Kill net/clog?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Kill net/clog?

Jeremie Courreges-Anglas-2

Hi,

clog is on the list of ports that hardcodes gcc.

I took a look at it and it looks fine for code written in 1996.  However
it does very little: it logs new IPv4 TCP connections with the following
format:

  date|source_host|source_port|dest_host|dest_port

No support for IPv6, assumes IPv4 but doesn't check for IPVERSION, runs
as root but no privsep, and its features are easily emulated with
tcpdump 'tcp[tcpflags] = tcp-syn' and a post-processor.

I propose to remove it.  Objections?

--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Reply | Threaded
Open this post in threaded view
|

Re: Kill net/clog?

kwesterback


> On Feb 27, 2017, at 12:48 PM, Jeremie Courreges-Anglas <[hidden email]> wrote:
>
>
> Hi,
>
> clog is on the list of ports that hardcodes gcc.
>
> I took a look at it and it looks fine for code written in 1996.  However
> it does very little: it logs new IPv4 TCP connections with the following
> format:
>
>  date|source_host|source_port|dest_host|dest_port
>
> No support for IPv6, assumes IPv4 but doesn't check for IPVERSION, runs
> as root but no privsep, and its features are easily emulated with
> tcpdump 'tcp[tcpflags] = tcp-syn' and a post-processor.
>
> I propose to remove it.  Objections?
>
> --
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE
>

I'm currently in a ports removing mood, and I agree there seems little added value to this one.

ok krw@ fwiw

.... Ken