From owner-freebsd-bugs@FreeBSD.ORG Tue Dec 20 19:10:09 2011 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F33C8106564A for ; Tue, 20 Dec 2011 19:10:08 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C375B8FC14 for ; Tue, 20 Dec 2011 19:10:08 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id pBKJA8eP038466 for ; Tue, 20 Dec 2011 19:10:08 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id pBKJA8je038465; Tue, 20 Dec 2011 19:10:08 GMT (envelope-from gnats) Resent-Date: Tue, 20 Dec 2011 19:10:08 GMT Resent-Message-Id: <201112201910.pBKJA8je038465@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 06AF31065670 for ; Tue, 20 Dec 2011 19:06:30 +0000 (UTC) (envelope-from root@claimlynx.com) Received: from alcatraz.claimlynx.com (alcatraz.claimlynx.com [216.17.83.245]) by mx1.freebsd.org (Postfix) with ESMTP id D66EB8FC12 for ; Tue, 20 Dec 2011 19:06:29 +0000 (UTC) Received: from leopard.claimlynx.com (leopard.claimlynx.com [216.17.68.149]) by alcatraz.claimlynx.com (Postfix) with ESMTP id 0851D1CC1C for ; Tue, 20 Dec 2011 13:06:29 -0600 (CST) Received: by leopard.claimlynx.com (Postfix, from userid 0) id F2335358D0F; Tue, 20 Dec 2011 13:06:28 -0600 (CST) Message-Id: <20111220190628.F2335358D0F@leopard.claimlynx.com> Date: Tue, 20 Dec 2011 13:06:28 -0600 (CST) From: Thomas Johnson To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: bin/163487: syslog.conf filtering syntax broken in 9.0-RC3 (was working in 8.2) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: root@claimlynx.com List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Dec 2011 19:10:09 -0000 >Number: 163487 >Category: bin >Synopsis: syslog.conf filtering syntax broken in 9.0-RC3 (was working in 8.2) >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 20 19:10:08 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Thomas Johnson >Release: FreeBSD 9.0-RC3 amd64 >Organization: ClaimLynx, Inc. >Environment: System: FreeBSD blackbox-1.ply.claimlynx.com 9.0-RC3 FreeBSD 9.0-RC3 #1 r228280: Mon Dec 5 18:40:33 PST 2011 root@build9x64.pcbsd.org:/usr/obj/storage/fbsd-sources/9.0/sys/GENERIC amd64 >Description: When specifying multiple hostnames on a filter line in /etc/syslog.conf, syslogd seems to not correctly log syslog messages sent from the listed hosts (or at least the first-listed). As an example, here is a snippet of the syslog.conf file as configured (and working) on FreeBSD 8.2 i386. === syslog.conf snip === +shawshank-1.ply.claimlynx.com,shawshank-2.ply.claimlynx.com !wan_checker *.* /var/log/wan_checker.log +* !* === end snip === I recently rebuilt this host, using 9.0-RC3 amd64 (fwiw, PC-BSD install media). I restored the syslog.conf file directly from backups, but with 9.0, messages that correspond to this combination of host/prog filters are never logged to the file. When running syslogd manually with debugging, I get the following output. It appears that the message is received from the remote host, but not written to the log file. === debug output === cvthname(10.0.0.252) validate: dgram from IP 10.0.0.252, port 514, name shawshank-1.ply.claimlynx.com; accepted in rule 0. logmsg: pri 206, flags 0, from shawshank-1, msg Dec 20 12:57:38 wan_checker[35617]: WAN checking loop wakes up at Tue Dec 20 12:57:38 2011 === end debug ==== >How-To-Repeat: Add multiple hostnames to a filter, per the syntax in syslog.conf(5). >Fix: By rewriting syslog.conf to avoid multiple host filters, syslogd seems to content to do the right thing. The configuration snippet from the Description has been rewritten like so. === syslog.conf snip === !wan_checker +shawshank-2.ply.claimlynx.com *.* /var/log/wan_checker.log +* +shawshank-1.ply.claimlynx.com *.* /var/log/wan_checker.log +* !* === end snip === This results in a successful write to the log file === debug output === cvthname(10.0.0.252) validate: dgram from IP 10.0.0.252, port 514, name shawshank-1.ply.claimlynx.com; accepted in rule 0. logmsg: pri 206, flags 0, from shawshank-1, msg Dec 20 13:04:20 wan_checker[35617]: WAN checking loop wakes up at Tue Dec 20 13:04:20 2011 Logging to FILE /var/log/wan_checker.log === end debug === >Release-Note: >Audit-Trail: >Unformatted: