[syslog-ng]?? Connection broken to AF_INET(127.0.0.1:514),
reopening in 60 seconds
Jens Grigel
syslog-ng@lists.balabit.hu
Tue, 27 Jul 2004 13:23:23 +0200
On Mon, 2004-07-26 at 21:09, seberino@spawar.navy.mil wrote:
> Nate
>
> Thanks for help. Yes stunnel is up. You are right... it is not
> clear if problem is with stunnel or syslog-ng.
>
> Here is my stunnel.conf..
>
> [laptop root /root] # more /etc/stunnel/stunnel.conf
> client = yes
> cert = /etc/stunnel/syslog-ng-client.pem
> CAfile = /etc/stunnel/syslog-ng-server.pem
> verify = 3
> chroot = /usr/local/chrootjails/stunnel
> setuid = nobody
> setgid = nobody
>
> [5140]
> accept = 127.0.0.1:514
> connect = 198.253.71.174:5140
>
>
Hi Christian,
are you sure that stunnel can listen on the privileged port 514 when
running chroot'ed ? I don't remember if stunnel opens the port first and
drops it's rights after that...
Enable loggin of stunnel or try to open the tunnel on a high port e.g.
udp/1514 and set the destination in syslog-ng to localhost:1514
Jens
---
Citysavingsbank Munich
Dep. of Network and Security
Munich, Germany