Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Sys::Syslog Hangs

by elvolio (Initiate)
on Apr 06, 2002 at 04:12 UTC ( [id://157119]=perlquestion: print w/replies, xml ) Need Help??

elvolio has asked for the wisdom of the Perl Monks concerning the following question:

I'm a bit of a Perl newbie, and while the answer to this may be in a doc somewhere, I can't find it despite my best efforts. I'm working on a script that uses Sys::Syslog. The following three lines are towards the end of the script: 
  my $logfacility = "auth";
  my $loglevel = "notice";
  <snip>
  openlog("HP-Alert","cons",$logfacility);
  syslog ($loglevel,"Blocked all connects from %s due to %d connection
+s!", $connectdata[2], $alerts);
  closelog;

[download]
The openlog call succeeds, but on my SPARC OpenBSD 2.9 system the syslog call seems to hang the script (^C is needed to get out). syslogd is running and everything else seems to look OK. Any ideas?

BTW, for the curious, it's a script to protect against outbound attacks from a honeypot; more details at Xwell.org.

Replies are listed 'Best First'.
Re: Sys::Syslog Hangs
by andreychek (Parson) on Apr 06, 2002 at 05:54 UTC
    I was messing with this myself a little while ago, and had similar problems. It appears that in order for Sys::Syslog to function properly, the syslog daemon must actually be running with the -r flag set. From the syslogd manpage: 
     -r  This  option  will  enable  the facility to receive
     message from the network using an  internet  domain
     socket  with  the syslog service (see services(5)).
     The default is to not receive any messages from the
     network.

    [download]
    So, even if your Perl script is running on the same machine as the syslog daemon, you still need to use the -r flag.

    Beware, however, that running syslog with -r opens the door for security issues. Now, anyone can send messages to your syslog daemon. You may wish to use some sort of firewall rules to block incoming traffic to your syslog daemon from the outside world.

    Good luck!
    -Eric
[reply]
[d/l]
Re: Sys::Syslog Hangs
by Fletch (Bishop) on Apr 06, 2002 at 13:32 UTC

    Use ktrace and kdump to see what system calls you're executing underneath. That can often give clues as to what's causing things to hang (e.g. something may be trying to resolve a hostname and DNS isn't responding)

[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://157119]
Approved by andreychek
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chilling in the Monastery: (3)
As of 2024-04-25 05:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found