[syslog-ng]Troubleshooting source spoofing
Balazs Scheidler
syslog-ng@lists.balabit.hu
Tue, 26 Apr 2005 12:46:32 +0200
On Mon, 2005-04-25 at 12:49 -0600, James Franzen wrote:
> I was able to compile syslog-ng with source-spoofing enabled on FreeBSD 5.3
> with no problems but, The traffic is forwarded with my interface IP instead
> of the original source.
>
> I'm using:
> syslog-ng 1.6.7
> libol 0.3.15
> libnet 1.1.2.1
>
> I have done some searching on the web but, I've been unsuccessful in finding
> information on how to troubleshoot source spoofing if it isn't working.
>
> Any information regarding this would be much appriciated.
try ktrace-ing the process, syslog-ng uses libnet to generate packets
and assuming libnet works on your platform it should work for syslog-ng
as well. I suspect there is some compilation/initialization problem and
syslog-ng falls back to using sendto() instead of using libnet to
generate packets.
--
Bazsi