diff options
author | phk <phk@FreeBSD.org> | 1998-04-24 17:32:23 +0000 |
---|---|---|
committer | phk <phk@FreeBSD.org> | 1998-04-24 17:32:23 +0000 |
commit | 8ad123ff436b7bee8137d217be61d1962c7542ea (patch) | |
tree | dd9b3bfca8ac6b10337b0607eff61b2085df8d85 /usr.sbin/syslogd/syslogd.c | |
parent | 26af1f200ea7f0c49a569c3054703f34dd0206c1 (diff) | |
download | FreeBSD-src-8ad123ff436b7bee8137d217be61d1962c7542ea.zip FreeBSD-src-8ad123ff436b7bee8137d217be61d1962c7542ea.tar.gz |
Augment the last change after some deliberation with rgrimes & peter.
It is important that we keep the ability to send packets to a remote
server and that the packets come from our well-known port, also in
that case.
Reviewed by: peter, rgrimes.
Diffstat (limited to 'usr.sbin/syslogd/syslogd.c')
-rw-r--r-- | usr.sbin/syslogd/syslogd.c | 54 |
1 files changed, 31 insertions, 23 deletions
diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index f52ff04..7985aee 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; #endif static const char rcsid[] = - "$Id: syslogd.c,v 1.28 1998/02/28 15:14:00 jraynard Exp $"; + "$Id: syslogd.c,v 1.29 1998/04/22 06:28:18 phk Exp $"; #endif /* not lint */ /* @@ -247,7 +247,8 @@ int LogPort; /* port number for INET connections */ int Initialized = 0; /* set when we have initialized ourselves */ int MarkInterval = 20 * 60; /* interval between marks in seconds */ int MarkSeq = 0; /* mark sequence number */ -int SecureMode = 0; /* when true, speak only unix domain socks */ +int SecureMode = 0; /* when true, receive only unix domain socks */ +int Vogons = 0; /* packets arriving in SecureMode */ int created_lsock = 0; /* Flag if local socket created */ char bootfile[MAXLINE+1]; /* booted kernel file */ @@ -366,29 +367,28 @@ main(argc, argv) created_lsock = 1; inetm = 0; - if (!SecureMode) { - finet = socket(AF_INET, SOCK_DGRAM, 0); - if (finet >= 0) { - struct servent *sp; - - sp = getservbyname("syslog", "udp"); - if (sp == NULL) { - errno = 0; - logerror("syslog/udp: unknown service"); + finet = socket(AF_INET, SOCK_DGRAM, 0); + if (finet >= 0) { + struct servent *sp; + + sp = getservbyname("syslog", "udp"); + if (sp == NULL) { + errno = 0; + logerror("syslog/udp: unknown service"); + die(0); + } + memset(&sin, 0, sizeof(sin)); + sin.sin_family = AF_INET; + sin.sin_port = LogPort = sp->s_port; + + if (bind(finet, (struct sockaddr *)&sin, sizeof(sin)) < 0) { + logerror("bind"); + if (!Debug) die(0); - } - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - sin.sin_port = LogPort = sp->s_port; - - if (bind(finet, (struct sockaddr *)&sin, sizeof(sin)) < 0) { - logerror("bind"); - if (!Debug) - die(0); - inetm = FDMASK(finet); - } + inetm = FDMASK(finet); } } + if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) >= 0) klogm = FDMASK(fklog); else { @@ -456,7 +456,15 @@ main(argc, argv) len = sizeof(frominet); i = recvfrom(finet, line, MAXLINE, 0, (struct sockaddr *)&frominet, &len); - if (i > 0) { + if (SecureMode) { + Vogons++; + if (Vogons & (Vogons + 1)) { + (void)snprintf(line, sizeof line, +"syslogd: discarded %d unwanted packets in secure mode", Vogons); + logmsg(LOG_SYSLOG|LOG_AUTH, line, + LocalHostName, ADDDATE); + } + } else if (i > 0) { line[i] = '\0'; hname = cvthname(&frominet); if (validate(&frominet, hname)) |