From owner-freebsd-current@freebsd.org Thu Jan 31 07:24:55 2019 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B6C301349E92 for ; Thu, 31 Jan 2019 07:24:55 +0000 (UTC) (envelope-from ohartmann@walstatt.org) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9476D74D8F for ; Thu, 31 Jan 2019 07:24:54 +0000 (UTC) (envelope-from ohartmann@walstatt.org) Received: from freyja ([79.192.175.91]) by mail.gmx.com (mrgmx003 [212.227.17.190]) with ESMTPSA (Nemesis) id 0Me86g-1gVxIJ0XaY-00PxJE for ; Thu, 31 Jan 2019 08:24:45 +0100 Date: Thu, 31 Jan 2019 08:24:38 +0100 From: "O. Hartmann" To: freebsd-current Subject: syslogd: using IPv6 as hostnames results in "IP mismatch" Message-ID: <20190131082420.7724799c@freyja> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:5OacwGPSzrGoeQj+3mXNFkE+wKLBssoWR+k5APIQMvMvn58XBGd zrS/0ZmIizJ4oVPVFw0+CbPV8uRKvanJ2FgDPqV+SMgMseeXnVCHMZGxlnpYE+7LrCwGTQf pAe6oAVCJ/3qtOJFdAxyKyxJ3e7M5ItXs5xaOmmMEKucuxWMYFyxFVfP4kSSRuZ6znwQ6VT PIug5wA/pQ0GLf18p6gBQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:N+BOxCTuxNE=:n9WWj1S6QUxX3bzQCitGb0 XVNCe8xap84DMzNCnmICeeDJxkgaqGWENSR8SxSzRKqLvLjDsp+sn39SqouBp9PWr66xeBKVN IbrZYb4Gg4uK8+Wah65c7rDrK8DRUCkWqEzoLmcBvFBECzWnmIYPypPpN+ZZ46GtfRCFhdGf/ K7LrmFUWO/SvQ86IhepTK+LXgObDM6mPNf98LGtshtE3x/q1hdXcjWPo2Eeb3nw/ZlnqCRYjf sJ59+teaG2hnWajuqB35MhOutVLby5GD9D/g0hNeCmcpj9wJlACU3bx+owAX4s+OSIrUhd1VR Ii9mr6AQn641DIpBPoZSg/ilPOoPjLtzZpdHCDdBnKOynYudedolqqdB7cOf6UqXGSYNO4z/F AD2G4GWNCDAhb0mw3KQiecdz+J2S7gbhrdylYrFVfqOAEMAqf5rgLFiZ81b78vw5J4lG4+E55 Ecin2Hh6D+Wuwr/SCDbUEQzrzop2C0QKB1PdmhTcb9KSLqcjoGQKqo/XRvGTpWGCM9NwbFt5g SheSGIsR1c1HZmDOuFK/X92L1FmKA9NZ+PVo66wzAwd731smkancO0riPdiub3nOkAGYp3+O9 zZMIxgr0Ag/sZmCOHxCxET/VWfw91uYK44CXo5pVCgpZCxGZw7uMqraqXCo/bCxFTJjxdfx+N 8hicitpnkW6+cN4ZdC2PmoTDwwtSMNYlXFKeexGZNAhDBXTl7JAcdtJWJPYbQnfKFgF8EaO2w zaBkpDQZ/m89D8uevMKG/P4Il5to4IDZp3ts7dYymzB2BMIrcUMrK587lcWqMbsqElLL/+9Dd xuiIVbY6sjSJmBqHleSENO1b6mlryYSgAPK4QOVqAByrwtmAKJAGCFURp/Q30pMKmoe0cJhnl QaigYr2h+EjiMURYRJMYmT4YK+f/Us5rfcfwql+VzxjDbTXZIQWccpChQftE8d3aexh70g5fj ea6yDfiTjOg== X-Rspamd-Queue-Id: 9476D74D8F X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [1.64 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RECEIVED_SPAMHAUS_PBL(0.00)[91.175.192.79.zen.spamhaus.org : 127.0.0.10]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.23)[-0.232,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; DMARC_NA(0.00)[walstatt.org]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_MEDIUM(0.58)[0.584,0]; IP_SCORE(-0.35)[ip: (-3.14), ipnet: 212.227.0.0/16(-0.73), asn: 8560(2.11), country: DE(-0.01)]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[mx01.gmx.net,mx00.gmx.net]; NEURAL_SPAM_SHORT(0.35)[0.355,0]; R_SPF_NA(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[15.15.227.212.list.dnswl.org : 127.0.3.1]; R_DKIM_NA(0.00)[]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jan 2019 07:24:56 -0000 Hello out there. I'm using some dual stack installations and I'd like to configure FreeBSD's (CURRENT at the moment) syslogd on a syslog-server to handle incoming loggi= ng messages from remote FBSD boxes (mixed, 11.2, 12.0 and CURRENT). I' facing a very weird situation. Scenario: The server has IPv6 fdff:dead:beef::faaf and IP 192.168.168.200. The test client has IPv6 fdff:dead:beef::aaaa and IP 192.168.168.2. On the syslog server: The syslog server's syslogd is configured as (etc/rc.conf): syslogd -C -v -v -b [fdff:dead:beef::faaf]:514 -b 192.168.168.200:514 \ -a [fdff:dead:beef::]/48:* -a 92.168.168.0/24:* It's /etc/syslog.conf file contains the following line to make syslogd receiving syslog messages from the specified client and log those messages = in a separate file (/usr/local/etc/syslog.d/host_X.conf): +[fdff:dead:beef::aaaa],192.168.168.2 *.