Marcin Szewczyk, Wodny wrote: > Package: rsyslog > Version: 4.2.0-2 > Severity: important > > $ActionSendStreamDriverPermittedPeer is used to narrow the list of hosts we > are allowed to talk to. > > When using config like this: > $ActionSendStreamDriver host1.domain1 > :programname, isequal, "randomtag" @@host1.domain1:1000 > & @@host2.domain2:2000 > & ~ > > rsyslog seems to send messages to host2.domain2, although it's not on the > [...]PermittedPeer list. >
Hi Marcin, could you attach both your server and client configuration rsyslog.conf configuration file. Afaik $ActionSendStreamDriverPermittedPeer only really makes sense when used together with TLS. I've CCed Rainer for more input as the documentation for $ActionSendStreamDriverPermittedPeer is a bit scarce. It only says * $ActionSendStreamDriverPermittedPeer <ID>, accepted fingerprint (SHA1) or name of remote peer (driver-specific) - directive may go away! Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature

