On 17. Jun 2018, at 16:50, Gary Palmer <[email protected]> wrote:
> On Sun, Jun 17, 2018 at 04:27:33PM +0200, Michael Grimm wrote:
>> Host's syslogd can be reached from inside every jail, e.g.:
>>
>> jtest> nc -4vuw 1 10.x.y.z 514
>> Connection to 10.x.y.z 514 port [udp/syslog] succeeded!
>
> UDP is connectionless, so the client has no way of knowing if the
> connection succeeded or not. If you put in port 515 I suspect you'd
> get the same result from your 'nc' attempt.
You are right :-)
> Is syslogd on the host running with '-s'? If so, that'll stop it
> from accepting any remote log events.
No, syslogd at the host is running with the following flags only:
syslogd_flags="-vv -b 10.x.y.z -a 10.x.y.0/24"
All syslogd within jails (empty flags needed to prevent syslogd of opening
sockets) ...
syslogd_flags=""
… and /etc/syslog.conf with:
*.* @10.x.y.z
Regards,
Michael
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
