Add a -M option to control the maximum length of forwarded messages.
syslogd(8) used to truncate forwarded messages to 1024 bytes, but after
commit 1a874a126a ("Add RFC 5424 syslog message output to syslogd.")
applies a more conservative limit of 480 bytes for IPv4 per RFC 5426
section 3.2. Restore the old default behaviour of truncating to 1024
bytes. RFC 5424 specifies no upper limit on the length of forwarded
messages, while for RFC 3164 the limit is 1024 bytes.
Increase MAXLINE to 8192 bytes to correspond to commit 672ef817a192.
Replaced bootfile[] size for MAXPATHLEN used in getbootfile(3) as a
returned value. Using (MAXLINE+1) as a size for bootfile[] is excessive.
PR: 241937
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D27206
- Move all of the code responsible for transmitting log messages into a
separate function, fprintlog_write().
- Instead of manually modifying a list of iovecs, add a structure
iovlist with some helper functions.
- Alter the F_FORW (UDP message forwarding) case to also use iovecs like
the other cases. Use sendmsg() instead of sendto().
- In the case of F_FORW, truncate the message to a size dependent on the
address family (AF_INET, AF_INET6), as proposed by RFC 5426.
- Move all traditional message formatting into fprintlog_bsd(). Get rid
of some of the string copying and snprintf()'ing. Simply emit more
iovecs to get the job done.
- Increase ttymsg()'s limit of 7 iovecs to 32. Add a definition for this
limit, so it can be reused by iovlist.
- Add fprintlog_rfc5424() to emit RFC 5424 formatted log entries.
- Add a "-O" command line option to enable RFC 5424 formatting. It would
have been nicer if we supported "-o rfc5424", just like on NetBSD.
Unfortunately, the "-o" flag is already used for a different purpose
on FreeBSD.
- Don't truncate hostnames in the RFC 5424 case, as suggested by that
specific RFC.
For people interested in using this, this feature can be enabled by
adding the following line to /etc/rc.conf:
syslogd_flags="-s -O rfc5424"
Differential Revision: https://reviews.freebsd.org/D15011
field, and support properly parse out the hostname as described by RFC3164,
which wasn't done before. However, don't discard message if it doesn't
have hostname, for compatibility.
Enable logging of the message supplied hostname instead of real hostname
with -H switch.
PR: 200933
Reported by: Konstantin Pavlov <thresh nginx.com>
MFC after: 2 months
My attempt to correct the sender/receiver behavior was incorrect.
The source port of the sender for forwarded datagrams is filtered
with -a, and my change in r314585 didn't clarify that point at all.
Wording is based on suggestion by hrs.
MFC after: 28 days
X-MFC with: r314563, r314585
Reported by: hrs
In collaboration with: hrs, rgrimes
Sponsored by: Dell EMC Isilon
`*` means that packets will be received from a remote peer on any port.
Since the point of interest is the syslogd instance (not the remote peer),
the appropriate verb is "received", not "sent".
MFC after: 1 month
X-MFC with: r314563
Sponsored by: Dell EMC Isilon
- Clarify -p/-S options by using appropriate subject-verb modifiers
(verb and modifiers suggested that the subject should have been
singular).
- Simplify/correct -a description:
-- Be more terse when describing IPv4 (the "usual dotted notation"
isn't necessarily well understood by the reader). Being blunt and
saying "IPv4 address" with an optional netmask is.
-- prefixlen is the appropriate terminology for IPv6.
-- mask/prefixlen is optional, not required (as noted later on in the
section).
-- split up IPv4/IPv6 use so to clarify both forms.
-- Fix wordiness when describing the optional "service" specifier.
- -T: Use "cannot" instead of "can't" [*].
Bump .Dd for the changes.
MFC after: 1 month
Reported by: igor [*]
Reviewed by: hrs
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D9855
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
foreground.
This allows a separate process to monitor when and how
syslogd exits. That process can then restart syslogd if needed.
Differential Revision: https://reviews.freebsd.org/D1985
Submitted by: Ravi Pokala
Reviewed by: allanjude (man page)
standard ports, but it can't *receive* them (port 514 is
hardcoded). This commit adds that missing feature.
(NB: I actually needed this feature for a server farm where
multiple jails run with shared IP addresses, and every jail
should have its own syslogd process.)
As a side effect, syslogd now compiles with WARNS=6.
Approved by: des (mentor)
MFC after: 3 weeks
messages from the network. We already replace malformatted timestamps
and this option lets us replace timestamps that are correctly formatted
but wrong.
PR: 120891
Submitted by: Thomas Vogt <thomas@bsdunix.ch>
MFC after: 1 week
when they don't exist, but sometimes its quite useful (eg. we use
non-standard log files and memory backed /var/, which is populated on
boot).
Add -C option which tells syslogd(8) to create log files if they don't
exist.
Glanced at by: phk
MFC after: 3 days
syslog(3) if we are a priveleged program (sshd, su, etc.).
- Make syslogd open an additional socket /var/run/logpriv, with 0600
permissions.
- In libc, try to use this socket.
- Do not loop forever if we are using this socket (partial backout of 1.31)
Reviewed by: dwmalone, Andrea Campi <andrea webcom it>
Approved by: julian (mentor)
MFC after: 1 month
remove limit for 20 sockets.
- Add possibility to specify file mode for sockets created with '-l'.
- Check that socket name in '-l' is absolute.
Reviewed by: dwmalone, Andrea Campi <andrea webcom it>
Approved by: julian (mentor)
with the old behavior available via the -o option (it might still be
useful if one has many kernels and cares which messages came from
which). If the boot file is not used as the prefix, it is still
logged once at startup.
This change is prompted by the fact that the boot file is now much
longer ("/boot/kernel/kernel" vs. "/kernel"), which significanlty
bloats the syslogd output.
Reviewed by: peter