From e6b741a59c1d470ddfe830551d4759cb3d0c5856 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Thu, 10 Jan 2013 13:58:44 -0500
Subject: Put syslogd into secure mode so no remote log messages are accepted.
 Sending to a remote syslog server still works with this option.

---
 etc/inc/system.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index 9c178f7..037bc27 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -586,9 +586,9 @@ EOD;
 
 		// Are we logging to a least one remote server ?
 		if(strpos($syslogconf, "@") != false)
-			$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
+			$retval = mwexec_bg("/usr/sbin/syslogd -s -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
 		else {
-			$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
+			$retval = mwexec_bg("/usr/sbin/syslogd -s -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
 		}
 
 	} else {
-- 
cgit v1.1