[syslog-ng]TCP Wrapping Syslog

Brad Arlt arlt@cpsc.ucalgary.ca
Thu, 26 Jul 2001 09:18:15 -0600

On Thu, Jul 26, 2001 at 10:46:37AM -0400, Brian E. Seppanen wrote:
> Does syslog-ng support tcp wrappers such that I could use hosts.allow to
> specify the hosts allowed to write syslog messages to a specific hosts?

I am nearly 100% positive syslog-ng doesn't support TCP Wrappers.  I
would say you would probably be better off firewalling than relying on
TCP Wrappers.  IPFilters, IPChains, or IPTables are free packet filters
that will run under Solaris, Linux, and BSD (IPFilters may work for you if
you are running the right version of IRIX or HP-UX).

> Does anyone no if legally syslog messages are null and void if an
> outside hosts write to a syslog server?

You would typically just drop those messages entirely.  Maybe a log entry
saying "[IP address] sent a n byte message".  "Legal" or not, if you don't
want the message, toss it.
   __o		Bradley Arlt	  Email: arlt@cpsc.ucalgary.ca         o__
 _ \<_				    WWW: www.acs.ucalgary.ca/~bdarlt   _>/ _
(_)/(_)  -Eat well, sleep peacefully, drink lots, and ride like hell. (_)\(_)