lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.2.02.1107021021090.26801@asgard.lang.hm>
Date:	Sat, 2 Jul 2011 10:23:23 -0700 (PDT)
From:	david@...g.hm
To:	Sri Ram Vemulpali <sri.ram.gmu06@...il.com>
cc:	linux-kernel-mail <linux-kernel@...r.kernel.org>,
	linux-newbie@...r.kernel.org
Subject: Re: Question on syslogd and syslog

the problem is that in the syslog spec, the facility and severity get 
combined into one 8 bit field (one of the two only has 12 values defined 
instead of 16, but I don't remember off the top of my head which one)

so extending this is creating a new protocol.

also, the reason I was talking about filtering is that other than 
filtering, what purpose is there in settng the facility?

David Lang

On Sat, 2 Jul 2011, Sri Ram Vemulpali wrote:

> Thanks for the replies. My question is more on how to extend
> facilities, rather on how to filter the messages. It seems there is a
> code in the toolchain syslog.h where the array representing the
> facilities needs to be extended. Please correct me if I am wrong.
>
> Sri.
>
> On Tue, Jun 28, 2011 at 3:41 PM,  <david@...g.hm> wrote:
>> you would be creating a completely different over-the-wire protocol for your
>> syslog messages.
>>
>> however, note that newer syslog daemons (syslog-ng and rsyslog for example)
>> allow you to do filtering on just about anything in the message, not just
>> the facility and severity.
>>
>> David Lang
>>
>> On Tue, 28 Jun 2011, Sri Ram Vemulpali wrote:
>>
>>> Date: Tue, 28 Jun 2011 14:11:59 -0400
>>> From: Sri Ram Vemulpali <sri.ram.gmu06@...il.com>
>>> To: linux-kernel-mail <linux-kernel@...r.kernel.org>,
>>>    linux-newbie@...r.kernel.org
>>> Subject: Question on syslogd and syslog
>>>
>>> Hello All,
>>>
>>>   I am looking to modify number of facilities available in syslog so
>>> that for my application I can have much more array of them at disposal
>>> of my need. So currently only LOG_LOCAL0 - LOG_LOCAL7 are defined for
>>> user, what if I want to extend them, is there a way I can extend them.
>>> Or should I go ahead and modify the source code of syslog. Can any
>>> please point me in right direction and where can I get syslogd and
>>> syslog source code. Thanks in advance.
>>>
>>>
>>
>
>
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