[syslog-ng] Syslog-ng not working with tcp_wrappers
Balazs Scheidler
bazsi at balabit.hu
Fri Mar 13 10:08:44 CET 2009
On Thu, 2009-03-12 at 13:40 -0700, Liam Kirsher wrote:
> Syslog-ng doesn't seem to be respecting tcp_wrappers security.
>
> I compiled syslog-ng (v. 3) with
> $ ./configure --sysconfdir=/etc/syslog-ng/ --enable-tcp-wrapper --
> enable-sql --enable-dynamic-linking
>
> Although, I do notice this warning in config.log:
> configure:7282: gcc -o conftest -g -O2 -Wall conftest.c -lwrap >&5
> conftest.c: In function 'main':
> conftest.c:43: warning: control reaches end of non-void function
> configure:7288: $? = 0
> configure:7309: result: -lwrap
>
> However, the compile is successful.
>
>
> My hosts.allow file is:
> #
> # hosts.allow This file describes the names of the hosts which are
> # allowed to use the local INET services, as decided
> # by the '/usr/sbin/tcpd' server.
> #
> sshd: ALL
> #syslog-ng: localhost, p3.mydomain.com, p4.mydomain.com
>
> #
> # hosts.deny This file describes the names of the hosts which are
> # *not* allowed to use the local INET services, as decided
> # by the '/usr/sbin/tcpd' server.
> ALL: ALL
>
> Note that the syslog-ng process is commented out, but syslog-ng still
> works. Apparently, it's not checking the hosts.* files.
>
> Any idea ?
Well, I haven't tested tcpd support for ages, but after a quick test
with your configuration it works for me:
Syslog connection rejected by tcpd; from='AF_INET(127.0.0.1:53905)'
Do you have ENABLE_TCP_WRAPPER defined in config.h after the configure
run?
Also, please make sure that you have an empty line at the end of the
hosts.allow & hosts.deny files as the last line is not interpreted by
libwrap if it has no NL character at the end.
--
Bazsi
More information about the syslog-ng
mailing list