[syslog-ng] Syslog-ng and tcpd

Liam Kirsher liamk at numenet.com
Tue Mar 24 20:35:32 CET 2009


Hi --

I'm noticing lot's of these in the /var/log/messages file:

> Mar 24 15:16:07 domU-12-31-39-00-09-F2 syslog-ng[25138]: warning:
> /etc/hosts.allow, line 17: host name/name mismatch:
> ec2-67-202-53-122.compute-1.amazonaws.com !=
> domU-12-31-35-00-04-A1.z-2.compute-1.internal
> Mar 24 15:16:07 domU-12-31-39-00-09-F2 syslog-ng[25138]: Syslog
> connection rejected by tcpd; from='AF_INET(67.202.53.122:48703)'
> Mar 24 15:16:17 domU-12-31-39-00-09-F2 syslog-ng[25138]: Syslog
> connection accepted; fd='22', client='AF_INET(67.202.53.122:48187)',
> local='AF_INET(0.0.0.0:5000)' 
Apparently, access is being denied, as it should be.  It's just a little
disconcerting to see the "connection accepted" message after it has been
rejected.
> telnet this.domain.com 5000
> Trying 171.122.232.186...
> Connected to this.domain.com.
> Escape character is '^]'.
> Connection closed by foreign host.
Is this the expected behavior?
Is there some way to prevent all these messages from showing up in the
log file?

Liam

-- 
Liam Kirsher
PGP: http://liam.numenet.com/pgp/



More information about the syslog-ng mailing list