[Bug 194231] New: syslogd Missing Hostname

Tue Oct 7 20:36:46 UTC 2014

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194231

            Bug ID: 194231
           Summary: syslogd Missing Hostname
           Product: Base System
           Version: 9.3-RELEASE
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Many People
          Priority: ---
         Component: standards
          Assignee: freebsd-standards at FreeBSD.org
          Reporter: rsecor at seqlogic.com

When setup to forward syslog information to another server, syslog does not
include the hostname in the information.

Both, rfc3164, entitled "The BSD syslog Protocol," and rfc5424, entitled "The
Syslog Protocol," require a value be passed for the hostname.

We also tested a FreeBSD 8.0 and a 9.2, they both include the same issue.

Example (from tcpdump):

(1) Current FreeBSD (incorrect) Packet:
15:18:31.963184 IP 192.168.164.27.514 > 192.168.165.10.514: SYSLOG auth.info,
length: 79
E..k.... at .,;.......
.....WE.<38>Oct  7 15:18:48 sshd[60620]: Connection closed by 192.168.164.124
[preauth]

(2) Expected Packet:
15:18:31.963184 IP 192.168.164.27.514 > 192.168.165.10.514: SYSLOG auth.info,
length: 79
E..k.... at .,;.......
.....WE.<38>Oct  7 15:18:48 servername sshd[60620]: Connection closed by
192.168.164.124 [preauth]

References
http://tools.ietf.org/html/rfc3164
http://tools.ietf.org/html/rfc5424

-- 
You are receiving this mail because:
You are the assignee for the bug.