Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[IM] bird2 template - set name for syslog #909

Closed
wants to merge 2 commits into from
Closed

Conversation

listerr
Copy link
Contributor

@listerr listerr commented Sep 20, 2024

Longer description

When logging to syslog, set a name for the BIRD instance so we can tell which instance is logging to syslog:

Sep 20 15:01:59 rs1 bird[]: Reconfiguring
Sep 20 15:02:00 rs1 bird[]: Reconfigured
Sep 20 15:02:00 rs1 bird[]: I/O loop cycle took 5490.380 ms for 80 events
Sep 20 15:03:59 rs1 bird[]: Reconfiguring
Sep 20 15:03:00 rs1 bird[]: Reconfigured
Sep 20 15:02:13 rs1 bird[]: pb_0367_as57099: Received: Connection rejected
Sep 20 15:02:26 rs1 bird[]: pb_0690_as203421: Received: Connection rejected
Sep 20 15:02:37 rs1 bird[]: pb_0367_as57099: Received: Connection rejected
Sep 20 15:02:56 rs1 bird[]: pb_0690_as203421: Received: Connection rejected
Sep 20 15:03:05 rs1 bird[]: pb_0367_as57099: Received: Connection rejected

vs:

Sep 20 15:01:59 rs1 bird-rs1-ipv4[]: Reconfiguring
Sep 20 15:02:00 rs1 bird-rs1-ipv4[]: Reconfigured
Sep 20 15:02:00 rs1 bird-rs1-ipv4[]: I/O loop cycle took 5490.380 ms for 80 events
Sep 20 15:03:59 rs1 bird-rs1-ipv6[]: Reconfiguring
Sep 20 15:03:00 rs1 bird-rs1-ipv6[]: Reconfigured
Sep 20 15:02:00 rs1 bird-rs1-ipv6[]: I/O loop cycle took 5490.380 ms for 80 events
Sep 20 15:02:13 rs1 bird-rs1-ipv4[]: pb_0367_as57099: Received: Connection rejected
Sep 20 15:02:26 rs1 bird-rs1-ipv6[]: pb_0690_as203421: Received: Connection rejected
Sep 20 15:02:37 rs1 bird-rs1-ipv4[]: pb_0367_as57099: Received: Connection rejected
Sep 20 15:02:56 rs1 bird-rs1-ipv4[]: pb_0690_as203421: Received: Connection rejected
Sep 20 15:03:05 rs1 bird-rs1-ipv4[]: pb_0367_as57099: Received: Connection rejected

In addition to the above, I have:

  • ensured all relevant template output is escaped to avoid XSS attached with <?= $t->ee( $data ) ?> or equivalent.
  • ensured appropriate checks against user privilege / resources accessed
  • API calls (particular for add/edit/delete/toggle) are not implemented with GET and use CSRF tokens to avoid CSRF attacks

Sorry, something went wrong.

Set a name for syslog to distinguish which instance of bird is logging (e.g. ipv4 or ipv6).
@barryo barryo self-assigned this Sep 20, 2024
@listerr listerr closed this by deleting the head repository Feb 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants