On Sat, Oct 09, 2021 at 01:01:14PM +0100, Stuart Henderson wrote: > The comments in etc/syslog.conf describe partially log-client setup > and partially log-host setup and use UDP. I think it would be better > to focus on "loghost-client" setup in the default config, the server > options needed seem better described in syslogd(8) than in comments in > syslog.conf. Since we have nice TLS features I think it makes sense to > advertise them here too, and remove the mention of ISDN which makes it > seem dated. > > any comments? OK?
OK bluhm@ > Index: syslog.conf > =================================================================== > RCS file: /cvs/src/etc/syslog.conf,v > retrieving revision 1.20 > diff -u -p -r1.20 syslog.conf > --- syslog.conf 27 Dec 2016 13:38:14 -0000 1.20 > +++ syslog.conf 9 Oct 2021 11:48:35 -0000 > @@ -22,13 +22,10 @@ mail.info > /var/log/maillog > # Everyone gets emergency messages. > #*.emerg * > > -# Uncomment to log to a central host named "loghost". You need to run > -# syslogd with the -u option on the remote host if you are using this. > -# (This is also required to log info from things like routers and > -# ISDN-equipment). If you run -u, you are vulnerable to syslog bombing, > -# and should consider blocking external syslog packets. > -#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost > -#auth,daemon,syslog,user.info;authpriv,kern.debug @loghost > +# Uncomment to log to a central host named "loghost" using syslog-tls. > +# Other protocols are available, see syslogd(8). > +#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @tls://loghost > +#auth,daemon,syslog,user.info;authpriv,kern.debug @tls://loghost > > # Uncomment to log messages from doas(1) to its own log file. Matches are > done > # based on the program name.
