[Bug 192827] `syslogd -s` listens on 514/udp6
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Jan 7 22:30:35 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192827
Xin LI <delphij at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |Works As Intended
CC| |delphij at FreeBSD.org
Status|New |Closed
--- Comment #5 from Xin LI <delphij at FreeBSD.org> ---
(In reply to florian.ermisch from comment #4)
This is totally intentional and it's not a bug.
With UDP, you have to bind() the socket or the system will allocate an
arbitrary port to send the packet from (like binding on INADDR_ANY). RFC 3164
says, quote:
%%%
2. Transport Layer Protocol
syslog uses the user datagram protocol (UDP) [1] as its underlying
transport layer mechanism. The UDP port that has been assigned to
syslog is 514. It is RECOMMENDED that the source port also be 514 to
indicate that the message is from the syslog process of the sender,
but there have been cases seen where valid syslog messages have come
from a sender with a source port other than 514. If the sender uses
a source port other than 514 then it is RECOMMENDED and has been
considered to be good form that subsequent messages are from a single
consistent port.
%%%
Later RFC e.g. RFC 5426 have the following requirement:
%%%
3.3. Source and Target Ports
Syslog receivers MUST support accepting syslog datagrams on the well-
known UDP port 514, but MAY be configurable to listen on a different
port. Syslog senders MUST support sending syslog message datagrams
to the UDP port 514, but MAY be configurable to send messages to a
different port. Syslog senders MAY use any source UDP port for
transmitting messages.
%%%
Binding the socket is desirable because it gives the maximum compatibility.
Please also see the source code for 'NoBind' option (-N) and comments.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list