I posted this question some days ago to LinuxQuestions.org > Forums > Linux - Distributions > Suse/Novell. Since there were no responses I am now asking here...

------

Hi all,

I am trying to use a tool named "samplicate" to forward UDP traffic from my server (host A) to two IP addresses:

On host A:

/usr/local/bin/samplicate -S -p 514 127.0.0.1/50000 10.1.1.1/514

In this example, any syslog traffic (udp/514) is forwarded to 127.0.0.1/50000 as well as 10.1.1.1/514 while the original syslog clients' source addresses are
maintained/spoofed using the -S option.

While the above command works fine on a standard Fedora Core 3 system as well as on SuSE 9.0, I do not manage to get it running on a SuSE 9.2 Professional workstation.

This is the error message shown on the "samplicate" window when a
remote syslog client sends syslog traffic to the SuSE 9.2 syslog
server:

socket error: 0
socket: Operation not permitted
sending datagram to 127.0.0.1:50000 failed: Operation not permitted
socket error: 0
socket: Operation not permitted
sending datagram to 10.1.1.1:514 failed: Operation not permitted

I assume the cause is not directly related to the samplicate tool but rather to some security-related stuff on SuSE 9.2.

SELinux is disabled.

Any ideas what might cause this socket error?

The samplicate command works without any errors on a SuSE 9.2
system when omitting the -S option, but source address spoofing is a
requirement.

Thanks, David