[rsyslog] Mix of GTLS and PTCP listeners running same instance

Andrew Griffin andrew_griffin at apple.com
Mon Jan 9 19:32:42 CET 2017


I’m running both with no issue - 8.22. I’m loading in the following order:

1. Globals - which includes the cert file locations
2. Modules - PTCP first then TCP
3. Inputs - PTCP then TCP with the StreamDriver settings

Andrew Griffin
  ETS / Integration Services
☏ 408-783-8348

> On Jan 9, 2017, at 4:23 AM, Peter Viskup via rsyslog <rsyslog at lists.adiscon.com> wrote:
> 
> Seems it is not possible to mix PTCP and TCP listeners. We run 8.15.0
> version of rsyslog.
> With following configuration we are getting error messages:
> 
> Jan  9 13:13:44 127.0.0.1 syslog.err rsyslogd-2081:error: driver mode
> 1 not supported by ptcp netstream driver [v8.15.0 try
> http://www.rsyslog.com/e/2081 ]
> Jan  9 13:13:44 127.0.0.1 syslog.err rsyslogd-2081:Could not create
> tcp listener, ignoring port 12514 bind-address (null). [v8.15.0 try
> http://www.rsyslog.com/e/2081 ]
> 
> Does not matter which module is loaded first.
> 
> ~# cat /etc/rsyslog.d/08-rsyslog-tls.conf
> $ModLoad imtcp
> 
> # certificate files
> $DefaultNetstreamDriverCAFile /etc/rsyslog.ca.pem
> $DefaultNetstreamDriverCertFile /etc/rsyslog-cert.pem
> $DefaultNetstreamDriverKeyFile /etc/rsyslog-key.pem
> 
> $InputTCPServerStreamDriverAuthMode x509/name
> # put as many CN names as required to have access or use wildcards
> $InputTCPServerStreamDriverPermittedPeer syslogclient
> $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
> $InputTCPServerRun 12514
> $InputTCPServerKeepAlive on
> 
> ~# cat /etc/rsyslog.d/10-rsyslog.conf
> $ModLoad imptcp
> $InputPTCPServerRun 2514
> $InputPTCPServerKeepAlive on
> 
> -- 
> Peter
> 
> On Wed, Nov 2, 2016 at 10:25 PM, Rainer Gerhards
> <rgerhards at hq.adiscon.com> wrote:
>> A traditional work around is to use ptcp for plain TCP. But it's only
>> available on Linux.
>> 
>> I also think I remember that I created per listener parameters, but not
>> totally sure.
>> 
>> Hth Rainer
>> 
>> Sent from phone, thus brief.
>> 
>> Am 02.11.2016 14:51 schrieb "Peter Viskup" <skupko.sk at gmail.com>:
>> 
>>> Dear all,
>>> just wondering whether it is possible to run PTCP and GTLS listen ports on
>>> the same rsyslog instance.
>>> Reading the documentation it looks like it is not possible. [1] As
>>> StreamDriver.Name option "selects network stream driver for *all inputs
>>> using this module*" according to the documentation.
>>> 
>>> We need to create new TLS encrypted channel with preserving the old
>>> non-encrypted channel.
>>> Is there any way to configure it without building the new rsyslog instance?
>>> 
>>> [1] http://www.rsyslog.com/doc/v8-stable/configuration/modules/imtcp.html
>>> 
>>> --
>>> Peter
>>> _______________________________________________
>>> rsyslog mailing list
>>> http://lists.adiscon.net/mailman/listinfo/rsyslog
>>> http://www.rsyslog.com/professional-services/
>>> What's up with rsyslog? Follow https://twitter.com/rgerhards
>>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
>>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
>>> DON'T LIKE THAT.
>>> 
>> _______________________________________________
>> rsyslog mailing list
>> http://lists.adiscon.net/mailman/listinfo/rsyslog
>> http://www.rsyslog.com/professional-services/
>> What's up with rsyslog? Follow https://twitter.com/rgerhards
>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
> _______________________________________________
> rsyslog mailing list
> http://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com/professional-services/
> What's up with rsyslog? Follow https://twitter.com/rgerhards
> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.



More information about the rsyslog mailing list