Re: syslogd sending via tcp
On Wed, Oct 29, 2014 at 07:06:53PM +0100, Alexander Bluhm wrote: I would like to get this in and develop the missing parts in tree. So here is the diff again, I have merged to current and changed a comment. ok? bluhm Index: privsep.c === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/privsep.c,v retrieving revision 1.48 diff -u -p -r1.48 privsep.c --- privsep.c 5 Oct 2014 18:14:01 - 1.48 +++ privsep.c 28 Dec 2014 14:23:14 - @@ -317,17 +317,34 @@ priv_init(char *conf, int numeric, int l servname[servname_len - 1] = '\0'; memset(hints, 0, sizeof(hints)); - if (strcmp(protoname, udp) == 0) { + switch (strlen(protoname)) { + case 3: hints.ai_family = AF_UNSPEC; - } else if (strcmp(protoname, udp4) == 0) { - hints.ai_family = AF_INET; - } else if (strcmp(protoname, udp6) == 0) { - hints.ai_family = AF_INET6; + break; + case 4: + switch (protoname[3]) { + case '4': + hints.ai_family = AF_INET; + break; + case '6': + hints.ai_family = AF_INET6; + break; + default: + errx(1, bad ip version %s, protoname); + } + break; + default: + errx(1, bad protocol length %s, protoname); + } + if (strncmp(protoname, udp, 3) == 0) { + hints.ai_socktype = SOCK_DGRAM; + hints.ai_protocol = IPPROTO_UDP; + } else if (strncmp(protoname, tcp, 3) == 0) { + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; } else { errx(1, unknown protocol %s, protoname); } - hints.ai_socktype = SOCK_DGRAM; - hints.ai_protocol = IPPROTO_UDP; i = getaddrinfo(hostname, servname, hints, res0); if (i != 0 || res0 == NULL) { addr_len = 0; Index: syslogd.c === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v retrieving revision 1.136 diff -u -p -r1.136 syslogd.c --- syslogd.c 10 Dec 2014 19:42:14 - 1.136 +++ syslogd.c 28 Dec 2014 14:23:14 - @@ -50,13 +50,14 @@ * extensive changes by Ralph Campbell * more extensive changes by Eric Allman (again) * memory buffer logging by Damien Miller - * IPv6, libevent by Alexander Bluhm + * IPv6, libevent, sending via TCP by Alexander Bluhm */ #defineMAXLINE 1024/* maximum line length */ #define MIN_MEMBUF (MAXLINE * 4) /* Minimum memory buffer size */ #define MAX_MEMBUF (256 * 1024)/* Maximum memory buffer size */ #define MAX_MEMBUF_NAME64 /* Max length of membuf log name */ +#define MAX_TCPBUF (256 * 1024)/* Maximum tcp event buffer size */ #defineMAXSVLINE 120 /* maximum saved line length */ #define DEFUPRI(LOG_USER|LOG_NOTICE) #define DEFSPRI(LOG_KERN|LOG_CRIT) @@ -132,6 +133,8 @@ struct filed { charf_loghost[1+4+3+1+MAXHOSTNAMELEN+1+NI_MAXSERV]; /* @proto46://[hostname]:servname\0 */ struct sockaddr_storage f_addr; + struct bufferevent *f_bufev; + int f_fd; } f_forw; /* forwarding address */ charf_fname[MAXPATHLEN]; struct { @@ -170,16 +173,17 @@ int repeatinterval[] = { 30, 120, 600 }; #define F_FILE 1 /* regular file */ #define F_TTY 2 /* terminal */ #define F_CONSOLE 3 /* console terminal */ -#define F_FORW 4 /* remote machine */ +#define F_FORWUDP 4 /* remote machine via UDP */ #define F_USERS5 /* list of users */ #define F_WALL 6 /* everyone logged on */ #define F_MEMBUF 7 /* memory buffer */ #define F_PIPE 8 /* pipe to external program */ +#define F_FORWTCP
Re: syslogd sending via tcp
