Currently, changing the protocol used with a remote syslog server is not possible (UDP is used by default). However, logging via TCP is more reliable and might be favoured in some environments. The web interface should allow to change the transport protocol used by rsyslog (UDP or TCP).
I have never used this and I don't know anyone who is. Would you like to work on this yourself and create this bug to let us know or did you just want to report this?
(In reply to Michael Tremer from comment #1) > I have never used this and I don't know anyone who is. Well, I use this for quite a while and I am happy with it. It is useful in case you do not want the firewall machine to send log summary mails or want the logs to be saved at a different place, too. However, with UDP, this is more or less like a lottery game. :-| > > Would you like to work on this yourself and create this bug to let us know > or did you just want to report this? It was intended that I work on this - but looking at the Perl script, I am not quite sure if this is such an easy task. That's why I did not assign it to me.
(In reply to Peter Müller from comment #2) > (In reply to Michael Tremer from comment #1) > > I have never used this and I don't know anyone who is. > Well, I use this for quite a while and I am happy with it. > > It is useful in case you do not want the firewall machine to send log summary > mails or want the logs to be saved at a different place, too. However, with > UDP, > this is more or less like a lottery game. :-| > > > > Would you like to work on this yourself and create this bug to let us know > > or did you just want to report this? > It was intended that I work on this - but looking at the Perl script, I am > not quite sure if this is such an easy task. That's why I did not assign it > to me. That one is an easy one: https://cgit.ipfire.org/ipfire-2.x.git/tree/html/cgi-bin/logs.cgi/config.dat Maybe you can have a go and if you get stuck just send me an email?!
I am currently trying to do so. The CGI file (and the translations) is already updated, but the settings are written to rsyslogd by a C program, which has not been touched for quite a few years... *sigh* Unfortunately, C is a little bit beyond my scope (I am not that familiar with programming, as you may noticed. :-| ), but I will try.
Sent in a patch series, but the C diff likely contains errors. :-|
Sent in second version of the C patch, should be OK AFAIK.
Fixed in Core Update 117.
Saving the settings results in a segfault caused by the C program: Jan 7 14:00:01 firewall kernel: syslogdctrl[32260]: segfault at 0 ip 00006d5bca1970f2 sp 000079c0d1549018 error 6 in libc-2.25.so[6d5bca0f1000+1ba000] Jan 7 14:00:01 firewall kernel: grsec: Segmentation fault occurred at (nil) in /usr/local/bin/syslogdctrl[syslogdctrl:32260] uid/euid:0/0 gid/egid:0/0, parent /srv/web/ipfire/cgi-bin/logs.cgi/config.dat[config.dat:32167] uid/euid:99/99 gid/egid:99/99 This happens for both UDP and TCP.
Technically this can be closed. We shipped this.