Project

General

Profile

Actions

Feature #11562

closed

Syslog should not require binding to interface for remote logging

Added by Ter Ted 11 months ago. Updated 11 months ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
-
Start date:
02/27/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

As of now, it is not possible to log to remote server without binding syslog to local interface. This shouldn't be required - for log forwarding syslog acts only as a client, not a server. Now it is not possible to set syslog-ng daemon from package to bind on port 514 and at the same time have log fowarding enabled.

Actions #1

Updated by Jim Pingle 11 months ago

  • Status changed from New to Rejected

It's to set the source address of the syslog traffic, not to bind the server. It's necessary for things like tunnel mode IPsec where otherwise the syslog traffic will never enter the tunnel.

You can set it to "Default (any)" and it doesn't bind to a specific interface.

Actions #2

Updated by Ter Ted 11 months ago

Jim Pingle wrote:

It's to set the source address of the syslog traffic, not to bind the server. It's necessary for things like tunnel mode IPsec where otherwise the syslog traffic will never enter the tunnel.

You can set it to "Default (any)" and it doesn't bind to a specific interface.

This is not true, please have a look at reopened issue for details https://redmine.pfsense.org/issues/11577

Actions #3

Updated by Jim Pingle 11 months ago

It is true as worded ("Any" is not "a specific interface").

Actions

Also available in: Atom PDF