I did not use your configs as they are not displayed in my email. Is there
a way to view them via a web browser?
On Thu, May 30, 2024 at 6:01 AM Kathy Lyons <lyonsf...@gmail.com> wrote:
> Sorry - hit send by mistake before.
>
> Here is server conf file:
>
> global(defaultNetStreamDriver="ptcp"
> $InputTCPServerRun 12345
>
> $template LDSTag,"<%PRI%>%TIMESTAMP% [nameofsystem] %syslogtag% %msg%"
>
> if $fromhost-ip <> '127.0.0.1' then {
> @10.x.x.x:LDSTAG
> stop
> }
> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.*;local5.*
> @10.x.x.x;LDSTag
>
> Client config:
>
> global(defaultNetStreamDriver="ptcp" )
> $ActionSendStreamDriverPermittedPeer 10.10.10.1 #wg server ip
> $template LDCTmpl,"<%PRI%>%TIMESTAMP:::date-rfc3339% [HOSTNAME]
> %syslogtag%%msg%"
> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.*;local5.*
> @10.10.10.1:12345;LDCTmpl
>
>
>
>
>
>
> On Thu, May 30, 2024 at 5:38 AM Kathy Lyons <lyonsf...@gmail.com> wrote:
>
>> Here is my server conf file:
>>
>> global(defaultNetStreamDriver="ptcp")
>>
>>
>> On Wed, May 29, 2024 at 12:12 PM David Lang <da...@lang.hm> wrote:
>>
>>> you still have some encryption settings left in the file, please post
>>> your full
>>> config again so we can see what you have left.
>>>
>>> I already posted the minimal config that removed all the encryption
>>> settings.
>>>
>>> David Lang
>>>
>>> On Wed, 29 May 2024, Kathy Lyons wrote:
>>>
>>> > Date: Wed, 29 May 2024 06:35:44 -0400
>>> > From: Kathy Lyons <lyonsf...@gmail.com>
>>> > To: Rainer Gerhards <rgerha...@hq.adiscon.com>
>>> > Cc: rsyslog-users <rsyslog@lists.adiscon.com>, David Lang <
>>> da...@lang.hm>
>>> > Subject: Re: [rsyslog] unencrypted rsyslog through a wireguard terminal
>>> >
>>> > Thanks. I have removed that line from my files. When I restart
>>> rsyslog, I
>>> > get this error:
>>> >
>>> > * authentication not supported by ptcp netstream
>>> driver.*
>>> >
>>> > Are there other lines I should remove? Is the ptcp netstream driver
>>> the
>>> > default?
>>> >
>>> > David, when I run tcpdump for the port 12345 on both client and server
>>> I
>>> > see data on both devices. Do I not need a TCP connection data for
>>> both the
>>> > client and server?
>>> >
>>> > On Wed, May 29, 2024 at 5:45 AM Rainer Gerhards <
>>> rgerha...@hq.adiscon.com>
>>> > wrote:
>>> >
>>> >> Mode 0 indeed does turn any encryption off. It's primarily there for
>>> >> technical reasons, and it is the default.
>>> >>
>>> >> I strongly advise against defining encryption settings and then
>>> >> disabling them this way.
>>> >>
>>> >> Rainer
>>> >>
>>> >> El mié, 29 may 2024 a las 11:26, David Lang via rsyslog
>>> >> (<rsyslog@lists.adiscon.com>) escribió:
>>> >>>
>>> >>> On Wed, 29 May 2024, Kathy Lyons wrote:
>>> >>>
>>> >>>> which part sets encryption? I thought these options set encryption
>>> to
>>> >> 0,
>>> >>>> or disabled.
>>> >>>
>>> >>> leave out all the encryption settings to have them be disabled,
>>> setting
>>> >> the mode
>>> >>> to anon turns on encryption, but accepting any cert.
>>> >>>
>>> >>> David Lang
>>> >>>
>>> >>>> On Tue, May 28, 2024 at 6:09 PM David Lang <da...@lang.hm> wrote:
>>> >>>>
>>> >>>>> On Tue, 28 May 2024, Kathy Lyons wrote:
>>> >>>>>
>>> >>>>>
>>> >>>>> let's simplify this to the minimum needed
>>> >>>>>
>>> >>>>>> *Server**
>>> >>>>>>
>>> >>>>>> # I've tried both with and without the line below
>>> >>>>>> $ModLoad imtcp
>>> >>>>>> $InputTCPServerRun 12345
>>> >>>>>> $template LDSTag, "<%PRI>%TIMESTAMP [nameofsystem] %syslog% %msg%"
>>> >>>>>> # 10.50.x.x is where the server sends its local data and that of
>>> the
>>> >>>>> clients via udp port 514
>>> >>>>>> if $fromhost-ip <> '127.0.0.1' then @10.50.x.x;LDSTag
>>> >>>>>> &stop
>>> >>>>>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.*
>>> >>>>> @10.50.x.x;LDSTag
>>> >>>>>>
>>> >>>>>>
>>> >>>>>> **Client**
>>> >>>>>>
>>> >>>>>> *#*I've tried both with and without the line below
>>> >>>>>> $ModLoad imtcp
>>> >>>>>> $template LDSTag,"<%PRI>%TIMESTAMP [PUBLIC_IP] %syslog% %msg%"
>>> >>>>>> #Send Settings
>>> >>>>>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.*
>>> >>>>>> @@10.10.10.10.1:12345;LDSTmpl
>>> >>>>>
>>> >>>>> also note that the format of setting a bunch of $foo lines that
>>> then
>>> >>>>> affect
>>> >>>>> future lines is discouraged, it's better to use the newer action()
>>> >> syntax
>>> >>>>> that
>>> >>>>> sets all those things explicitly in the one place.
>>> >>>>>
>>> >>>>> David Lang
>>> >>>>>
>>> >>>>>>
>>> >>>>>> On 5/28/2024 5:42 PM, David Lang wrote:
>>> >>>>>>> your message is badly linewrapped, can you please try again?
>>> >>>>>>>
>>> >>>>>>> also note that while you can ping between the systems, that
>>> doesn't
>>> >>>>> mean
>>> >>>>>>> that port 514 (TCP or UDP) can get through, either due to
>>> firewalls
>>> >> at
>>> >>>>> the
>>> >>>>>>> network layer or iptables on the systems
>>> >>>>>>>
>>> >>>>>>> David Lang
>>> >>>>>>>
>>> >>>>>>
>>> >>>>>
>>> >>>>
>>> >>> _______________________________________________
>>> >>> rsyslog mailing list
>>> >>> https://lists.adiscon.net/mailman/listinfo/rsyslog
>>> >>> http://www.rsyslog.com/professional-services/
>>> >>> What's up with rsyslog? Follow https://twitter.com/rgerhards
>>> >>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
>>> myriad
>>> >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
>>> >> DON'T LIKE THAT.
>>> >>
>>> >
>>
>>
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
