[syslog-ng] Re: syslog-ng stops listen to UDP after "nmap -sU"?
Balazs Scheidler
bazsi@balabit.hu
Thu, 17 Feb 2000 20:32:49 +0100
> > Everything worked fine until I decided to portscan the syslog server.
> > When I did a UDP scan, syslog-ng stopped logging. This is what happens:
>
> > *) I execute "nmap -p 514 -sU xxx.yyy.zzz.www" on a Linux box
>
> Using options "-v" and "-d", I catch the following:
>
> Read EOF on fd 3.
> Marking fd 3 for closing.
> Closing fd 3.
>
> It appears that libol is the culprit here. It assumes that a returned
> read length of 0 means end of file, as when reading from a file or
> a TCP connection.
This should be fixed in libol 0.2.15 and syslog-ng 1.3.16. I didn't backport
the fix to 1.2.4 (which I've just released), because it's not trivial.
I've fixed a couple of build fixes, so syslog-ng should build cleanly on the
following systems:
Solaris 2.5.1 or lower (without door support)
Solaris 2.6 or upper (with door support)
Linux
BSD
I would be grateful if you could check this.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
url: http://www.balabit.hu/pgpkey.txt