copies running parallel.
> > 
> > Any possibility for future support of these services?
> 
> Why do you want to run syslog-ng from inside inetd? syslog-ng is designed to
> run standalone, just as the original native syslogd was.

I think the poster's main point is that it would be nice to use the
TCP Wrapper library to handle access control for network connections
to syslog-ng.  Running syslog-ng from inetd wouldn't be necessary (or
desireable) if the standalone binary supported this.

Using the TCP Wrapper code is as simple as adding a single call to
hosts_ctl() from the appropriate place and linking with -lwrap.  As an
example, here's a quick patch I wrote to an older version of the Linux
sysklogd package to add libwrap support:

   http://www.uiuc.edu/ph/www/roth/projects/sysklogd-1.3-libwrap-patch

For syslog-ng, configure could check for libwrap if it was invoked
with --with-libwrap.  That would make it an easily-selectable
compile-time option.

I'm starting to learn my way around the syslog-ng code at the moment,
but if I have a chance to add this before anyone else gets to it, I'll
send a patch to the list.  I'm looking to add a few other features,
too, but I'll save that for a seperate message... :)

-- 
Mark D. Roth <roth@uiuc.edu>
System Administrator, CCSO Workstation Services Group
http://www.uiuc.edu/ph/www/roth