Date: Mon, 7 Apr 1997 13:07:17 -0700 (MST) From: Terry Lambert <terry@lambert.org> To: brian@awfulhak.org (Brian Somers) Cc: terry@lambert.org, brian@awfulhak.org, brian@utell.co.uk, freebsd-hackers@FreeBSD.org Subject: Re: syslogd watching other machine(s) Message-ID: <199704072007.NAA01953@phaeton.artisoft.com> In-Reply-To: <199704071919.UAA13161@awfulhak.demon.co.uk> from "Brian Somers" at Apr 7, 97 08:19:51 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Why are messages that come in from a non-local source being resent? > > > > If a machine is the loghost for another machine, it should not be > > permitted to delegate. > > Maybe not, but as it does, we can't "undo" that ability. What if > someone is using this "feature" as an ability to proxy syslog messages ? What if they do? Then they will need 'n' daemons for 'n' machines for your "cluster notification" scenario. Eventually, you run out of ports. 8-|. One quick way that will work for linear forward delegation and single tier clustering would be to disallow repeating to the sender, but not otherwise. Multitier clusters and circular forward delegation would still run into "loop with hopcoung >= 2" problems. Maybe a better fix would be to deal with "multicast" issues using "multicast" technology instead of kludges? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704072007.NAA01953>