Re: bin/44671: syslogd sends udp dgrams from port 65534

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,gabor%berczi.be@localhost
Subject: Re: bin/44671: syslogd sends udp dgrams from port 65534
From: Takahiro Kambe <taca%back-street.net@localhost>
Date: Thu, 3 Mar 2011 08:30:05 +0000 (UTC)

The following reply was made to PR bin/44671; it has been noted by GNATS.

From: Takahiro Kambe <taca%back-street.net@localhost>
To: gnats-bugs%NetBSD.org@localhost, gabor%berczi.be@localhost
Cc: 
Subject: Re: bin/44671: syslogd sends udp dgrams from port 65534
Date: Thu, 03 Mar 2011 17:27:48 +0900 (JST)

 In message <6CBC89D1-E533-4958-96A5-A43450B3DD25%berczi.be@localhost>
        on Thu, 3 Mar 2011 09:09:45 +0100,
        Berczi Gabor <gabor%berczi.be@localhost> wrote:
 >> What is the rule?  It is up to you that creating rejecting rule (of IP
 >> Filter?).
 > 
 > There is no rule, this is a (remote) syslogd debug message.
 Aha!
 
 >> Do you expect that syslogd send from syslog port?
 > 
 > Yes.
 Your expectation isn't correct.  RFC5426 "Transmission of Syslog
 Messages over UDP" says:
 
    3.3.  Source and Target Ports
 
       Syslog receivers MUST support accepting syslog datagrams on the well-
       known UDP port 514, but MAY be configurable to listen on a different
       port.  Syslog senders MUST support sending syslog message datagrams
       to the UDP port 514, but MAY be configurable to send messages to a
       different port.  Syslog senders MAY use any source UDP port for
       transmitting messages.
 
 And old RFC3164 also says:
 
    2. Transport Layer Protocol
 
       syslog uses the user datagram protocol (UDP) [1] as its underlying
       transport layer mechanism.  The UDP port that has been assigned to
       syslog is 514.  It is RECOMMENDED that the source port also be 514 to
       indicate that the message is from the syslog process of the sender,
       but there have been cases seen where valid syslog messages have come
       from a sender with a source port other than 514.  If the sender uses
       a source port other than 514 then it is RECOMMENDED and has been
       considered to be good form that subsequent messages are from a single
       consistent port.
 
 Both suggests using sender's port to UDP/514 but not mandated.  So,
 you would need to change this PR to be:
 
 - withdrawed.
 - changed to request adding a option to bind source port to UDP/514.
 
 Best regards.
 
 -- 
 Takahiro Kambe <taca%back-street.net@localhost>

Follow-Ups:
- Re: bin/44671: syslogd sends udp dgrams from port 65534
  - From: Berczi Gabor
- re: bin/44671: syslogd sends udp dgrams from port 65534
  - From: matthew green

Prev by Date: Re: bin/44671: syslogd sends udp dgrams from port 65534
Next by Date: re: bin/44671: syslogd sends udp dgrams from port 65534
Previous by Thread: Re: bin/44671: syslogd sends udp dgrams from port 65534
Next by Thread: re: bin/44671: syslogd sends udp dgrams from port 65534
Indexes:

Home | Main Index | Thread Index | Old Index