diff options
| author | Rainer Gerhards <rgerhards@adiscon.com> | 2010-10-15 08:38:35 -0700 |
|---|---|---|
| committer | Rainer Gerhards <rgerhards@adiscon.com> | 2010-10-15 08:38:35 -0700 |
| commit | 93662146b46c03b2a5db83ae074aa77f207dd98a (patch) | |
| tree | 32db6d8cca9c8c06b110c41ce1e33ccf1193e565 /doc | |
| parent | f60fd65378d4bfc110e8ae1b55197d73c3293f0c (diff) | |
| parent | 87472f58b4cd47762a7b134f0d8521cabc739cae (diff) | |
| download | rsyslog-93662146b46c03b2a5db83ae074aa77f207dd98a.tar.gz rsyslog-93662146b46c03b2a5db83ae074aa77f207dd98a.tar.xz rsyslog-93662146b46c03b2a5db83ae074aa77f207dd98a.zip | |
Merge branch 'v5-devel'
Conflicts:
ChangeLog
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/imuxsock.html | 11 | ||||
| -rw-r--r-- | doc/tls_cert_machine.html | 12 |
2 files changed, 20 insertions, 3 deletions
diff --git a/doc/imuxsock.html b/doc/imuxsock.html index 1ab99a76..ee5db22d 100644 --- a/doc/imuxsock.html +++ b/doc/imuxsock.html @@ -39,6 +39,7 @@ config statements just use the prefix $IMUXSockRateLimit... but otherwise works exactly the same. When working with severities, please keep in mind that higher severity numbers mean lower severity and configure things accordingly. +To turn off rate limiting, set the interval to zero. <p><b>Unix log sockets can be flow-controlled.</b> That is, if processing queues fill up, the unix socket reader is blocked for a short while. This may be useful to prevent overruning the queues (which may cause exessive disk-io where it actually would not be needed). However, @@ -55,7 +56,7 @@ the implications. Note that for many systems, turning on flow control does not h <li><b>$InputUnixListenSocketFlowControl</b> [on/<b>off</b>] - specifies if flow control should be applied to the next socket.</li> <li><b>$IMUXSockRateLimitInterval</b> [number] - specifies the rate-limiting -interval in seconds. Default value is 5 seconds. +interval in seconds. Default value is 5 seconds. Set it to 0 to turn rate limiting off. </li> <li><b>$IMUXSockRateLimitBurst</b> [number] - specifies the rate-limiting burst in number of messages. Default is 200. @@ -78,7 +79,7 @@ be obtained from the log socket itself. If so, the TAG part of the message is re It is recommended to turn this option on, but the default is "off" to keep compatible with earlier versions of rsyslog. This option was introduced in 5.7.0.</li> <li><b>$SystemLogRateLimitInterval</b> [number] - specifies the rate-limiting -interval in seconds. Default value is 5 seconds. +interval in seconds. Default value is 5 seconds. Set it to 0 to turn rate limiting off. </li> <li><b>$SystemLogRateLimitBurst</b> [number] - specifies the rate-limiting burst in number of messages. Default is 200. @@ -138,6 +139,12 @@ the $InputUnixListenSocketCreatePath and the $InputUnixListenSocketHostName.</p> $InputUnixListenSocketCreatePath on # turn on for *next* socket $InputUnixListenSocketHostName /var/run/sshd/dev/log </textarea> +<p>The following sample is used to turn off input rate limiting on the system log +socket. +<textarea rows="6" cols="70">$ModLoad imuxsock # needs to be done just once + +$SystemLogRateLimitInterval 0 # turn off rate limiting +</textarea> <p>[<a href="rsyslog_conf.html">rsyslog.conf overview</a>] [<a href="manual.html">manual index</a>] [<a href="http://www.rsyslog.com/">rsyslog site</a>]</p> <p><font size="2">This documentation is part of the diff --git a/doc/tls_cert_machine.html b/doc/tls_cert_machine.html index 5ecde0d1..095e15c2 100644 --- a/doc/tls_cert_machine.html +++ b/doc/tls_cert_machine.html @@ -75,7 +75,15 @@ Locality name: <font color="red">Somewhere</font> State or province name: <font color="red">CA</font> Common name: <font color="red">machine.example.net</font> UID: -Enter a challenge password: +Enter a dnsName of the subject of the certificate: +Enter the IP address of the subject of the certificate: +Enter the e-mail of the subject of the certificate: +Enter a challange password: +Does the certificate belong to an authority? (y/N): <font color="red">n</font> +Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)? (y/N): +Will the certificate be used for encryption (RSA ciphersuites)? (y/N): +Is this a TLS web client certificate? (y/N): <font color="red">y</font> +Is this also a TLS web server certificate? (y/N): <font color="red">y</font> [root@rgf9dev sample]# <font color="red">certtool --generate-certificate --load-request request.pem --outfile cert.pem --load-ca-certificate ca.pem --load-ca-privkey ca-key.pem</font> Generating a signed certificate... Enter the certificate's serial number (decimal): @@ -86,10 +94,12 @@ The certificate will expire in (days): 1000 Extensions. +Do you want to honour the extensions from the request? (y/N): Does the certificate belong to an authority? (Y/N): <font color="red">n</font> Is this a TLS web client certificate? (Y/N): <font color="red">y</font> Is this also a TLS web server certificate? (Y/N): <font color="red">y</font> Enter the dnsName of the subject of the certificate: <font color="red">machine.example.net</font> <i>{This is the name of the machine that will use the certificate}</i> +Enter the IP address of the subject of certificate: Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)? (Y/N): Will the certificate be used for encryption (RSA ciphersuites)? (Y/N): X.509 Certificate Information: |