[syslog-ng]localport binding...still not working.

Robert D. Beal rdbeal@bellatlantic.net
Mon, 16 Sep 2002 22:43:15 -0400 

>>I'm trying to get syslog-ng (1.5.20) to use 514 as its source port when
>>using the udp destination driver as follows:
>>
>>    <<Following taken from my syslog-ng.conf>>
>>
>>      source s_sys { unix-stream("/dev/log"); internal(); };
>>      destination d_syslog { udp("192.168.0.2" destport(514) 
>> localport(514)); };
>>      log { source(s_src); destination(d_syslog); };
>>
>>but it always seems to send the syslog udp datagrams using the next
>>available non-privileged port as its source (>1024).  I'm running as root
>>(on RedHat 7.3) and syslogd is not running.  Syslog-ng doesn't choke on the
>>config, so I'm assuming its not a syntax problem, but I just can't seem to
>>get it to use 514 as its source port?!   Does anyone have any ideas what I
>>may be doing wrong here?  Or is it just silently ignoring my request to use
>>port 514?
>
>As it seems the docs is buggy, Robert is  right. The bug lies in libol, it
>only binds the local socket if the local address is defined. So there are
>two solutions:
>
>* supply localip as well as localport
>* apply this patch to libol, and recompile
>
>
>diff -u -r1.26 -r1.28
>--- io.c        11 Oct 2001 18:25:14 -0000      1.26
>+++ io.c        16 Sep 2002 08:23:22 -0000      1.28
>@@ -829,9 +834,9 @@
>                 memcpy(sa, &a->sa, sizeof(a->sa));
>                 return 1;
>         }
>-       if (a->ip && !tcp_addr(in,
>-                               a->ip->length, a->ip->data,
>-                               a->port))
>+       if (tcp_addr(in,
>+                    a ? a->ip->length : 7, a ? a->ip->data : "0.0.0.0",
>+                    a->port))
>                 return 0;
>         else
>                 if (!a->ip && !tcp_addr(in, 0, NULL, a->port))
>
>
>--
>Bazsi
>PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1


I tried modifying my syslog-ng.conf as follows:

    source s_sys { unix-stream("/dev/log"); internal(); };
    destination d_syslog { udp("192.168.0.2" destport(514)
      localip("192.168.0.10") localport(514)); };

    log { source(s_src); destination(d_syslog); };

and I'm now getting a segmentation fault.  192.168.0.10 is the IP of the 
system I'm running on.  I also tried 127.0.0.1 as the localip with the same 
result.  Do I have the syntax incorrect?  Syslog-ng didn't complain.


I also tried the patch, but not being really strong in C/C++ I may have 
messed something up.  I applied the patch, and now make errors out:

make_class <io.c > io.c.xt
/bin/sh: /home/src/syslog-ng/libol-0.3.3/utils/make_class: \: bad 
interpreter: No such file or directory
make[1]: ***[io.c.x]: Error 126
make[1]: Leaving directory '/home/src/syslog-ng/libol-0.3.3/src`
make{[1]: *** [all-recursive] Error 1

Any suggestions?  I can live with syslog-ng binding to whatever source 
port, but I'd have to open up my router access lists a little more than I 
would like.