Bazsi's Home Automation blog

I've published our set of dbi and dbi-drivers patches in a git repository to push changes upstream. The patches were updated against the latest libdbi versions. You can find these repositories at the BalaBit's git server, more precisely: git://git.balabit.hu/bazsi/libdbi.git git://git.balabit.hu/bazsi/libdbi-drivers.git The "master" branch contains the direct import of the libdbi CVS tree, our fixes are in the 'upstream-fixes' branch. This setup will make it easier for me to publish patches and regularly rebase the not-yet-merged set against the latest upstream. Among other small things, you can find a quite important patch against the Oracle driver. Without this patch Oracle 10.2 (the server!) segfaults and dumps core. So beware.

I installed Google analytics on this blog, and as it seems a number of people come here looking for "SFTP proxy", because of an old article I posted last July. Those interested primarily in my syslog-ng related articles may skip this post as this contains completely unrelated information, others please read on. :) For those who don't know: SFTP is a file-system sharing protocol running on top of SSH. It is not yet an IETF standard, however more and more enterprises replaces the aging FTP protocol for SFTP. The reasons are numerous: FTP uses plain text passwords, FTP uses multiple TCP connections for file transfer, FTP has inherent problems like bounce attacks, FTP does not encrypt traffic, FTP only supports filesystem metadata (last modification time, etc.) via extensions and others. All-in-all SFTP is newer, shinier and designed better. There's one problem though: SFTP uses SSH and SSH is encrypted. But wait, I said this is a drawback for FTP. Right, using encryptio

We were asked to publish some more detailed "syslog-ng feature sheet". Albeit it might go into syslog-ng specific details we tried to be as generic as possible. And certainly everyone doing such feature sheets is biased, just as we were :) It is available at http://www.balabit.com/network-security/syslog-ng/features/detailed/ .

As promised earlier on the mailing list, I am designing the new message rewrite capabilities in syslog-ng. As you probably know, syslog-ng currently supports message templates for each destination, and this template can be used to rewrite the message payload. Each template may contain literal text and macro references. Macros can either expand to parts of the original message or parts that were matched using a regexp. Here's an example: destination d_file { file("/var/log/messages" template("<$PRI> $HOST $MSG -- literal text $1\n")); }; The example above uses the format string specified at template to define the log file structure. The words starting with '$' are macros and expand to well defined parts of the original message. Numbered macros like $1 above are substituted to the last regular expression matches, all other characters are put into the result intact. While this functionality is indeed useful, it is somewhat limited: you cannot use sed-