[syslog-ng] Spoofing SRC of forwarded syslog

[Balazs Scheidler]

On Mon, 2010-03-22 at 15:43 -0700, AM M84 wrote:
> I should also add that the original source IP is in the payload of the
> message.

no without changing the source code. with that it might be possible.
(you'd have to change the IP address stored in logmsg->saddr somewhere
along the path).

With the newly announced (but not yet integrated plugins branch),
something like this would become easily doable.

-- 
Bazsi