Changelog for 3.20.3 (v3-stable)
Version 3.20.3 [v3-stable] (rgerhards), 2009-01-19
- doc bugfix: v3-compatiblity document had typo in config directive
thanks to Andrej for reporting this - fixed a potential segfault condition with $AllowedSender directive
On HUP, the root pointers were not properly cleaned up. Thanks to
Michael Biebel, olgoat, and Juha Koho for reporting and analyzing
the bug.
ChangeLog for 4.1.3 (devel)
Version 4.1.3 [DEVEL] (rgerhards), 2008-12-17
- added $InputTCPServerAddtlFrameDelimiter config directive, which
enables to specify an additional, non-standard message delimiter
for processing plain tcp syslog. This is primarily a fix for the invalid
framing used in Juniper’s NetScreen products. Credit to forum user
Arv for suggesting this solution. - added $InputTCPServerInputName property, which enables a name to be
specified that will be available during message processing in the
inputname property. This is considered useful for logic that treats
messages differently depending on which input received them. - added $PreserveFQDN config file directive
Enables to use FQDNs in sender names where the legacy default
would have stripped the domain part.
Thanks to BlinkMind, Inc. http://www.blinkmind.com for sponsoring this
development. - bugfix: imudp went into an endless loop under some circumstances
(but could also leave it under some other circumstances…)
Thanks to David Lang and speedfox for reporting this issue.
$AllowedSender not honored
A primitive way of access control is offered in rsyslog via the $AllowedSender configuration directive. It permits the operator to specify hosts from which messages are being accepted. If the directive is not specified, messages from all hosts are accepted. If it is, the set is limited to those senders that match the configured criteria (this can be network addresses or host name). Access control can be configured for UDP- based and TCP-based protocols independently.
Note that this directive may be used to simplify firewall setup, where the firewall permits incoming traffic from all remote machines on the port in question. Then rsyslog ACLs are used to control who is actually permitted. The down-side of this approach is that the packets reach rsyslog and any vulnerability in it can be exploited. Please note that UDP addresses can easily be spoofed (though thankfully not as easy any longer on the public Internet thanks to more careful configuration on most ISP’s side). So an IP-based access control does not work very well for UDP (neither at the firewall nor at the rsyslog level – but the firewall may have more options at hand, given its comparatively broad knowledge of the perimeter). Continue reading “$AllowedSender not honored”
ChangeLog for 3.21.8 (beta)
Version 3.21.8 [BETA] (rgerhards), 2008-12-04
- security bugfix: $AllowedSender was not honored, all senders were
permitted instead (see security advisory) - bugfix: imklog did not compile on FreeBSD
- merged in all other changes from 3.20.1 (see there)
ChangeLog for 3.20.2 (v3-stable)
Version 3.20.2 [v3-stable] (rgerhards), 2008-12-04
- re-release of 3.20.1 with an additional fix, that could also lead
to DoS; 3.20.1 has been removed from the official download archives - security fix: imudp emitted a message when a non-permitted sender
tried to send a message to it. This behaviour is operator-configurable.
If enabled, a message was emitted each time. That way an attacker could
effectively fill the disk via this facility. The message is now
emitted only once in a minute (this currently is a hard-coded limit,
if someone comes up with a good reason to make it configurable, we
will probably do that).
ChangeLog for 3.21.9 (beta)
Version 3.21.9 [BETA] (rgerhards), 2008-12-04
- re-release of 3.21.8 with an additional fix, that could also lead
to DoS; 3.21.8 has been removed from the official download archives - security fix: imudp emitted a message when a non-permitted sender
tried to send a message to it. This behaviour is operator-configurable.
If enabled, a message was emitted each time. That way an attacker could
effectively fill the disk via this facility. The message is now
emitted only once in a minute (this currently is a hard-coded limit,
if someone comes up with a good reason to make it configurable, we
will probably do that).
ChangeLog for 4.1.2 (devel)
Version 4.1.2 [DEVEL] (rgerhards), 2008-12-04
- bugfix: code did not compile without zlib
- security bugfix: $AllowedSender was not honored, all senders were
permitted instead (see http://www.rsyslog.com/Article322.phtml) - security fix: imudp emitted a message when a non-permitted sender
tried to send a message to it. This behaviour is operator-configurable.
If enabled, a message was emitted each time. That way an attacker could
effectively fill the disk via this facility. The message is now
emitted only once in a minute (this currently is a hard-coded limit,
if someone comes up with a good reason to make it configurable, we
will probably do that). - doc bugfix: typo in v3 compatibility document directive syntax
thanks to Andrej for reporting - imported other changes from 3.21.8 and 3.20.1 (see there)
ChangeLog for 4.0.1 (devel)
Version 4.1.0 [DEVEL] (rgerhards), 2008-11-18
********************************* WARNING ********************************* This version has a slightly different on-disk format for message entries. As a consequence, old queue files being read by this version may have an invalid output timestamp, which could result to some malfunction inside the output driver. It is recommended to drain queues with the previous version before switching to this one. ********************************* WARNING *********************************
- greatly enhanced performance when compared to v3.
- added configuration directive “HUPisRestart” which enables to configure
HUP to be either a full restart or “just” a leightweight way to
close open files. - enhanced legacy syslog parser to detect year if part of the timestamp
the format is based on what Cisco devices seem to emit. - added a setting “$OptimizeForUniprocessor” to enable users to turn off
pthread_yield calls which are counter-productive on multiprocessor
machines (but have been shown to be useful on uniprocessors) - reordered imudp processing. Message parsing is now done as part of main
message queue worker processing (was part of the input thread)
This should also improve performance, as potentially more work is
done in parallel. - bugfix: compressed syslog messages could be slightly mis-uncompressed
if the last byte of the compressed record was a NUL - added $UDPServerTimeRequery option which enables to work with
less acurate timestamps in favor of performance. This enables querying
of the time only every n-th time if imudp is running in the tight
receive loop (aka receiving messsages at a high rate) - doc bugfix: queue doc had wrong parameter name for setting controlling
worker thread shutdown period - restructured rsyslog.conf documentation
- bugfix: memory leak in ompgsql
Thanks to Ken for providing the patch
ChangeLog for 3.21.7 (beta)
Version 3.21.7 [BETA] (rgerhards), 2008-11-11
- this is the new beta branch, based on the former 3.21.6 devel
- new functionality: ZERO property replacer nomatch option (from v3-stable)
ChangeLog for 4.1.1 (devel)
Version 4.1.1 [DEVEL] (rgerhards), 2008-11-26
- added $PrivDropToGroup, $PrivDropToUser, $PrivDropToGroupID,
$PrivDropToUserID config directives to enable dropping privileges.
This is an effort to provide a security enhancement. For the limits of this
approach, see http://wiki.rsyslog.com/index.php/Security - re-enabled imklog to compile on FreeBSD (brought in from beta)