minimal man page adaption: Index: syslog.conf.5 === RCS file: /cvs/src/usr.sbin/syslogd/syslog.conf.5,v retrieving revision 1.26 diff -u -r1.26 syslog.conf.5 --- syslog.conf.5 25 Aug 2014 20:25:46 - 1.26 +++ syslog.conf.5 28 Dec 2014 16:53:17 - @@ -227,8 +227,8 @@ and .Ql ]\ .Pc . -A prefix udp4:// or udp6:// in front of the hostname and after the -at sign will force IPv4 or IPv6 addresses for UDP transport. +A prefixed udp4://, udp6://, tcp4:// or tcp6:// in front of the hostname and +after the at sign will force IPv4 or IPv6 addresses for UDP or TCP transport. .It A comma separated list of users. Selected messages are written to those users
Re: syslogd sending via tcp
On Sun, Dec 28, 2014 at 05:33:08PM +0100, Alexander Bluhm wrote: Jasper tested and found that it only worked on loopback. I have forgotten to check for EINPROGRESS after connect. So here is a new diff. bluhm Succesfully tested now with a remote logstash host. Index: privsep.c === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/privsep.c,v retrieving revision 1.48 diff -u -p -r1.48 privsep.c --- privsep.c 5 Oct 2014 18:14:01 - 1.48 +++ privsep.c 28 Dec 2014 15:48:51 - @@ -317,17 +317,34 @@ priv_init(char *conf, int numeric, int l servname[servname_len - 1] = '\0'; memset(hints, 0, sizeof(hints)); - if (strcmp(protoname, udp) == 0) { + switch (strlen(protoname)) { + case 3: hints.ai_family = AF_UNSPEC; - } else if (strcmp(protoname, udp4) == 0) { - hints.ai_family = AF_INET; - } else if (strcmp(protoname, udp6) == 0) { - hints.ai_family = AF_INET6; + break; + case 4: + switch (protoname[3]) { + case '4': + hints.ai_family = AF_INET; + break; + case '6': + hints.ai_family = AF_INET6; + break; + default: + errx(1, bad ip version %s, protoname); + } + break; + default: + errx(1, bad protocol length %s, protoname); + } + if (strncmp(protoname, udp, 3) == 0) { + hints.ai_socktype = SOCK_DGRAM; + hints.ai_protocol = IPPROTO_UDP; + } else if (strncmp(protoname, tcp, 3) == 0) { + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; } else { errx(1, unknown protocol %s, protoname); } - hints.ai_socktype = SOCK_DGRAM; - hints.ai_protocol = IPPROTO_UDP; i = getaddrinfo(hostname, servname, hints, res0); if (i != 0 || res0 == NULL) { addr_len = 0; Index: syslogd.c === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v retrieving revision 1.136 diff -u -p -r1.136 syslogd.c --- syslogd.c 10 Dec 2014 19:42:14 - 1.136 +++ syslogd.c 28 Dec 2014 16:25:55 - @@ -50,13 +50,14 @@ * extensive changes by Ralph Campbell * more extensive changes by Eric Allman (again) * memory buffer logging by Damien Miller - * IPv6, libevent by Alexander Bluhm + * IPv6, libevent, sending via TCP by Alexander Bluhm */ #define MAXLINE 1024/* maximum line length */ #define MIN_MEMBUF (MAXLINE * 4) /* Minimum memory buffer size */ #define MAX_MEMBUF (256 * 1024)/* Maximum memory buffer size */ #define MAX_MEMBUF_NAME 64 /* Max length of membuf log name */ +#define MAX_TCPBUF (256 * 1024)/* Maximum tcp event buffer size */ #define MAXSVLINE 120 /* maximum saved line length */ #define DEFUPRI (LOG_USER|LOG_NOTICE) #define DEFSPRI (LOG_KERN|LOG_CRIT) @@ -132,6 +133,8 @@ struct filed { charf_loghost[1+4+3+1+MAXHOSTNAMELEN+1+NI_MAXSERV]; /* @proto46://[hostname]:servname\0 */ struct sockaddr_storage f_addr; + struct bufferevent *f_bufev; + int f_fd; } f_forw; /* forwarding address */ charf_fname[MAXPATHLEN]; struct { @@ -170,16 +173,17 @@ int repeatinterval[] = { 30, 120, 600 }; #define F_FILE 1 /* regular file */ #define F_TTY2 /* terminal */ #define F_CONSOLE3 /* console terminal */ -#define F_FORW 4 /* remote machine */ +#define F_FORWUDP4 /* remote machine via UDP */ #define F_USERS 5 /* list of users */ #define F_WALL 6 /* everyone logged on */ #define F_MEMBUF 7 /* memory buffer */ #define F_PIPE 8 /* pipe