Date: Wed, 22 Apr 1998 22:05:34 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Peter Wemm <peter@netplex.com.au> Cc: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>, cvs-committers@freebsd.org, cvs-all@freebsd.org, cvs-usrsbin@freebsd.org, soren@dt.dk Subject: Re: cvs commit: src/usr.sbin/syslogd syslogd.c Message-ID: <4708.893275534@critter.freebsd.dk> In-Reply-To: Your message of "Thu, 23 Apr 1998 03:54:21 %2B0800." <199804221954.DAA12177@spinner.netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
>> I would think that all securemode should do would be to not include the >> fd in what select is watching, but the code before this change also >> diked out the bind, so you wouldn't know what port you would be sending >> syslog messages from, making ipfw unable to decide if the message came >> from syslogd or some random user... > >Securemode stops the bind() and the select(). ipfw is irrelevant in >-s mode since it doesn't receive data. The socket is only used for >sendto(). It's created and kept around so that syslogd can't ever get >stuck trying to send a critical log message over the network but fail >because all fd's are in use. I'm talking about the ipfw at the remote master server... If the subordinate syslogds doesn't do a bind to the canonical port, you have no way of knowing that you got the packet from a syslogd... -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." "ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4708.893275534>