extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-23 14:48:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change for OpenWRT compatibility

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5061 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-12-05 21:24:49 +00:00
parent 3ef3d36873
commit 12cac4cb0d
4 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/changelog.txt
View File

@ -21,6 +21,8 @@ Changes in 3.3.6
10) Allow capabilities file to be used with Shorewall as well as 10) Allow capabilities file to be used with Shorewall as well as
Shorewall Lite. Shorewall Lite.
11) Allow in-memory circular buffer for system log.
Changes in 3.3.5 Changes in 3.3.5
1) Restore default route when there are no 'balance' providers. 1) Restore default route when there are no 'balance' providers.

14
Shorewall/lib.cli
View File

@ -130,12 +130,12 @@ packet_log() # $1 = number of messages
[ -n "$realtail" ] && options="-n$1" [ -n "$realtail" ] && options="-n$1"
if [ -n "$SHOWMACS" -o $VERBOSE -gt 2 ]; then if [ -n "$SHOWMACS" -o $VERBOSE -gt 2 ]; then
grep 'IN=.* OUT=' $LOGFILE | \ $LOGREAD | grep 'IN=.* OUT=' | \
sed s/" kernel:"// | \ sed s/" kernel:"// | \
sed s/" $host $LOGFORMAT"/" "/ | \ sed s/" $host $LOGFORMAT"/" "/ | \
tail $options tail $options
else else
grep 'IN=.* OUT=' $LOGFILE | \ $LOGREAD | grep 'IN=.* OUT=' | \
sed s/" kernel:"// | \ sed s/" kernel:"// | \
sed s/" $host $LOGFORMAT"/" "/ | \ sed s/" $host $LOGFORMAT"/" "/ | \
sed 's/MAC=.* SRC=/SRC=/' | \ sed 's/MAC=.* SRC=/SRC=/' | \
@ -866,10 +866,10 @@ hits_command() {
timeout=30 timeout=30
if [ $(grep -c 'IN=.* OUT=' $LOGFILE ) -gt 0 ] ; then if [ $( $LOGREAD | grep -c 'IN=.* OUT=' ) -gt 0 ] ; then
echo " HITS IP DATE" echo " HITS IP DATE"
echo " ---- --------------- ------" echo " ---- --------------- ------"
grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3 \1/' | sort | uniq -c | sort -rn | \ $LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3 \1/' | sort | uniq -c | sort -rn | \
while read count address month day; do while read count address month day; do
printf '%7d %-15s %3s %2d\n' $count $address $month $day printf '%7d %-15s %3s %2d\n' $count $address $month $day
done done
@ -878,7 +878,7 @@ hits_command() {
echo " HITS IP PORT" echo " HITS IP PORT"
echo " ---- --------------- -----" echo " ---- --------------- -----"
grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2 \4/ $LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2 \4/
t t
s/\(.*SRC=\)\(.*\)\( DST=.*\)/\2/' | sort | uniq -c | sort -rn | \ s/\(.*SRC=\)\(.*\)\( DST=.*\)/\2/' | sort | uniq -c | sort -rn | \
while read count address port; do while read count address port; do
@ -889,7 +889,7 @@ hits_command() {
echo " HITS DATE" echo " HITS DATE"
echo " ---- ------" echo " ---- ------"
grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | \ $LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | \
while read count month day; do while read count month day; do
printf '%7d %3s %2d\n' $count $month $day printf '%7d %3s %2d\n' $count $month $day
done done
@ -898,7 +898,7 @@ hits_command() {
echo " HITS PORT SERVICE(S)" echo " HITS PORT SERVICE(S)"
echo " ---- ----- ----------" echo " ---- ----- ----------"
grep 'IN=.* OUT=.*DPT' $LOGFILE | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \ $LOGREAD | grep 'IN=.* OUT=.*DPT' | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \
while read count port ; do while read count port ; do
# List all services defined for the given port # List all services defined for the given port
srv=$(grep "^[^#].*\\b$port/" /etc/services | cut -f 1 | cut -f 1 -d' ' | sort -u) srv=$(grep "^[^#].*\\b$port/" /etc/services | cut -f 1 | cut -f 1 -d' ' | sort -u)

5
Shorewall/releasenotes.txt
View File

@ -128,6 +128,11 @@ Other Changes in 3.3.6
When you install a new kernel and/or iptables, be sure to generate When you install a new kernel and/or iptables, be sure to generate
a new file. a new file.
9) When syslogd is run with the -C option (which in some
implementations causes syslogd to log to an in-memory circular
buffer), /sbin/shorewall will now use the 'logread' command to read
the log from that buffer. This is for combatibility with OpenWRT.
Migration Considerations: Migration Considerations:
1) Shorewall supports the notion of "default actions". A default 1) Shorewall supports the notion of "default actions". A default

8
Shorewall/shorewall
View File

@ -128,7 +128,11 @@ get_config() {
[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages [ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
if [ ! -f $LOGFILE ]; then if ( ps ax 2> /dev/null | qt grep 'syslogd.*-C' ) ; then
LOGREAD="logread"
elif [ -f $LOGFILE ]; then
LOGREAD="cat $LOGFILE"
else
echo "LOGFILE ($LOGFILE) does not exist!" >&2 echo "LOGFILE ($LOGFILE) does not exist!" >&2
exit 2 exit 2
fi fi
@ -152,7 +156,7 @@ get_config() {
# See if we have a real version of "tail" -- use separate redirection so # See if we have a real version of "tail" -- use separate redirection so
# that ash (aka /bin/sh on LRP) doesn't crap # that ash (aka /bin/sh on LRP) doesn't crap
# #
if ( tail -n5 $LOGFILE > /dev/null 2> /dev/null ) ; then if ( tail -n5 /dev/null > /dev/null 2> /dev/null ) ; then
realtail="Yes" realtail="Yes"
else else
realtail="" realtail=""