From owner-freebsd-hackers Mon Apr 7 14:45:59 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA15610 for hackers-outgoing; Mon, 7 Apr 1997 14:45:59 -0700 (PDT) Received: from awfulhak.demon.co.uk (awfulhak.demon.co.uk [158.152.17.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA15603 for ; Mon, 7 Apr 1997 14:45:54 -0700 (PDT) Received: from awfulhak.demon.co.uk (localhost.lan.awfulhak.org [127.0.0.1]) by awfulhak.demon.co.uk (8.8.5/8.8.5) with ESMTP id WAA02417; Mon, 7 Apr 1997 22:44:00 +0100 (BST) Message-Id: <199704072144.WAA02417@awfulhak.demon.co.uk> X-Mailer: exmh version 1.6.9 8/22/96 To: Terry Lambert cc: brian@awfulhak.org (Brian Somers), brian@utell.co.uk, freebsd-hackers@FreeBSD.org Subject: Re: syslogd watching other machine(s) In-reply-to: Your message of "Mon, 07 Apr 1997 13:07:17 PDT." <199704072007.NAA01953@phaeton.artisoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 07 Apr 1997 22:44:00 +0100 From: Brian Somers Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > > > Why are messages that come in from a non-local source being resent? > > > > > > If a machine is the loghost for another machine, it should not be > > > permitted to delegate. > > > > Maybe not, but as it does, we can't "undo" that ability. What if > > someone is using this "feature" as an ability to proxy syslog messages ? > > What if they do? Then they will need 'n' daemons for 'n' machines for > your "cluster notification" scenario. > > Eventually, you run out of ports. 8-|. > > > One quick way that will work for linear forward delegation and single > tier clustering would be to disallow repeating to the sender, but not > otherwise. Multitier clusters and circular forward delegation would > still run into "loop with hopcoung >= 2" problems. This isn't a bad idea. I wouldn't fret about eventually noticing loopbacks though. > > Maybe a better fix would be to deal with "multicast" issues using > "multicast" technology instead of kludges? I can't claim to know a great deal about multicast, so I don't see how this is relevent. We don't want to send stuff to more than one machine, and AFAIK, the mbone stuff is just "smart" encapsulation. > > Terry Lambert > terry@lambert.org > --- > Any opinions in this posting are my own and not those of my present > or previous employers. -- Brian , Don't _EVER_ lose your sense of humour....