* /var/log/hosts/host_a.log On the client (IPv6 fdff:dead:beef::aaaa and IP 192.168.168.2), syslogd (/etc/rc.conf) is configured via syslogd -C -v -v -s and it is configured to log additinaly all messages to the server via /usr/local/etc/syslog.d/logging.conf: *.* @[fdff:dead:beef::faaf] !* I trigger then a log incident on the client via "logger < /dev/random". This scenario doens't work - putting syslogd on the server into debug mode,= via adding option -d, the log message from the client is received, but rejected: [...] # of validation rule: 2 validate: dgram from IP ffdff:dead:beef::aaaa, port 514, name \ fdff:dead:beef::aaaa;=20 rejected in rule 1 due to IP mismatch.=20 rejected in rule 2 due to address family mismatch.=20 Message from fdff:dead:beef::aaaa was ignored.received sa_len =3D 28=20 cvthname(28) len =3D 28=20 cvthname(fdff:dead:beef::aaaa) # of validation rule: 2 While the manpage syslog.onf(5) is specific how to use IPv6 addresses in the "action" field, preceeded by "@", I've no doubt of the ciorrectnes of the client's syntax, *.* @[fdff:dead:beef::faaf]. But it seems ambiguous when it comes to the part of the hostname on the server's side, when prepending the "hostname/program" portion with a "+" wh= en it comes to IPv6. If switching the config on the client to: *.* @192.168.168.200 !* does let syslogd on the server log the message as expected: [...] # of validation rule: 2 validate: dgram from IP 192.168.168.2, port 514, name 192.168.168.2; rejected in rule 1 due to address family mismatch. accepted in rule 2. logmsg: pri 15, flags 0, from 192.168.168.2, msg =EF=BF=BD=EF=BF=BDq^B=C7= =A9=EF=BF=BD^CM-^L =EF=BF=BD*^_B=EF=BF=BD^LM-^A?^L=EF=BF=BDi[^R=EF=BF=BD5QM-^MRLvM-^FA}bM-^Y= =EF=BF=BDF=EF=BF=BD=EF=BF=BD^N=EF=BF=BDC=EF=BF=BDM-^\=EF=BF=BD=EF=BF=BDb=EF= =BF=BD^?=EF=BF=BDNM-^G-=EF=BF=BD=DE=A0=EF=BF=BD=EF=BF=BDM-^[=C6=BE44=EF=BF= =BD=EF=BF=BD^V=EF=BF=BDz=DD=A3}a=EF=BF=BDB=EF=BF=BD'M-^^^G=EF=BF=BDP=EF=BF= =BD=EF=BF=BDg^H=EF=BF=BDcM-^@J7xg\A=EF=BF=BD=EF=BF=BD.=EF=BF=BD=EF=BF=BDM-^= UC7o^V=EF=BF=BD=EF=BF=BD=EF=BF=BD^Ax=EF=BF=BD^G=EF=BF=BD\ <^A.#=EF=BF=BDns=EF=BF=BDKwV^N=EF=BF=BD^ZZ=EF=BF=BD=EF=BF=BD=CF=BA=EF=BF=BD= M-^X=EF=BF=BDzM-^N^U=EF=BF=BDM-^Ys2smW^G^S^U=EF=BF=BDM-^G=EF=BF=BD<'~=EF=BF= =BD7=EF=BF=BD^HFz=EF=BF=BD>DM-^T=EF=BF=BDV~8^^vW1=EF=BF=BD=EF=BF=BD^K[=EF= =BF=BD^\i^P=EF=BF=BD"M-^G=EF=BF=BDQ=EF=BF=BD(=EF=BF=BDm%{M-^@M- ^H=EF=BF=BDM-^Q=EF=BF=BD^Q=EF=BF=BDnW=EF=BF=BDY(CT@_/=EF=BF=BD`=EF=BF=BDcM-= ^Nv=20 Logging to FILE /var/log/hosts/host_a.log=20 received sa_len =3D 16=20 cvthname(2) len =3D 16=20 cvthname(192.168.168.2) # of validation rule: 2 I also tried on the server's config to avoid the brackets ("[]"), +fdff:dead:beef::aaaa,192.168.168.2 *.* /var/log/hosts/host_a.log but that seems illogical and it results in the same IP mismatch as reported further above.=20 If it isn't a bug, please point me to the mistake. Thanks in advance, oh