im_udp with specific host IP not working
Hello All,
I am using nxlog-ce-2.9.1716 client to collect logs from my device and then forward it to logstash. I want to make sure nxlog client accept syslogs from particular source instead any. However when using specific IP in im_udp module, I am getting error as below:
"2017-03-07 16:04:51 ERROR failed to start im_udp; couldn't bind udp socket to 172.20.20.20:514; The requested address is not valid in its context. "
my input driver is configured as below:
<Input in>
Module im_udp
Host 172.20.20.20
Port 514
</Input>
I tried by changing host as below as well:
Host 172.20.20.20/32 - No luck
Host 172.20.20.20/255.255.255.0 - No luck
Host 172.20.20.20/255.255.255.255 - No luck
Host 172.20.20.20 255.255.255.255 - no luck
Host 172.20.20.20 255.255.255.0 - No luck
However if I make Host 0.0.0.0 - it works , but this is not what I am looking for.
Please help if I am missing anything.
Regards,
Gaurang
Hello GaurangMaru,
The Host directive in the Input section refers which address to "bind". Examples could be "0.0.0.0" or "127.0.0.1", etc. There are two ways to achieve what you want to do:
- Use an exec clause like: Exec if $MessageSourceAddress != "1.2.3.4" drop();
- Or use a firewall to block incoming connections from a specific IP address
Regards,
Panagiotis
NXLog Team.
