From owner-freebsd-hackers Sun Apr 13 16:32:57 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA00269 for hackers-outgoing; Sun, 13 Apr 1997 16:32:57 -0700 (PDT) Received: from awfulhak.demon.co.uk (awfulhak.demon.co.uk [158.152.17.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA00263 for ; Sun, 13 Apr 1997 16:32:50 -0700 (PDT) Received: from awfulhak.demon.co.uk (localhost.lan.awfulhak.org [127.0.0.1]) by awfulhak.demon.co.uk (8.8.5/8.8.5) with ESMTP id AAA27393; Mon, 14 Apr 1997 00:29:46 +0100 (BST) Message-Id: <199704132329.AAA27393@awfulhak.demon.co.uk> X-Mailer: exmh version 1.6.9 8/22/96 To: Giles Lean cc: Brian Somers , Terry Lambert , brian@utell.co.uk, freebsd-hackers@freebsd.org Subject: Re: syslogd watching other machine(s) In-reply-to: Your message of "Tue, 08 Apr 1997 08:20:18 +1000." <199704072220.IAA01474@topaz.nemeton.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Date: Mon, 14 Apr 1997 00:29:45 +0100 From: Brian Somers Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by freefall.freebsd.org id QAA00265 Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > On Mon, 07 Apr 1997 20:19:51 +0100 Brian Somers wrote: > > > > If a machine is the loghost for another machine, it should not be > > > permitted to delegate. > > > > Maybe not, but as it does, we can't "undo" that ability. What if > > someone is using this "feature" as an ability to proxy syslog messages ? > > Fix it anyway. If you are worried about breakage then make proxying a > command line option, and note that breaking loops is left to the > administrator. > > Giles Hmmm, things are a bit more difficult. If A logs something to B and B wants to log that something to A, we can recognise this fact, but what do we do with the message ? Maybe a better solution is similar to the ! stuff. We could have a "section" seperator of @ like this: *.err;kern.debug;auth.notice;mail.crit /dev/console *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages ..... !ftpd *.* /var/log/ftpd.log !dhcpdb *.* /var/log/dhcpdb.log @my.other.host *.err;kern.debug;auth.notice;mail.crit /dev/console *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages ..... Any comments ? -- Brian , Don't _EVER_ lose your sense of humour....