AllowedSender¶
Restricts TCP syslog senders by source address or hostname.
This parameter applies to imtcp: TCP Syslog Input Module.
- Name:
AllowedSender
- Scope:
module, input
- Type:
array
- Default:
module=none, input=module parameter
- Required?:
no
- Introduced:
8.2608.0
Description¶
Sets source-address ACL entries for TCP syslog inputs. Entries use the same
address syntax as the legacy $AllowedSender
directive, for example 127.0.0.1/16, 192.0.2.0/24, [::1]/128,
*.example.net, or somehost.example.com.
A module-level AllowedSender list is used as the default for imtcp inputs.
An input-level AllowedSender list replaces the module-level list for that
input. If neither the module nor the input configures this parameter, all
senders are accepted unless legacy $AllowedSender directives are present.
If AllowedSender is configured, the array must contain at least one entry.
An empty input array cannot be used to clear a module-level default. Configure
explicit per-input sender lists, or omit the module-level default if some inputs
must remain unrestricted.
Do not mix legacy $AllowedSender and modern AllowedSender in new
configurations.
AllowedSender checks the remote socket address or reverse-DNS hostname.
It is separate from PermittedPeer, which checks TLS peer
identity and only applies to authenticated TLS modes. Firewall rules remain the
preferred first line of defense.
Module usage¶
module(load="imtcp" allowedSender=["192.0.2.0/24"])
Input usage¶
input(type="imtcp" port="514" allowedSender=["127.0.0.1/16", "[::1]/128"])
YAML usage¶
modules:
- load: imtcp
allowedSender: ["192.0.2.0/24"]
inputs:
- type: imtcp
port: "514"
allowedSender: ["127.0.0.1/16"]
See also¶
See also imtcp: TCP Syslog Input Module and $AllowedSender.
Support: rsyslog Assistant | GitHub Discussions | GitHub Issues: rsyslog source project
Contributing: Source & docs: rsyslog source project
© 2008–2026 Rainer Gerhards and others. Licensed under the Apache License 2.0.