[syslog-ng] compression during tls

thejaguar at tutanota.de thejaguar at tutanota.de
Mon Aug 15 18:34:01 CEST 2016


Thats fine if its a copy paste mistake and compression is enabled by default. Yes both sides are on tls. No I dont want to disable, rather wanted to make sure network transfers do get compressed.  Except tcpdump , any other method to confirm ?
Thanks for the response. 
Jagshah.
14. Aug 2016 22:54 by balazs.scheidler at balabit.com:


>
> Hmm, I dont know that option, maybe the premium edition team added that and it trickled into the open source documentation. Iirc by default syslog-ng made sure compression happens within tls as long as the other party supports it.
>
> Or you want to disable it?
> On Aug 12, 2016 20:15,  <> thejaguar at tutanota.de> > wrote:
>
>>           
>> Hi all,
>>
>> According to this >> https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/tlsoptions.html
>>
>> Allow-compression() should be a working option under tls.
>>
>> I did google on this a lot and found no config snippetwhich shows allow-compress() to be working and to my surprise when I tried toinclude it in my config I get syntax error ___________________________________________________
>>
>>  
>>
>> 2016-08-11T15:27:19.538347] Registering candidate plugin;module='afsocket', context='source', name='systemd-syslog', preference='100'
>>
>> [2016-08-11T15:27:19.539190] Using /dev/log Unix socketwith systemd is not possible. Changing to systemd-syslog source, which supportssocket activation.; Error parsing afsocket, syntax error, unexpectedLL_IDENTIFIER, expecting ')' in /etc/syslog-ng/syslog-ng.conf at line 27,column 124:
>>
>>  
>>
>> destination d_net_tls { network(">> syslog1.xxxxxxxxx.com>> " port(6514) transport("tls") tls(ca-dir("/etc/syslog-ng/ca") allow-compress(yes)peer-verify(required-trusted) ssl-options(no-sslv3,no-tlsv1) )
>>
>>                                                                                                                                                                                                                       ^^^^^^^^^^^^^^ ___________________________________________________
>>
>> I am using 3.8.0 on ubuntu 15.10.  
>>
>> Is this even really supported as claimed in here >> https://www.balabit.com/network-security/syslog-ng/comparing/detailed
>>
>>  
>>
>> # /usr/sbin/syslog-ng -V
>>
>> syslog-ng 3.8.0beta2
>>
>> Installer-Version: 3.8.0beta2
>>
>> Revision: 3.8.0beta2-1
>>
>> Module-Directory: /usr/lib/syslog-ng/3.8
>>
>> Module-Path: /usr/lib/syslog-ng/3.8
>>
>> Available-Modules:affile,basicfuncs,system-source,cryptofuncs,pseudofile,afuser,csvparser,linux-kmsg-format,confgen,sdjournal,syslogformat,afprog,dbparser,afsocket
>>
>> Enable-Debug: off
>>
>> Enable-GProf: off
>>
>> Enable-Memtrace: off
>>
>> Enable-IPv6: on
>>
>> Enable-Spoof-Source: on
>>
>> Enable-TCP-Wrapper: on
>>
>> Enable-Linux-Caps: off
>>
>>  
>>
>>
>>
>>
>>
>>
>>   
>> ______________________________________________________________________________
>> Member info: >> https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation: >> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: >> http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160815/0ac09571/attachment.htm 


More information about the syslog-ng mailing list