[syslog-ng]chain_hostname(yes) complicates use of $HOST
John A. Parker
jap54@cornell.edu
Wed, 20 Sep 2000 07:30:07 -0400
--=====================_76184069==_.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed
In order to get around the problem I mentioned earlier with messages being
logged to the $HOST (s) "Message" and "last", I altered the sources.c file
do_add_source_name subroutine lines from:
if (logmsg->host)
logmsg->host =
c_format("%fS/%fS",
logmsg->host, name);
to:
if (logmsg->host)
logmsg->host =
c_format("%fS/%fS",
name, logmsg->host);
After making this change (swapping name and logmsg->host arguments),
messages that used to look like:
Sep 20 02:08:22 Message/aaaa.bbbb.cornell.edu forwarded from aaaa:
sshd[40128]: log: ...
Now appear as:
Sep 20 02:08:22 aaaa.bbbb.cornell.edu/Message forwarded from aaaa:
sshd[40128]: log: ...
(To be honest, I think the second format looks better anyway.)
I actually changed (simplified) the entire do_add_source_name subroutine
chain_hostnames block in accordance with our needs. I'm including below the
patch I generated to show how that code now looks.
*** sources.c Tue Aug 22 04:44:55 2000
--- sources.c.new Wed Sep 20 06:25:53 2000
***************
*** 198,223 ****
name = get_source_hostname(logmsg->saddr,
self->use_dns, self->use_fqdn);
if (self->chain_hostnames) {
! if (logmsg->flags & LF_LOCAL) {
! /* local */
! ol_string_free(logmsg->host);
! logmsg->host = c_format("%S@%fS",
! self->name, name);
! }
! else if (!logmsg->host) {
! /* remote && no hostname */
! logmsg->host = c_format("%S/%fS", name, name);
! }
! else {
! /* everything else, append source hostname */
! if (logmsg->host)
! logmsg->host =
! c_format("%fS/%fS",
! logmsg->host, name);
! else
! logmsg->host =
! c_format("%fS", name);
! }
}
else {
ol_string_free(logmsg->host);
--- 198,208 ----
name = get_source_hostname(logmsg->saddr,
self->use_dns, self->use_fqdn);
if (self->chain_hostnames) {
! if (logmsg->host)
! logmsg->host = c_format("%fS/%fS",
! name, logmsg->host);
! else
! logmsg->host = c_format("%fS", name);
}
else {
ol_string_free(logmsg->host);
---
John A. Parker Senior Programmer/Analyst - AIX Cornell University
jap54@cornell.edu 607-255-9356 607-255-8521 (Fax)
--=====================_76184069==_.ALT
Content-Type: text/html; charset="us-ascii"
In order to get around the problem I mentioned earlier with messages
being logged to the $HOST (s) "Message" and
"last", I altered the sources.c file
do_add_source_name subroutine lines from:
if (logmsg->host)
logmsg->host =
c_format("%fS/%fS",
logmsg->host, name);
to:
if (logmsg->host)
logmsg->host =
c_format("%fS/%fS",
name, logmsg->host);
After making this change (swapping name and
logmsg->host arguments), messages that used to look
like:
Sep 20 02:08:22
Message/aaaa.bbbb.cornell.edu forwarded from aaaa: sshd[40128]: log:
...
Now appear as:
Sep 20 02:08:22
aaaa.bbbb.cornell.edu/Message forwarded from aaaa: sshd[40128]: log:
...
(To be honest, I think the second format looks better
anyway.)
I actually changed (simplified) the entire do_add_source_name
subroutine chain_hostnames block in accordance with our needs. I'm
including below the patch I generated to show how that code now
looks.
*** sources.c Tue Aug 22
04:44:55 2000
--- sources.c.new Wed Sep 20 06:25:53
2000
***************
*** 198,223 ****
name = get_source_hostname(logmsg->saddr,
self->use_dns, self->use_fqdn);
if (self->chain_hostnames) {
!
if (logmsg->flags & LF_LOCAL) {
!
/* local */
!
ol_string_free(logmsg->host);
!
logmsg->host = c_format("%S@%fS",
!
self->name, name);
!
}
!
else if (!logmsg->host) {
!
/* remote && no hostname */
!
logmsg->host = c_format("%S/%fS", name, name);
!
}
!
else {
!
/* everything else, append source hostname */
!
if (logmsg->host)
!
logmsg->host =
!
c_format("%fS/%fS",
!
logmsg->host, name);
!
else
!
logmsg->host =
!
c_format("%fS", name);
!
}
}
else {
ol_string_free(logmsg->host);
--- 198,208 ----
name = get_source_hostname(logmsg->saddr,
self->use_dns, self->use_fqdn);
if (self->chain_hostnames) {
!
if (logmsg->host)
!
logmsg->host = c_format("%fS/%fS",
!
name, logmsg->host);
!
else
!
logmsg->host = c_format("%fS", name);
}
else {
ol_string_free(logmsg->host);
---
John A. Parker Senior
Programmer/Analyst - AIX Cornell
University
jap54@cornell.edu 607-255-9356 607-255-8521 (Fax)
--=====================_76184069==_.ALT--