unexpected GnuTLS error -110 in nsdsel_gtls.c:178 #3623
Comments
|
You ever figure anything out regarding this issue? I am experiencing it myself |
|
I know there were fixes to try and address this in 8.2010, and I think more in
8.2012, have you tried upgrading to one of them?
David Lang
…On Thu, 17 Dec 2020, Juliya Smith wrote:
You ever figure anything out regarding this issue? I am experiencing it myself
|
|
hey, I have in cron service restart. Never figured out what is going on there 😔. It is still a problem |
I'm able to reproduce same issue on |
|
well, I changed company and it is not my issue anymore. I didn't try to recreate path of use, so I can't tell anything. Maybe others have something? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Connection TCP with TLS from rsyslog A to rsyslog B listening on log server.
A sending to B.
Expected behaviour
During connection from A to B admin/system/program cut down the connection and restore after few hours rsyslog still try to send every message(if failure then message wait in queue). When connection back and rsyslog send first message to B then according to config rsyslog will send other messages.
Actual behaviour
During connection from A to B admin/system/program cut down the connection and restore after few hours. Rsyslog throw message that:
unexpected GnuTLS error -110 in nsdsel_gtls.c:178: The TLS connection was non-properly terminated.netstream session 0x7fb544118a90 from xxx.xxx.xxx.xxx will be closed due to errorThat message appear on B (if it is just shut-down on A) and on A if connection was terminated by application(on router or gateway) and restored after few hours without rsyslog restart.
Steps to reproduce the behavior
Establish connection from A to B (sending messages) and restrict connection and kill every connection made.
Environment
rsyslogd 8.24.0, compiled with:
PLATFORM: x86_64-pc-linux-gnu
PLATFORM (lsb_release -d):
FEATURE_REGEXP: Yes
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
memory allocator: system default
Runtime Instrumentation (slow code): No
uuid support: Yes
Number of Bits in RainerScript integers: 64
Server(B) config:
/etc/rsyslog.d/config.conf
template(name="json-template"
type="list") {
constant(value="{")
constant(value=""@timestamp":"") property(name="timereported" dateFormat="rfc3339")
constant(value="","@Version":"1")
constant(value="","message":"") property(name="msg" format="json")
constant(value="","sysloghost":"") property(name="hostname")
constant(value="","severity":"") property(name="syslogseverity-text")
constant(value="","facility":"") property(name="syslogfacility-text")
constant(value="","programname":"") property(name="programname")
constant(value="","procid":"") property(name="procid")
constant(value=""}\n")
$RepeatedMsgReduction off
ruleset(name="testowe"){
#graylog
. @xxx.xxx.xxx.xxx:615;json-template
}
ruleset(name="produkcyjne"){
#graylog
. @xxx.xxx.xxx.xxx:614;json-template
}
module(
load="imtcp"
MaxSessions="2000"
StreamDriver.mode="1"
StreamDriver.authmode="x509/name"
PermittedPeer=[".nazwa.vpn",".nazwa.int","*.nazwa.pl"]
)
input(type="imtcp" port="515" ruleset="testowe")
input(type="imtcp" port="514" ruleset="produkcyjne")
/etc/rsyslog.conf
#################
MODULES
#################
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
$DefaultNetstreamDriver gtls
$MaxOpenFiles 2048
$DefaultNetstreamDriverCAFile /etc/pki/rsyslog/ca.pem
$DefaultNetstreamDriverCertFile /etc/pki/rsyslog/cert.pem
$DefaultNetstreamDriverKeyFile /etc/pki/rsyslog/key.pem
###########################
GLOBAL DIRECTIVES
###########################
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$CreateDirs on
$DirCreateMode 0755
$Umask 0022
$WorkDirectory /var/spool/rsyslog
$IncludeConfig /etc/rsyslog.d/*.conf
###############
RULES
###############
auth,authpriv.* /var/log/auth.log
.;auth,authpriv.none -/var/log/syslog
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
user.* -/var/log/user.log
###Client(A) config:
/etc/rsyslog.d/config.conf
$CreateDirs on
$DirCreateMode 0755
$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/pki/rsyslog/ca.pem
$DefaultNetstreamDriverCertFile /etc/pki/rsyslog/cert.pem
$DefaultNetstreamDriverKeyFile /etc/pki/rsyslog/key.pem
module(load="imudp")
input(type="imudp" port="514")
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$ActionSendStreamDriverAuthMode x509/name
$ActionSendStreamDriverPermittedPeer .nazwa.
$ActionSendStreamDriverMode 1 # run driver in TLS-only mode
$WorkDirectory /rsyslog/work # default location for work (spool) files
$ActionQueueType LinkedList # use asynchronous processing
$ActionQueueFileName srvrfwd # set file name, also enables disk mode
$ActionResumeRetryCount -1 # infinite retries on insert failure
$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down
if $syslogfacility-text == 'local3' then {
local3.* @@xxx.xxx.xxx.xxx:514
stop
}
/etc/rsyslog.conf
#################
MODULES
#################
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support
###########################
GLOBAL DIRECTIVES
###########################
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$WorkDirectory /var/spool/rsyslog
$IncludeConfig /etc/rsyslog.d/*.conf
###############
RULES
###############
auth,authpriv.* /var/log/auth.log
.;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
.=debug;
auth,authpriv.none;
news.none;mail.none -/var/log/debug
.=info;.=notice;.=warn;
auth,authpriv.none;
cron,daemon.none;
mail,news.none -/var/log/messages
.emerg :omusrmsg:
daemon.;mail.;
news.err;
.=debug;.=info;
.=notice;.=warn |/dev/xconsole
The text was updated successfully, but these errors were encountered: