summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRainer Gerhards <rgerhards@adiscon.com>2005-09-27 14:52:22 +0000
committerRainer Gerhards <rgerhards@adiscon.com>2005-09-27 14:52:22 +0000
commitfeb10f47b7c4f76a646784455a32866dbb82d210 (patch)
tree47ac424eaa86fc7ec0c50e62aac428babf0af905
parent59c47ee112b475d58843b6c883bd7a549759da14 (diff)
downloadrsyslog-feb10f47b7c4f76a646784455a32866dbb82d210.tar.gz
rsyslog-feb10f47b7c4f76a646784455a32866dbb82d210.tar.xz
rsyslog-feb10f47b7c4f76a646784455a32866dbb82d210.zip
updated sample config; better error reporting on allowedSenders
-rw-r--r--linux/Makefile2
-rw-r--r--sample.conf58
-rw-r--r--syslogd.c13
3 files changed, 69 insertions, 4 deletions
diff --git a/linux/Makefile b/linux/Makefile
index 7b1c99e5..a82d285a 100644
--- a/linux/Makefile
+++ b/linux/Makefile
@@ -31,7 +31,7 @@ FEATURE_DB=0
FEATURE_REGEXP=1
# Enable debug mode (much slower code)
-FEATURE_DEBUG=1
+FEATURE_DEBUG=0
#############################################################
# END OF USER SETTINGS #
diff --git a/sample.conf b/sample.conf
index c6353bec..99f9f0e3 100644
--- a/sample.conf
+++ b/sample.conf
@@ -1,5 +1,20 @@
# This is a sample configuation file for rsyslogd. See the
-# man pages for details. Please note that rsyslogd by default
+# doc/manual.html for details. If you can not find the
+# manual set, please visit
+#
+# http://www.rsyslog.com/doc/
+#
+# to obtain it online.
+#
+# WARNING: We do NOT keep the comments in this file always
+# up to date. Be sure to consult the doc set that
+# came with your package, especially the file on
+# rsyslog.conf - it probably has some better information
+# than is provided here in comments. The main purpose
+# of sample.conf is to show you some actual directives,
+# not to be the authorative doc source.
+#
+# Please note that rsyslogd by default
# reads /etc/rsyslogd.conf (and NOT /etc/syslogd.conf!).
#
# A commented sample configuration. More a man page than a real
@@ -7,7 +22,12 @@
#
# We try to keep things as consistent with existing syslog implementation
# as possible. We use "$" to start lines that contain new directives.
-# Set syslogd options
+
+# We limit who can send us messages:
+$AllowedSender UDP, 192.0.2.0/24, 10.0.0.1 # all machines in 192.0.2 as well as 10.0.0.1
+$AllowedSender TCP, 10.0.0.1 # for TCP, we allow only 10.0.0.1
+# remove the AllowedSender directives if you do not want to limit
+# who can send rsyslogd messages (not recommended)
# Templates are a key feature of rsyslog. They allow to specify any
# format a user might want. Every output in rsyslog uses templates - this
@@ -97,6 +117,10 @@
# was provided in the message (in most cases, only seconds)
# TIMESTAMP alias for timereported
#
+# Other properties might be available at the time you read this. Be sure
+# to consult the property replacer documentation in the doc set for all
+# properties.
+#
# FromChar and toChar are used to build substrings. They specify the
# offset within the string that should be copied. Offset counting
# starts at 1, so if you need to obtain the first 2 characters of the
@@ -206,6 +230,34 @@ $template dbFormat,"insert into SystemEvents (Message, Facility,FromHost, Priori
# Of course, you can also specify a template with TCP:
*.* @@172.19.2.16:1514;RFC3164Fmt
+# We also support property-based filters, which allow for nice
+# things. Let's for example assume that you receive a lot of
+# nonsense messages with "ID-4711" in the message text. You know
+# that you will never need these messages. So you simply discard them
+:msg, contains, "ID-4711" ~
+
+# or you would like to store messages from a specific host to
+# a different file:
+:FROMHOST, isequal,"myhost.example.com" /var/log/myhost.log
+
+# everyting that does not contain "error" should also be
+# discarded
+:msg, !contains, "error" ~
+# and the rest go to a seperate file
+*.* /var/log/error
+# (keep in mind that the two directives shown immediately
+# above must be kept in that order to actually work)
+
+# you can also execute a script. Let's assume, for example, you need
+# to execute "turn-diesel-generator-on" when "power failed" is contained
+# in a message... ;)
+:msg, contains, "power failed" ^turn-diesel-generator-on
+# (The script is passed the syslog message as first and only paramter.
+# Other parameters can currently not be specified.)
+
+# Note that boolean operations (other than not [!]) are not
+# currently supported. As such, you can not filter out different
+# facilities from different machines - hopefully later ;)
#
# A final world. rsyslog is considered a part of Adiscon's MonitorWare product line.
@@ -217,5 +269,5 @@ $template dbFormat,"insert into SystemEvents (Message, Facility,FromHost, Priori
# as a web-based front-end to a syslog message database.
#
# I hope this work is useful.
-# 2005-07-20 Rainer Gerhards <rgerhards@adiscon.com>
+# 2005-09-27 Rainer Gerhards <rgerhards@adiscon.com>
#
diff --git a/syslogd.c b/syslogd.c
index 23e0990d..27643bbe 100644
--- a/syslogd.c
+++ b/syslogd.c
@@ -787,6 +787,19 @@ static rsRetVal AddAllowedSender(struct AllowedSenders **ppRoot, struct AllowedS
== NULL)
return RS_RET_OUT_OF_MEMORY; /* no options left :( */
+ if(iSignificantBits == 0)
+ /* we handle this seperatly just to provide a better
+ * error message.
+ */
+ logerror("You can not specify 0 bits of the netmask, this would "
+ "match ALL systems. If you really intend to do that, "
+ "remove all $AllowedSender directives.");
+ if((iSignificantBits < 1) || (iSignificantBits > 32)) {
+ logerrorInt("Invalid bit number in IP address - adjusted to 32",
+ iSignificantBits);
+ iSignificantBits = 32;
+ }
+
/* populate entry */
pEntry->bitsToShift = 32 - iSignificantBits; /* IPv4! */
pEntry->allowedSender = iAllow >> pEntry->bitsToShift;