mirror of
https://github.com/rsyslog/rsyslog.git
synced 2025-12-16 12:10:46 +01:00
4c66ab3abc
Add this both as module an input parameter. Complements already-existing config param notifyonconnectionclose and mirrors the similar feature from imptcp. The module parameter acts as default, similarly to notifyonconnectionclose. Note that in contrast to imptcp, we emit IP addresses and not host names. This sticks with the traditional semantics of imtcp. Note that we also fixed a mislading error message in the case when a disallowed sender tried to connect. Thanks to John Chivian for suggesting the addition.
27 lines
965 B
Bash
Executable File
27 lines
965 B
Bash
Executable File
#!/bin/bash
|
|
# check that we are able to receive messages from allowed sender
|
|
# added 2019-08-15 by RGerhards, released under ASL 2.0
|
|
. ${srcdir:=.}/diag.sh init
|
|
export NUMMESSAGES=5 # it's just important that we get any messages at all
|
|
generate_conf
|
|
add_conf '
|
|
module(load="../plugins/imtcp/.libs/imtcp")
|
|
input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port" ruleset="rs")
|
|
|
|
$AllowedSender TCP,128.66.0.0/16 # this IP range is reserved by RFC5737
|
|
template(name="outfmt" type="string" string="%msg:F,58:2%\n")
|
|
ruleset(name="rs") {
|
|
action(type="omfile" template="outfmt" file="'$RSYSLOG_DYNNAME.must-not-be-created'")
|
|
}
|
|
|
|
action(type="omfile" file="'$RSYSLOG_OUT_LOG'")
|
|
'
|
|
startup
|
|
assign_tcpflood_port $RSYSLOG_DYNNAME.tcpflood_port
|
|
tcpflood -m$NUMMESSAGES
|
|
shutdown_when_empty
|
|
wait_shutdown
|
|
content_check --regex "connection request from disallowed sender .* discarded"
|
|
check_file_not_exists "$RSYSLOG_DYNNAME.must-not-be-created"
|
|
exit_test
|