AllowedSender#
Restricts TCP syslog senders by source address or hostname.
This parameter applies to imtcp: TCP Syslog Input Module.
- Name:
AllowedSender
- Scope:
module, input
- Type:
array
- Default:
module=none, input=module parameter
- Required?:
no
- Introduced:
8.2608.0
Description#
Sets source-address ACL entries for TCP syslog inputs. Entries use the same
address syntax as the legacy $AllowedSender
directive, for example 127.0.0.1/16, 192.0.2.0/24, [::1]/128,
*.example.net, or somehost.example.com.
A module-level AllowedSender list is used as the default for imtcp inputs.
An input-level AllowedSender list replaces the module-level list for that
input. If neither the module nor the input configures this parameter, all
senders are accepted unless legacy $AllowedSender directives are present.
If AllowedSender is configured, the array must contain at least one entry.
An empty input array cannot be used to clear a module-level default. Configure
explicit per-input sender lists, or omit the module-level default if some inputs
must remain unrestricted.
Do not mix legacy $AllowedSender and modern AllowedSender in new
configurations.
AllowedSender checks the remote socket address or reverse-DNS hostname.
It is separate from PermittedPeer, which checks TLS peer
identity and only applies to authenticated TLS modes. Firewall rules remain the
preferred first line of defense.
Module usage#
module(load="imtcp" allowedSender=["192.0.2.0/24"])
Input usage#
input(type="imtcp" port="514" allowedSender=["127.0.0.1/16", "[::1]/128"])
YAML usage#
modules:
- load: imtcp
allowedSender: ["192.0.2.0/24"]
inputs:
- type: imtcp
port: "514"
allowedSender: ["127.0.0.1/16"]
See also#
See also imtcp: TCP Syslog Input Module and $AllowedSender.
Support: rsyslog Assistant | GitHub Discussions | GitHub Issues: rsyslog source project
Contributing: Source & docs: rsyslog source project
© 2008–2026 Rainer Gerhards and others. Licensed under the Apache License 2.0.