diff --git a/README.md b/README.md index e503f2c..8d7f9a6 100644 --- a/README.md +++ b/README.md @@ -59,6 +59,7 @@ Main differences from the original sysklogd package are: - Full [RFC3164][] and [RFC5424][] support - Includes timestamp and hostname, RFC3164 style, in remote logging - Support for sending RFC5424 style remote syslog messages +- Support for sending messages to a custom port on a remote server - Includes a `logger` tool with RFC5424 capabilities (`msgid` etc.) - Includes a library and system header replacement for logging - FreeBSD socket receive buffer size patch diff --git a/docs/TODO.org b/docs/TODO.org index e716b61..b628ed2 100644 --- a/docs/TODO.org +++ b/docs/TODO.org @@ -3,7 +3,7 @@ ** sysklogd v2.0 -*** TODO Add support for @host:port, i.e. custom remote port to send to +*** DONE Add support for @host:port, i.e. custom remote port to send to *** DONE Add example application, test building and running it from Travis-CI *** DONE Check for memory/descriptor leaks, valgrind/Coverity diff --git a/man/syslog.conf.5 b/man/syslog.conf.5 index 844b09e..1bc9402 100644 --- a/man/syslog.conf.5 +++ b/man/syslog.conf.5 @@ -49,7 +49,7 @@ RULE := SELECTOR ACTION [;OPTION] SELECTOR := [SELECTOR;]facility[,facility].[!=]severity ACTION := /path/to/file |= |/path/to/named/pipe - |= @remote[.host.tld] + |= @remote[.host.tld][:PORT] OPTION := [OPTION,] |= RFC3164 |= RFC5424 @@ -276,7 +276,9 @@ Full remote logging support is available in .Nm syslogd , i.e. to send messages to a remote syslog server, and and to receive messages from remote hosts. To forward messages to another host, -prepend the hostname with the at sign ('@'). +prepend the hostname with the at sign ('@'). If a port number is added +after a colon (':') then that port will be used as the destination port +rather than the usual syslog port. .Pp This feature makes it possible to collect all syslog messages in a network on a central host. This reduces administration needs and @@ -488,13 +490,15 @@ command line option, *.*;kern.none -/var/log/messages ;rotate=100k:10 .Ed .Ss Logging to Remote Syslog Server -This rule redirects all messages to a remote host called -.Ql finlandia -with RFC5424 style formatting. This is useful especially in a cluster -of machines where all syslog messages will be stored on only one -machine. +This rule redirects all messages to one remote host called +.Ql finlandia , +with RFC5424 style formatting, and another remote host called +.Ql sibelius , +but on a non-standard port and with RFC3164 formatting (i.e., +including timestamp and hostname). .Bd -literal -offset indent *.* @finlandia ;RFC5424 +*.* @sibelius:5514 ;RFC3164 .Ed .Sh FILES .Bl -tag -compact -width /etc/syslog.d/*.conf diff --git a/src/syslogd.c b/src/syslogd.c index e4d8170..90b72a9 100644 --- a/src/syslogd.c +++ b/src/syslogd.c @@ -1612,7 +1612,7 @@ void fprintlog(struct filed *f, struct buf_msg *buffer) f->f_type = F_FORW; goto f_forw; } else { - logit(" %s\n", f->f_un.f_forw.f_hname); + logit(" %s:%s\n", f->f_un.f_forw.f_hname, f->f_un.f_forw.f_serv); logit("Forwarding suspension not over, time left: %d.\n", INET_SUSPEND_TIME - fwd_suspend); } @@ -1627,15 +1627,16 @@ void fprintlog(struct filed *f, struct buf_msg *buffer) * is started after syslogd. */ case F_FORW_UNKN: - logit(" %s\n", f->f_un.f_forw.f_hname); + logit(" %s:%s\n", f->f_un.f_forw.f_hname, f->f_un.f_forw.f_serv); fwd_suspend = time(NULL) - f->f_time; if (fwd_suspend >= INET_SUSPEND_TIME) { - char *host = f->f_un.f_forw.f_hname;; + char *host = f->f_un.f_forw.f_hname; + char *serv = f->f_un.f_forw.f_serv; - logit("Forwarding suspension to %s over, retrying\n", host); - err = nslookup(host, service, &ai); + logit("Forwarding suspension to %s:%s over, retrying\n", host, serv); + err = nslookup(host, serv, &ai); if (err) { - logit("Failure resolving %s:%s: %s\n", host, service, gai_strerror(err)); + logit("Failure resolving %s:%s: %s\n", host, serv, gai_strerror(err)); logit("Retries: %d\n", f->f_prevcount); if (--f->f_prevcount < 0) { flog(LOG_SYSLOG | LOG_WARN, "Still cannot find %s, " @@ -1667,7 +1668,7 @@ void fprintlog(struct filed *f, struct buf_msg *buffer) * sent the message, we don't send it anyway) -Joey */ f_forw: - logit(" %s\n", f->f_un.f_forw.f_hname); + logit(" %s:%s\n", f->f_un.f_forw.f_hname, f->f_un.f_forw.f_serv); if (strcmp(buffer->hostname, LocalHostName) && NoHops) logit("Not sending message to remote.\n"); else if (finet) { @@ -2598,10 +2599,17 @@ static struct filed *cfline(char *line) case '@': cfopts(p, f); - strlcpy(f->f_un.f_forw.f_hname, ++p, sizeof(f->f_un.f_forw.f_hname)); - logit("forwarding host: '%s'\n", p); /*ASP*/ + bp = strchr(++p, ':'); + if (bp) + *bp++ = 0; + else + bp = service; - err = nslookup(p, service, &ai); + strlcpy(f->f_un.f_forw.f_hname, p, sizeof(f->f_un.f_forw.f_hname)); + strlcpy(f->f_un.f_forw.f_serv, bp, sizeof(f->f_un.f_forw.f_serv)); + logit("forwarding host: '%s:%s'\n", p, bp); + + err = nslookup(p, bp, &ai); if (err) { flog(LOG_SYSLOG | LOG_WARN, "Cannot find %s, " "will try again later: %s", p, gai_strerror(err)); diff --git a/src/syslogd.h b/src/syslogd.h index 9e73921..172c3e7 100644 --- a/src/syslogd.h +++ b/src/syslogd.h @@ -191,6 +191,7 @@ struct filed { char f_uname[MAXUNAMES][UNAMESZ + 1]; struct { char f_hname[MAXHOSTNAMELEN + 1]; + char f_serv[20]; struct addrinfo *f_addr; } f_forw; /* forwarding address */ char f_fname[MAXFNAME];