diff options
-rw-r--r-- | Makefile | 6 | ||||
-rw-r--r-- | NEWS | 8 | ||||
-rw-r--r-- | rsyslogd.8 | 1 | ||||
-rw-r--r-- | syslogd.c | 73 | ||||
-rw-r--r-- | test.conf | 7 |
5 files changed, 68 insertions, 27 deletions
@@ -17,8 +17,8 @@ CC= gcc # enables the MySQL code. By default, that one is commented out # change the comment chars to activate it if you need MySQL! # In this case, also look down further to uncomment the libs -#CFLAGS= $(RPM_OPT_FLAGS) -O3 -DSYSV -fomit-frame-pointer -Wall -fno-strength-reduce $(NOLARGEFILE) -CFLAGS= $(RPM_OPT_FLAGS) -O3 -DSYSV -fomit-frame-pointer -Wall -fno-strength-reduce -DWITH_DB -I/usr/local/include $(NOLARGEFILE) +CFLAGS= $(RPM_OPT_FLAGS) -O3 -DSYSV -fomit-frame-pointer -Wall -fno-strength-reduce $(NOLARGEFILE) +#CFLAGS= $(RPM_OPT_FLAGS) -O3 -DSYSV -fomit-frame-pointer -Wall -fno-strength-reduce -DWITH_DB -I/usr/local/include $(NOLARGEFILE) LDFLAGS= -s INSTALL = install @@ -26,7 +26,7 @@ BINDIR = /usr/sbin MANDIR = /usr/share/man # Uncomment the following to use mysql. -LIBS = -lmysqlclient -L/usr/local/lib/mysql +#LIBS = -lmysqlclient -L/usr/local/lib/mysql # There is one report that under an all ELF system there may be a need to # explicilty link with libresolv.a. If linking syslogd fails you may wish @@ -1,5 +1,11 @@ --------------------------------------------------------------------------- -Version 0.9.2 (RGer), around 2005-07-05 +Version 0.9.3 (RGer), around 2005-07-07 +- added the ability to specify the destination port when forwarding + syslog messages (both for TCP and UDP) +- added the TCP sender (activated by @@machine:port in config) + +--------------------------------------------------------------------------- +Version 0.9.2 (RGer), around 2005-07-06 - I intended to change the maxsupported message size to 32k to support IHE - but given the memory inefficiency in the usual use cases, I have not done this. I have, however, included very @@ -168,6 +168,7 @@ Activates the syslog/tcp listener service. The listener will listen to the specified port. Please note that syslog/tcp is not standardized, but the implementation in rsyslogd follows common practice and is compatible with e.G. Cisco PIX, syslog-ng and MonitorWare (Windows). +.TP .B "\-v" Print version and exit. .LP @@ -427,6 +427,10 @@ struct filed { struct { char f_hname[MAXHOSTNAMELEN+1]; struct sockaddr_in f_addr; + int port; + int protocol; +# define FORW_UDP 0 +# define FORW_TCP 1 } f_forw; /* forwarding address */ char f_fname[MAXFNAME]; } f_un; @@ -2394,8 +2398,8 @@ int main(argc, argv) int usage() { - fprintf(stderr, "usage: syslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \ - " [-s domainlist] [-f conffile]\n"); + fprintf(stderr, "usage: rsyslogd [-drvh] [-l hostlist] [-m markinterval] [-n] [-p path]\n" \ + " [-s domainlist] [-t port] [-f conffile]\n"); exit(1); } @@ -3334,12 +3338,7 @@ void writeFile(struct filed *f) off_t actualFileSize; assert(f != NULL); - /* Now generate the message. This can eventually be moved to - * a generic subroutine (need to think about this....). - * for now, this is a quick and dirty dummy. We need to have the - * ability to specify the message format before we can actually - * code this part of the function. rgerhards 2004-11-11 - */ + /* create the message based on format specified */ iovCreate(f); again: /* first check if we have a file size limit and, if so, @@ -3520,13 +3519,9 @@ void fprintlog(f, flags) break; case F_FORW: - /* - * Don't send any message to a remote host if it - * already comes from one. (we don't care 'bout who - * sent the message, we don't send it anyway) -Joey - */ f_forw: - dprintf(" %s\n", f->f_un.f_forw.f_hname); + dprintf(" %s:%d/%s\n", f->f_un.f_forw.f_hname, f->f_un.f_forw.port, + f->f_un.f_forw.protocol == FORW_UDP ? "udp" : "tcp"); iovCreate(f); if ( strcmp(f->f_pMsg->pszHOSTNAME, LocalHostName) && NoHops ) dprintf("Not sending message to remote.