Enable logging to syslog with -s

README.md

@@ -11,14 +11,12 @@ occurs, this program doesn't depend on any cryptographic libraries. It's
 a simple, single-threaded, standalone C program. It uses `poll()` to
 trap multiple clients at a time.
 
-
-
 ## Usage
 
 Usage information is printed with `-h`.
 
 ```
-Usage: endlessh [-vh] [-d MS] [-f CONFIG] [-l LEN] [-m LIMIT] [-p PORT]
+Usage: endlessh [-vhs] [-d MS] [-f CONFIG] [-l LEN] [-m LIMIT] [-p PORT]
   -4        Bind to IPv4 only
   -6        Bind to IPv6 only
   -d INT    Message millisecond delay [10000]
@@ -27,7 +25,8 @@ Usage: endlessh [-vh] [-d MS] [-f CONFIG] [-l LEN] [-m LIMIT] [-p PORT]
   -l INT    Maximum banner line length (3-255) [32]
   -m INT    Maximum number of clients [4096]
   -p INT    Listening port [2222]
-  -v        Print diagnostics to standard output (repeatable)
+  -s        Print diagnostics to syslog instead of standard output
+  -v        Print diagnostics (repeatable)
 ```
 
 Argument order matters. The configuration file is loaded when the `-f`
@@ -36,7 +35,8 @@ configuration file.
 
 By default no log messages are produced. The first `-v` enables basic
 logging and a second `-v` enables debugging logging (noisy). All log
-messages are sent to standard output.
+messages are sent to standard output by default. `-s` causes them to be
+sent to syslog.
 
     endlessh -v >endlessh.log 2>endlessh.err
 

endlessh.1

@@ -1,12 +1,12 @@
-.Dd $Mdocdate: April 12 2019 $
+.Dd $Mdocdate: January 29 2020 $
 .Dt ENDLESSH 1
 .Os
 .Sh NAME
 .Nm endless
 .Nd An SSH tarpit
 .Sh SYNOPSIS
 .Nm endless
-.Op Fl 46chvV
+.Op Fl 46chsvV
 .Op Fl d Ar delay
 .Op Fl f Ar config
 .Op Fl l Ar max banner length
@@ -55,9 +55,12 @@ Maximum number of clients. Default: 4096
 Set the listening port. By default
 .Nm
 listens on port 2222.
+.It Fl s
+Print diagnostics to syslog. By default
+.Nm
+prints them to standard output.
 .It Fl v
-Print diagnostics to standard output. Can be specified
-numerous times to increase verbosity.
+Print diagnostics. Can be specified up to twice to increase verbosity.
 .It Fl V
 Causes
 .Nm

endlessh.c

@@ -24,6 +24,7 @@
 #include <sys/socket.h>
 #include <arpa/inet.h>
 #include <netinet/in.h>
+#include <syslog.h>
 
 #define ENDLESSH_VERSION           1.0
 
@@ -84,6 +85,26 @@ logstdio(enum loglevel level, const char *format, ...)
     }
 }
 
+static void
+logsyslog(enum loglevel level, const char *format, ...)
+{
+    static const int prio_map[] = { LOG_NOTICE, LOG_INFO, LOG_DEBUG };
+
+    if (loglevel >= level) {
+        int save = errno;
+
+        /* Output the log message */
+        va_list ap;
+        va_start(ap, format);
+        char buf[256];
+        vsnprintf(buf, sizeof buf, format, ap);
+        va_end(ap);
+        syslog(prio_map[level], "%s", buf);
+
+        errno = save;
+    }
+}
+
 struct {
     long long connects;
     long long milliseconds;
@@ -620,7 +641,7 @@ main(int argc, char **argv)
     config_load(&config, config_file, 1);
 
     int option;
-    while ((option = getopt(argc, argv, "46d:f:hl:m:p:vV")) != -1) {
+    while ((option = getopt(argc, argv, "46d:f:hl:m:p:svV")) != -1) {
         switch (option) {
             case '4':
                 config_set_bind_family(&config, "4", 1);
@@ -655,6 +676,9 @@ main(int argc, char **argv)
             case 'p':
                 config_set_port(&config, optarg, 1);
                 break;
+            case 's':
+                logmsg = logsyslog;
+                break;
             case 'v':
                 if (loglevel < log_debug)
                     loglevel++;
@@ -674,8 +698,15 @@ main(int argc, char **argv)
         exit(EXIT_FAILURE);
     }
 
-    /* Set output (log) to line buffered */
-    setvbuf(stdout, 0, _IOLBF, 0);
+    if (logmsg == logsyslog) {
+        /* Prepare the syslog */
+        const char *prog = strrchr(argv[0], '/');
+        prog = prog ? prog + 1 : argv[0];
+        openlog(prog, LOG_PID, LOG_DAEMON);
+    } else {
+        /* Set output (log) to line buffered */
+        setvbuf(stdout, 0, _IOLBF, 0);
+    }
 
     /* Log configuration */
     config_log(&config);
@@ -806,4 +837,7 @@ main(int argc, char **argv)
 
     fifo_destroy(fifo);
     statistics_log_totals(0);
+
+    if (logmsg == logsyslog)
+        closelog();
 }