[Bug 192827] New: `syslogd -s` listens on 514/udp6

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Aug 19 10:48:27 UTC 2014 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192827

            Bug ID: 192827
           Summary: `syslogd -s` listens on 514/udp6
           Product: Base System
           Version: 10.0-RELEASE
          Hardware: amd64
                OS: Any
            Status: Needs Triage
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: florian.ermisch at alumni.tu-berlin.de

We got a server running 10.0-RELEASE-p7 with rsyslogd (installed via pkg) to 
receive logs via TCP. As rsyslogd failed to log local messages I've disabled 
local logging by rsyslogd and re-enabled syslogd in rc.conf adding '-s' to the 
flags b/c the manpages states:

     -s      Operate in secure mode.  Do not log messages from remote
             machines.  If specified twice, no network socket will be opened
             at all, which also disables logging to remote machines.

user at sysloghost:~% grep syslog /etc/rc.conf
hostname="sysloghost.domain.tld"
syslogd_enable="YES"
syslogd_flags="-s -v -v"
rsyslogd_enable="YES"

A few hours ago I checked on rsyslogd b/c of some monitoring glitch, ran 
`sockstat(1)` and was suprised seeing syslogd listening on 514/udp6:

user at sysloghost:~% sockstat | grep syslog
root     syslogd    68516 4  dgram  /var/run/log
root     syslogd    68516 5  dgram  /var/run/logpriv
root     syslogd    68516 6  udp6   *:514                 *:*  <=========
root     rsyslogd   25668 0  udp4   *:514                 *:*
root     rsyslogd   25668 1  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL1}:47563
root     rsyslogd   25668 3  tcp6   *:514                 *:*
root     rsyslogd   25668 4  tcp4   *:514                 *:*
root     rsyslogd   25668 5  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL2}:41922
root     rsyslogd   25668 7  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL3}:48601
root     rsyslogd   25668 9  tcp4   ${SYSLOG_IP}:514     ${SYSLOG_CL4}:60310

Right now that's no problem for us as the setup is currently IPv4 only but 
clearly isn't what the manpage states and might cause problems in a similar
setup with IPv6.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list