\n"); @@ -4563,6 +4558,7 @@ void cfline(line, f) int syncfile; #ifdef SYSLOG_INET struct hostent *hp; + int bErr; #endif char buf[MAXLINE]; char szTemplateName[128]; @@ -4722,12 +4718,43 @@ void cfline(line, f) case '@': #ifdef SYSLOG_INET ++p; /* eat '@' */ + if(*p == '@') { /* indicator for TCP! */ + f->f_un.f_forw.protocol = FORW_TCP; + ++p; /* eat this '@', too */ + } else { + f->f_un.f_forw.protocol = FORW_UDP; + } /* extract the host first (we do a trick - we - * replace the ';' with a '\0') */ - for(q = p ; *p && *p != ';' ; ++p) + * replace the ';' or ':' with a '\0') + * now skip to port and then template name + * rgerhards 2005-07-06 + */ + for(q = p ; *p && *p != ';' && *p != ':' ; ++p) /* JUST SKIP */; + if(*p == ':') { /* process port */ + *p = '\0'; /* trick to obtain hostname (later)! */ + register int i = 0; + for(++p ; *p && isdigit(*p) ; ++p) { + i = i * 10 + *p - '0'; + } + f->f_un.f_forw.port = i; + } + + /* now skip to template */ + bErr = 0; + while(*p && *p != ';') { + if(*p && *p != ';' && !isspace(*p)) { + if(bErr == 0) { /* only 1 error msg! */ + bErr = 1; + errno = 0; + logerror("invalid selector line (port), probably not doing what was intended"); + } + } + ++p; + } + if(*p == ';') { - *p = '\0'; /* trick! */ + *p = '\0'; /* trick to obtain hostname (later)! */ ++p; /* Now look for the template! */ cflineParseTemplateName(f, &p, szTemplateName, @@ -4753,12 +4780,18 @@ void cfline(line, f) cflineSetTemplateAndIOV(f, szTemplateName); (void) strcpy(f->f_un.f_forw.f_hname, q); - dprintf("forwarding host: '%s' template '%s'\n", - q, szTemplateName); /*ASP*/ memset((char *) &f->f_un.f_forw.f_addr, 0, sizeof(f->f_un.f_forw.f_addr)); f->f_un.f_forw.f_addr.sin_family = AF_INET; - f->f_un.f_forw.f_addr.sin_port = htons(LogPort); + if(f->f_un.f_forw.port == 0) + f->f_un.f_forw.port = 514; + f->f_un.f_forw.f_addr.sin_port = htons(f->f_un.f_forw.port); + + dprintf("forwarding host: '%s:%d/%s' template '%s'\n", + q, f->f_un.f_forw.port, + f->f_un.f_forw.protocol == FORW_UDP ? "udp" : "tcp", + szTemplateName); + if ( f->f_type == F_FORW ) memcpy((char *) &f->f_un.f_forw.f_addr.sin_addr, hp->h_addr, hp->h_length); /* @@ -141,14 +141,15 @@ $template WinSyslogFmt,"%HOSTNAME%,%timegenerated:1:10:date-rfc3339%,%timegenera #*.* rger #*.* *;MySQLInsert #*.* -/home/rger/proj/rsyslog/logfile;WinSyslogFmt -*.* /home/rger/proj/rsyslog/logfile #*.* /home/rger/proj/rsyslog/logfile;UserMsg #*.* /home/rger/proj/rsyslog/tradfile;TraditionalFormat #*.* @172.19.2.16;RFC3164fmt +#*.* @@172.19.2.16:10514;RFC3164fmt +*.* @172.19.2.7:10514 #*.* @172.19.2.16 #*.* >localhost,AdisconDB,root, $outchannel big, /var/log/big, 0 *.* $big #$outchannel rg, /home/rger/proj/rsyslog/size-file , 1000 , mv /home/rger/proj/rsyslog/size-file /home/rger/proj/rsyslog/size-file.old -$outchannel rg, /home/rger/proj/rsyslog/size-file , 1000 -*.* $rg;TraditionalFormat +#$outchannel rg, /home/rger/proj/rsyslog/size-file , 1000 +#*.* $rg;TraditionalFormat |