mirror of
https://gitlab.com/shorewall/code.git
synced 2025-01-11 08:08:12 +01:00
Change for OpenWRT compatibility
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5061 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
3ef3d36873
commit
12cac4cb0d
@ -21,6 +21,8 @@ Changes in 3.3.6
|
|||||||
10) Allow capabilities file to be used with Shorewall as well as
|
10) Allow capabilities file to be used with Shorewall as well as
|
||||||
Shorewall Lite.
|
Shorewall Lite.
|
||||||
|
|
||||||
|
11) Allow in-memory circular buffer for system log.
|
||||||
|
|
||||||
Changes in 3.3.5
|
Changes in 3.3.5
|
||||||
|
|
||||||
1) Restore default route when there are no 'balance' providers.
|
1) Restore default route when there are no 'balance' providers.
|
||||||
|
@ -130,12 +130,12 @@ packet_log() # $1 = number of messages
|
|||||||
[ -n "$realtail" ] && options="-n$1"
|
[ -n "$realtail" ] && options="-n$1"
|
||||||
|
|
||||||
if [ -n "$SHOWMACS" -o $VERBOSE -gt 2 ]; then
|
if [ -n "$SHOWMACS" -o $VERBOSE -gt 2 ]; then
|
||||||
grep 'IN=.* OUT=' $LOGFILE | \
|
$LOGREAD | grep 'IN=.* OUT=' | \
|
||||||
sed s/" kernel:"// | \
|
sed s/" kernel:"// | \
|
||||||
sed s/" $host $LOGFORMAT"/" "/ | \
|
sed s/" $host $LOGFORMAT"/" "/ | \
|
||||||
tail $options
|
tail $options
|
||||||
else
|
else
|
||||||
grep 'IN=.* OUT=' $LOGFILE | \
|
$LOGREAD | grep 'IN=.* OUT=' | \
|
||||||
sed s/" kernel:"// | \
|
sed s/" kernel:"// | \
|
||||||
sed s/" $host $LOGFORMAT"/" "/ | \
|
sed s/" $host $LOGFORMAT"/" "/ | \
|
||||||
sed 's/MAC=.* SRC=/SRC=/' | \
|
sed 's/MAC=.* SRC=/SRC=/' | \
|
||||||
@ -866,10 +866,10 @@ hits_command() {
|
|||||||
|
|
||||||
timeout=30
|
timeout=30
|
||||||
|
|
||||||
if [ $(grep -c 'IN=.* OUT=' $LOGFILE ) -gt 0 ] ; then
|
if [ $( $LOGREAD | grep -c 'IN=.* OUT=' ) -gt 0 ] ; then
|
||||||
echo " HITS IP DATE"
|
echo " HITS IP DATE"
|
||||||
echo " ---- --------------- ------"
|
echo " ---- --------------- ------"
|
||||||
grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3 \1/' | sort | uniq -c | sort -rn | \
|
$LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3 \1/' | sort | uniq -c | sort -rn | \
|
||||||
while read count address month day; do
|
while read count address month day; do
|
||||||
printf '%7d %-15s %3s %2d\n' $count $address $month $day
|
printf '%7d %-15s %3s %2d\n' $count $address $month $day
|
||||||
done
|
done
|
||||||
@ -878,7 +878,7 @@ hits_command() {
|
|||||||
|
|
||||||
echo " HITS IP PORT"
|
echo " HITS IP PORT"
|
||||||
echo " ---- --------------- -----"
|
echo " ---- --------------- -----"
|
||||||
grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2 \4/
|
$LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2 \4/
|
||||||
t
|
t
|
||||||
s/\(.*SRC=\)\(.*\)\( DST=.*\)/\2/' | sort | uniq -c | sort -rn | \
|
s/\(.*SRC=\)\(.*\)\( DST=.*\)/\2/' | sort | uniq -c | sort -rn | \
|
||||||
while read count address port; do
|
while read count address port; do
|
||||||
@ -889,7 +889,7 @@ hits_command() {
|
|||||||
|
|
||||||
echo " HITS DATE"
|
echo " HITS DATE"
|
||||||
echo " ---- ------"
|
echo " ---- ------"
|
||||||
grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | \
|
$LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | \
|
||||||
while read count month day; do
|
while read count month day; do
|
||||||
printf '%7d %3s %2d\n' $count $month $day
|
printf '%7d %3s %2d\n' $count $month $day
|
||||||
done
|
done
|
||||||
@ -898,7 +898,7 @@ hits_command() {
|
|||||||
|
|
||||||
echo " HITS PORT SERVICE(S)"
|
echo " HITS PORT SERVICE(S)"
|
||||||
echo " ---- ----- ----------"
|
echo " ---- ----- ----------"
|
||||||
grep 'IN=.* OUT=.*DPT' $LOGFILE | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \
|
$LOGREAD | grep 'IN=.* OUT=.*DPT' | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \
|
||||||
while read count port ; do
|
while read count port ; do
|
||||||
# List all services defined for the given port
|
# List all services defined for the given port
|
||||||
srv=$(grep "^[^#].*\\b$port/" /etc/services | cut -f 1 | cut -f 1 -d' ' | sort -u)
|
srv=$(grep "^[^#].*\\b$port/" /etc/services | cut -f 1 | cut -f 1 -d' ' | sort -u)
|
||||||
|
@ -128,6 +128,11 @@ Other Changes in 3.3.6
|
|||||||
When you install a new kernel and/or iptables, be sure to generate
|
When you install a new kernel and/or iptables, be sure to generate
|
||||||
a new file.
|
a new file.
|
||||||
|
|
||||||
|
9) When syslogd is run with the -C option (which in some
|
||||||
|
implementations causes syslogd to log to an in-memory circular
|
||||||
|
buffer), /sbin/shorewall will now use the 'logread' command to read
|
||||||
|
the log from that buffer. This is for combatibility with OpenWRT.
|
||||||
|
|
||||||
Migration Considerations:
|
Migration Considerations:
|
||||||
|
|
||||||
1) Shorewall supports the notion of "default actions". A default
|
1) Shorewall supports the notion of "default actions". A default
|
||||||
|
@ -128,7 +128,11 @@ get_config() {
|
|||||||
|
|
||||||
[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
|
[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
|
||||||
|
|
||||||
if [ ! -f $LOGFILE ]; then
|
if ( ps ax 2> /dev/null | qt grep 'syslogd.*-C' ) ; then
|
||||||
|
LOGREAD="logread"
|
||||||
|
elif [ -f $LOGFILE ]; then
|
||||||
|
LOGREAD="cat $LOGFILE"
|
||||||
|
else
|
||||||
echo "LOGFILE ($LOGFILE) does not exist!" >&2
|
echo "LOGFILE ($LOGFILE) does not exist!" >&2
|
||||||
exit 2
|
exit 2
|
||||||
fi
|
fi
|
||||||
@ -152,7 +156,7 @@ get_config() {
|
|||||||
# See if we have a real version of "tail" -- use separate redirection so
|
# See if we have a real version of "tail" -- use separate redirection so
|
||||||
# that ash (aka /bin/sh on LRP) doesn't crap
|
# that ash (aka /bin/sh on LRP) doesn't crap
|
||||||
#
|
#
|
||||||
if ( tail -n5 $LOGFILE > /dev/null 2> /dev/null ) ; then
|
if ( tail -n5 /dev/null > /dev/null 2> /dev/null ) ; then
|
||||||
realtail="Yes"
|
realtail="Yes"
|
||||||
else
|
else
|
||||||
realtail=""
|
realtail=""
|
||||||
|
Loading…
Reference in New Issue
Block a user