From owner-freebsd-questions  Sun Mar  3 17:54: 0 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from topaz.mdcc.cx (topaz.mdcc.cx [212.204.230.141])
	by hub.freebsd.org (Postfix) with ESMTP id 54AAE37B404
	for <freebsd-questions@freebsd.org>; Sun,  3 Mar 2002 17:53:56 -0800 (PST)
Received: from k7.mavetju.org (topaz.mdcc.cx [212.204.230.141])
	by topaz.mdcc.cx (Postfix) with ESMTP
	id D30602B722; Mon,  4 Mar 2002 02:53:43 +0100 (CET)
Received: by k7.mavetju.org (Postfix, from userid 1001)
	id 860C8302; Mon,  4 Mar 2002 12:53:24 +1100 (EST)
Date: Mon, 4 Mar 2002 12:53:24 +1100
From: Edwin Groothuis <edwin@mavetju.org>
To: "Ronald F. Guilmette" <rfg@monkeys.com>
Cc: freebsd-questions@freebsd.org
Subject: Re: Wanted: syslog-type logging over TCP
Message-ID: <20020304125324.F576@k7.mavetju.org>
Mail-Followup-To: Edwin Groothuis <edwin@mavetju.org>,
	"Ronald F. Guilmette" <rfg@monkeys.com>,
	freebsd-questions@freebsd.org
References: <38808.1015206171@monkeys.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <38808.1015206171@monkeys.com>; from rfg@monkeys.com on Sun, Mar 03, 2002 at 05:42:51PM -0800
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Sun, Mar 03, 2002 at 05:42:51PM -0800, Ronald F. Guilmette wrote:
> 
> 
> I need to move syslog-like log records over a TCP connection, and
> I'm looking for any existing tools that might be useful for doing
> that.  If none exist, I will be forced to write one, or, more
> accurately, a pair of tools (one sender and one receiver).
> 
> Why TCP you ask?
> 
> Well, moving log records by just shoving them out as UDP messages
> is inferior to using TCP for a variety of reasons, but the one
> that I'm most concerned about is the security aspect.  The source
> IP address of UDP packets can be easily spoofed.  It's much harder
> for the data source to spoof like he is somebody else when the
> packets are being sent over a TCP connection... at least if you
> have a good TCP sequence number generation algorithim.
> 
> So if you know of any tools that I might use directly, or leverage
> from, i.e. tools that can send ``single line'' log records from here
> to there using TCP, please write and tell me about those.  (If you
> get snagged by my spam filtering, use http://www.monkeys.com/contact.html.)
> 
> Another (perhaps obvious) requirement:  The program that sends the
> log records has to be reasonably robust in the face of lost connections.
> When and if the connection to the logging host is lost, the sender
> program should make some reasonable efforts to reestablish it.

Try SMTP based email. Lots of overhead, but very reliable.

Edwin, not kidding

-- 
Edwin Groothuis   |              Personal website: http://www.MavEtJu.org
edwin@mavetju.org |           Interested in MUDs? Visit Fatal Dimensions:
------------------+                       http://www.FatalDimensions.org/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message