[syslog-ng] Syslog-ng not working with tcp_wrappers
Liam Kirsher
liamk at numenet.com
Thu Mar 12 21:40:35 CET 2009
Syslog-ng doesn't seem to be respecting tcp_wrappers security.
I compiled syslog-ng (v. 3) with
$ ./configure --sysconfdir=/etc/syslog-ng/ --enable-tcp-wrapper --
enable-sql --enable-dynamic-linking
Although, I do notice this warning in config.log:
configure:7282: gcc -o conftest -g -O2 -Wall conftest.c -lwrap >&5
conftest.c: In function 'main':
conftest.c:43: warning: control reaches end of non-void function
configure:7288: $? = 0
configure:7309: result: -lwrap
However, the compile is successful.
My hosts.allow file is:
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
sshd: ALL
#syslog-ng: localhost, p3.mydomain.com, p4.mydomain.com
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
ALL: ALL
Note that the syslog-ng process is commented out, but syslog-ng still
works. Apparently, it's not checking the hosts.* files.
Any idea ?
Liam
More information about the syslog-ng
mailing list