Here is my server conf file: global(defaultNetStreamDriver="ptcp")
On Wed, May 29, 2024 at 12:12 PM David Lang <da...@lang.hm> wrote: > you still have some encryption settings left in the file, please post your > full > config again so we can see what you have left. > > I already posted the minimal config that removed all the encryption > settings. > > David Lang > > On Wed, 29 May 2024, Kathy Lyons wrote: > > > Date: Wed, 29 May 2024 06:35:44 -0400 > > From: Kathy Lyons <lyonsf...@gmail.com> > > To: Rainer Gerhards <rgerha...@hq.adiscon.com> > > Cc: rsyslog-users <rsyslog@lists.adiscon.com>, David Lang <da...@lang.hm > > > > Subject: Re: [rsyslog] unencrypted rsyslog through a wireguard terminal > > > > Thanks. I have removed that line from my files. When I restart > rsyslog, I > > get this error: > > > > * authentication not supported by ptcp netstream driver.* > > > > Are there other lines I should remove? Is the ptcp netstream driver the > > default? > > > > David, when I run tcpdump for the port 12345 on both client and server I > > see data on both devices. Do I not need a TCP connection data for both > the > > client and server? > > > > On Wed, May 29, 2024 at 5:45 AM Rainer Gerhards < > rgerha...@hq.adiscon.com> > > wrote: > > > >> Mode 0 indeed does turn any encryption off. It's primarily there for > >> technical reasons, and it is the default. > >> > >> I strongly advise against defining encryption settings and then > >> disabling them this way. > >> > >> Rainer > >> > >> El mié, 29 may 2024 a las 11:26, David Lang via rsyslog > >> (<rsyslog@lists.adiscon.com>) escribió: > >>> > >>> On Wed, 29 May 2024, Kathy Lyons wrote: > >>> > >>>> which part sets encryption? I thought these options set encryption to > >> 0, > >>>> or disabled. > >>> > >>> leave out all the encryption settings to have them be disabled, setting > >> the mode > >>> to anon turns on encryption, but accepting any cert. > >>> > >>> David Lang > >>> > >>>> On Tue, May 28, 2024 at 6:09 PM David Lang <da...@lang.hm> wrote: > >>>> > >>>>> On Tue, 28 May 2024, Kathy Lyons wrote: > >>>>> > >>>>> > >>>>> let's simplify this to the minimum needed > >>>>> > >>>>>> *Server** > >>>>>> > >>>>>> # I've tried both with and without the line below > >>>>>> $ModLoad imtcp > >>>>>> $InputTCPServerRun 12345 > >>>>>> $template LDSTag, "<%PRI>%TIMESTAMP [nameofsystem] %syslog% %msg%" > >>>>>> # 10.50.x.x is where the server sends its local data and that of the > >>>>> clients via udp port 514 > >>>>>> if $fromhost-ip <> '127.0.0.1' then @10.50.x.x;LDSTag > >>>>>> &stop > >>>>>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.* > >>>>> @10.50.x.x;LDSTag > >>>>>> > >>>>>> > >>>>>> **Client** > >>>>>> > >>>>>> *#*I've tried both with and without the line below > >>>>>> $ModLoad imtcp > >>>>>> $template LDSTag,"<%PRI>%TIMESTAMP [PUBLIC_IP] %syslog% %msg%" > >>>>>> #Send Settings > >>>>>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.* > >>>>>> @@10.10.10.10.1:12345;LDSTmpl > >>>>> > >>>>> also note that the format of setting a bunch of $foo lines that then > >>>>> affect > >>>>> future lines is discouraged, it's better to use the newer action() > >> syntax > >>>>> that > >>>>> sets all those things explicitly in the one place. > >>>>> > >>>>> David Lang > >>>>> > >>>>>> > >>>>>> On 5/28/2024 5:42 PM, David Lang wrote: > >>>>>>> your message is badly linewrapped, can you please try again? > >>>>>>> > >>>>>>> also note that while you can ping between the systems, that doesn't > >>>>> mean > >>>>>>> that port 514 (TCP or UDP) can get through, either due to firewalls > >> at > >>>>> the > >>>>>>> network layer or iptables on the systems > >>>>>>> > >>>>>>> David Lang > >>>>>>> > >>>>>> > >>>>> > >>>> > >>> _______________________________________________ > >>> rsyslog mailing list > >>> https://lists.adiscon.net/mailman/listinfo/rsyslog > >>> http://www.rsyslog.com/professional-services/ > >>> What's up with rsyslog? Follow https://twitter.com/rgerhards > >>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad > >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >> DON'T LIKE THAT. > >> > > _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
