[syslog-ng] Re: syslog-ng stops listen to UDP after "nmap -sU"?

Balazs Scheidler bazsi@balabit.hu
Thu, 17 Feb 2000 20:32:49 +0100

> > Everything worked fine until I decided to portscan the syslog server.
> > When I did a UDP scan, syslog-ng stopped logging. This is what happens:
> > *) I execute "nmap -p 514 -sU xxx.yyy.zzz.www" on a Linux box
> Using options "-v" and "-d", I catch the following:
>   Read EOF on fd 3.
>   Marking fd 3 for closing.
>   Closing fd 3.
> It appears that libol is the culprit here. It assumes that a returned
> read length of 0 means end of file, as when reading from a file or
> a TCP connection.

This should be fixed in libol 0.2.15 and syslog-ng 1.3.16. I didn't backport
the fix to 1.2.4 (which I've just released), because it's not trivial.

I've fixed a couple of build fixes, so syslog-ng should build cleanly on the
following systems:

Solaris 2.5.1 or lower (without door support)
Solaris 2.6 or upper (with door support)

I would be grateful if you could check this.

PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
     url: http://www.balabit.hu/pgpkey.txt