Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 19 Aug 2014 10:48:26 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 192827] New: `syslogd -s` listens on 514/udp6
Message-ID:  <bug-192827-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192827

            Bug ID: 192827
           Summary: `syslogd -s` listens on 514/udp6
           Product: Base System
           Version: 10.0-RELEASE
          Hardware: amd64
                OS: Any
            Status: Needs Triage
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: florian.ermisch@alumni.tu-berlin.de

We got a server running 10.0-RELEASE-p7 with rsyslogd (installed via pkg) to 
receive logs via TCP. As rsyslogd failed to log local messages I've disabled 
local logging by rsyslogd and re-enabled syslogd in rc.conf adding '-s' to the 
flags b/c the manpages states:

     -s      Operate in secure mode.  Do not log messages from remote
             machines.  If specified twice, no network socket will be opened
             at all, which also disables logging to remote machines.

user@sysloghost:~% grep syslog /etc/rc.conf
hostname="sysloghost.domain.tld"
syslogd_enable="YES"
syslogd_flags="-s -v -v"
rsyslogd_enable="YES"

A few hours ago I checked on rsyslogd b/c of some monitoring glitch, ran 
`sockstat(1)` and was suprised seeing syslogd listening on 514/udp6:

user@sysloghost:~% sockstat | grep syslog
root     syslogd    68516 4  dgram  /var/run/log
root     syslogd    68516 5  dgram  /var/run/logpriv
root     syslogd    68516 6  udp6   *:514                 *:*  <=========
root     rsyslogd   25668 0  udp4   *:514                 *:*
root     rsyslogd   25668 1  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL1}:47563
root     rsyslogd   25668 3  tcp6   *:514                 *:*
root     rsyslogd   25668 4  tcp4   *:514                 *:*
root     rsyslogd   25668 5  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL2}:41922
root     rsyslogd   25668 7  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL3}:48601
root     rsyslogd   25668 9  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL4}:60310

Right now that's no problem for us as the setup is currently IPv4 only but 
clearly isn't what the manpage states and might cause problems in a similar
setup with IPv6.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-192827-8>