[Bug 220246] syslogd does not send RFC3164-conformant messages [PATCH]
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Jun 24 08:50:02 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220246
Bug ID: 220246
Summary: syslogd does not send RFC3164-conformant messages
[PATCH]
Product: Base System
Version: 10.3-RELEASE
Hardware: Any
OS: Any
Status: New
Keywords: patch
Severity: Affects Many People
Priority: ---
Component: bin
Assignee: freebsd-bugs at FreeBSD.org
Reporter: mikeg at bsd-box.net
Keywords: patch
Created attachment 183758
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=183758&action=edit
Resolving patch
When sending messages to a remote host syslogd omits the hostname field
required by RFC 3164. This affects anyone sending logs from a FreeBSD host to a
central logging server that expects RFC 3164-conformant messages (Logstash,
fluentd) - it breaks the remote server's ability to parse the FreeBSD system's
log messages.
This issue is present on 10.3-RELEASE and 11.0-RELEASE.
The attached patch corrects the behavior of syslogd when sending messages.
Following the logic laid out in the existing code I preserved the previous
hostname for forwarded messages, but made the resulting message conform with
the RFC.
This fix has been verified against Logstash & fluentd. I have not deliberately
thrown any pathological input at it so there should be some scrutiny.
NOTE: Related standards bug 200933 deals with receiving RFC 3164-conformant
messages. There is a patch there which should be reviewed and either applied or
adapted as appropriate.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list