This patch is for stopping syslogd to bind to an udp port. i have only modified this patch for working with openbsd 3.3 e: phil@kodezone.com w: www.kodezone.com Apply by doing: cd /usr/src patch -p0 < OpenBSD_3.3_syslogd_no_bind_udp.patch cd usr.sbin/syslogd/ make make install Index: usr.sbin/syslogd/syslogd.c =================================================================== --- usr/sbin/syslogd/syslogd/syslogd.c Sun Aug 10 16:13:01 2003 +++ usr/sbin/syslogd/syslogd/syslogd.c Sun Aug 10 16:12:50 2003 @@ -67,6 +67,7 @@ * Author: Eric Allman * extensive changes by Ralph Campbell * more extensive changes by Eric Allman (again) + * secure mode inet socket befavior logic changed by Sergey Smitienko */ #define MAXLINE 1024 /* maximum line length */ @@ -194,6 +195,7 @@ int MarkInterval = 20 * 60; /* interval between marks in seconds */ int MarkSeq = 0; /* mark sequence number */ int SecureMode = 1; /* when true, speak only unix domain socks */ +int NeedUdpSocket = 0; int NoDNS = 0; /* when true, will refrain from doing DNS lookups */ volatile sig_atomic_t MarkSet; @@ -226,6 +228,8 @@ char *funixn[MAXFUNIX] = { _PATH_LOG }; int funix[MAXFUNIX]; +struct servent *sp; + int main(int argc, char *argv[]) { @@ -334,16 +338,16 @@ slen); } } + + sp = getservbyname("syslog", "udp"); + if (sp == NULL) { + errno = 0; + logerror("syslog/udp: unknown service"); + die(0); + } + finet = socket(AF_INET, SOCK_DGRAM, 0); if (finet >= 0) { - struct servent *sp; - - sp = getservbyname("syslog", "udp"); - if (sp == NULL) { - errno = 0; - logerror("syslog/udp: unknown service"); - die(0); - } memset(&sin, 0, sizeof(sin)); sin.sin_len = sizeof(sin); sin.sin_family = AF_INET; @@ -362,8 +366,9 @@ SO_RCVBUF, &len, slen); } } - } - if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) < 0) + } else finet = -1; + + if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) < 0) dprintf("can't open %s (%d)\n", _PATH_KLOG, errno); /* tuck my process id away */ @@ -378,8 +383,14 @@ dprintf("off & running....\n"); init(); - - if (fklog != -1 && fklog > fdsrmax) + + if ( !NeedUdpSocket && SecureMode ) { + close ( finet); + finet = -1; + dprintf("closing unneeded inet socket\n"); + } + + if (fklog != -1 && fklog > fdsrmax) fdsrmax = fklog; if (finet != -1 && finet > fdsrmax) fdsrmax = finet; @@ -402,6 +413,46 @@ if (DoInit) { init(); DoInit = 0; + if ( finet != -1 && !NeedUdpSocket && SecureMode) { + close ( finet); + finet = -1; + } + if ( finet == -1 && NeedUdpSocket && SecureMode ) { + // recreate udp socket + finet = socket(AF_INET, SOCK_DGRAM, 0); + if (finet >= 0) { + struct sockaddr_in sin; + + memset(&sin, 0, sizeof(sin)); + sin.sin_len = sizeof(sin); + sin.sin_family = AF_INET; + sin.sin_port = LogPort = sp->s_port; + + if (bind(finet, (struct sockaddr *)&sin, sizeof(sin)) < 0) { + logerror("bind"); + close ( finet); + finet = -1; /* try to continue ? */ + + } else { + /* double socket receive buffer size */ + if (getsockopt(finet, SOL_SOCKET, SO_RCVBUF, &len,&slen) == 0) { + len *= 2; + (void)setsockopt(funix[i], SOL_SOCKET, + SO_RCVBUF, &len, slen); + } + + } + } else finet = -1; + } + /* do we need to reallocate fdsr ? */ + if (finet != -1 && finet > fdsrmax) { + fdsrmax = finet; + free (fdsr); + fdsr = (fd_set *)calloc(howmany(fdsrmax+1, NFDBITS), + sizeof(fd_mask)); + if (fdsr == NULL) + errx(1, "calloc fd_set"); + } } bzero(fdsr, howmany(fdsrmax+1, NFDBITS) * @@ -750,12 +801,17 @@ f->f_prevpri, (char *)iov[0].iov_base, (char *)iov[4].iov_base)) >= sizeof(line) || l == -1) l = strlen(line); - if (sendto(finet, line, l, 0, - (struct sockaddr *)&f->f_un.f_forw.f_addr, - sizeof(f->f_un.f_forw.f_addr)) != l) { - f->f_type = F_UNUSED; - logerror("sendto"); + if (finet != -1) { + if (sendto(finet, line, l, 0, + (struct sockaddr *)&f->f_un.f_forw.f_addr, + sizeof(f->f_un.f_forw.f_addr)) != l) { + f->f_type = F_UNUSED; + logerror("sendto"); + } } + else { + logerror("forwaring with closed socket?"); + } break; case F_CONSOLE: @@ -995,6 +1051,8 @@ dprintf("init\n"); + NeedUdpSocket = 0; + /* * Close all open log files. */ @@ -1231,6 +1289,7 @@ memmove(&f->f_un.f_forw.f_addr.sin_addr, hp->h_addr, hp->h_length); f->f_type = F_FORW; + NeedUdpSocket = 1; break; case '/':