NetBSD Problem Report #44672
From martin@duskware.de Thu Mar 3 13:16:57 2011
Return-Path: <martin@duskware.de>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id CBA9463B84D
for <gnats-bugs@gnats.NetBSD.org>; Thu, 3 Mar 2011 13:16:56 +0000 (UTC)
Message-Id: <20110303131656.CBA9463B84D@www.NetBSD.org>
Date: Thu, 3 Mar 2011 13:16:56 +0000 (UTC)
From: martin
Reply-To: martin
To: gnats-bugs@gnats.NetBSD.org
Subject: syslogd has no option to specify source port
X-Send-Pr-Version: 3.95
>Number: 44672
>Category: bin
>Synopsis: syslogd has no option to specify source port
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Thu Mar 03 13:20:00 +0000 2011
>Last-Modified: Thu Mar 03 23:30:03 +0000 2011
>Originator: Martin Husemann
>Release: NetBSD 5.99.47
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD night-owl.duskware.de 5.99.47 NetBSD 5.99.47 (NIGHT-OWL) #28: Sat Feb 26 13:10:46 CET 2011 martin@night-owl.duskware.de:/usr/src/sys/arch/amd64/compile/NIGHT-OWL amd64
Architecture: x86_64
Machine: amd64
>Description:
There is no option to explicitly specify a fixed port for outgoing syslog
messages to other syslogds (or at least one to specify 514).
Some facist setups require packets to have a certain source port, and there
is no harm for our syslogd to support this.
This PR superseds the mostly incomprehensible PR 44671.
>How-To-Repeat:
Read syslogd(8).
>Fix:
>Audit-Trail:
From: Berczi Gabor <gabor@berczi.be>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@netbsd.org
Subject: Re: bin/44672
Date: Thu, 3 Mar 2011 18:33:12 +0100
> Some facist setups require packets to have a certain source port, and =
there
> is no harm for our syslogd to support this.
"Facist"? (sic!)
Right now, the default NetBSD syslog behaviour:
- does not work with FreeBSD
- or through any filtering firewall
due to the senseless introduction of the semi-randomized source port. =
How about just simply fixing that, instead of silently introducing a new =
option?
If this is still too "incomprehensible", I can even draw it.
From: =?UTF-8?B?TWFydGluIFNjaMO8dHRl?= <mschuett@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/44672: syslogd has no option to specify source port
Date: Fri, 04 Mar 2011 00:25:12 +0100
On 03/03/11 14:20, martin@NetBSD.org wrote:
> There is no option to explicitly specify a fixed port for outgoing syslog
> messages to other syslogds (or at least one to specify 514).
The current syslogd just skips the bind() in SecureMode.
I agree it is a reasonable expectation to use the well known UDP port
for sending and it is easy to fix. Patches for netbsd-5 and -current are at:
ftp://ftp.netbsd.org/pub/NetBSD/misc/mschuett/syslogd_5base-bind_in_securemode.diff
ftp://ftp.netbsd.org/pub/NetBSD/misc/mschuett/syslogd_current-bind_in_securemode.diff
--
Martin
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home