Enhanced operational logging

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7729 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-02-08 22:11:21 +01:00 · 2007-11-23 21:33:36 +00:00 · 2007-11-23 21:33:36 +00:00 · 4016d69b8d
commit 4016d69b8d
parent 4ea9d2587e
10 changed files with 297 additions and 59 deletions
--- a/Shorewall-common/changelog.txt
+++ b/Shorewall-common/changelog.txt
@ -1,3 +1,7 @@
 Changes in 4.1.2
 1)  Enhanced Operational Logging
 Changes in 4.1.1
 1)  Fix ULOG/NFLOG output.
--- a/Shorewall-common/init.sh
+++ b/Shorewall-common/init.sh
@ -61,7 +61,7 @@ usage() {
 ################################################################################
 # Get startup options (override default)
 ################################################################################
-OPTIONS=
+OPTIONS="-v0"
 if [ -f /etc/sysconfig/shorewall ]; then
    . /etc/sysconfig/shorewall
 elif [ -f /etc/default/shorewall ] ; then
@ -74,7 +74,7 @@ fi
 command="$1"
 case "$command" in
-    start)
+    start|restart|stop)
 	exec /sbin/shorewall $OPTIONS $@
 	;;
    stop|restart|status)
@ -82,7 +82,7 @@ case "$command" in
 	;;
    reload)
 	shift
-	exec /sbin/shorewall restart $@
+	exec /sbin/shorewall $OPTIONS restart $@
 	;;
    *)
 	usage
--- a/Shorewall-common/lib.config
+++ b/Shorewall-common/lib.config
@ -1805,7 +1805,6 @@ do_initialize() {
    else
 	startup_error "$config does not exist!"
    fi
    #
    # Restore CONFIG_PATH if the shorewall.conf file cleared it
    #
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@ -1,4 +1,4 @@
-Shorewall 4.1 Patch Release 0.
+Shorewall 4.1 Patch Release 2.
 ----------------------------------------------------------------------------
               R E L E A S E  4 . 1  H I G H L I G H T S
@ -8,23 +8,56 @@ Shorewall 4.1 Patch Release 0.
 2) Support for NFLOG has been added.
-Problems corrected in Shorewall 4.1.1.
+3) Enhanced operational logging
-1)  Previously, incorrect output was generated by parameter lists to
+Problems corrected in Shorewall 4.1.2.
    ULOG or NFLOG.
-2)  Specifying NFQUEUE(<queue-number>) in the POLICY column of the
+None.
    policy file resulted in an error.
 Other changes in Shorewall 4.1.2.
-Other changes in Shorewall 4.1.1.
+1)  Shorewall 4.1.2 contains enhanced operational logging capabilities
    through a set of related enhancements to Shorewall-common and
    Shorewall-shell. The enhancements are not supported by
    Shorewall-shell.
-1)  You may now specify an interface address in the INTERFACE column of
+    a)  The STARTUP_LOG option in /etc/shorewall/shorewall.conf gives
-    /etc/shorewall/providers. See New Feature 1) below.
+        the name of the Shorewall operational log. The log will be
        created if it does not exist.
    b)  The LOG_VERBOSITY option in /etc/shorewall/shorewall.conf gives
        the verbosity at which logging will occur. It uses the same
        value range as VERBOSITY:
 	-1    Do not log
 	0     Almost quiet
 	1     Only major steps
 	2     Verbose
    c)  An absolute VERBOSITY may be specified on the command line
        using the -v option followed by -1,0,1 or 2.
 	Example:
 		shorewall -v2 check
    d)  The /etc/init.d/shorewall script supplied with the
        shorewall.net packages sets '-v0' as the default. This may be
        overridden with the OPTIONS setting in /etc/defaults/shorewall or
        /etc/sysconfig/shorewall.
    Logging occurs on both Shorewall-perl and the generated script when
    the following commands are issued:
 	start
 	restart
 	refresh
    Messages in the log are always timestamped.
 New Features in Shorewall 4.1.
-1) Shorewall 4.1.0 contains experimental support for multiple Internet
+1) Shorewall 4.1 contains experimental support for multiple Internet
   providers through a single ethernet interface. Configuring two
   providers through a single interface differs from two providers
   through two interfaces in several ways.
@ -34,7 +67,9 @@ New Features in Shorewall 4.1.
      to determine which provider a packet was received through. Note
      that only routed traffic can be categorized using this technique.
-   b) The 'shared' provider option must be specified for both providers.
+   b) You must specify the address on the interface that corresponds to
      a particular provider in the INTERFACE column by following the
      interface name with a colon (":") and the address.
   c) Entries in /etc/shorewall/masq must be qualified by the provider
      name (or number).
@ -43,25 +78,26 @@ New Features in Shorewall 4.1.
      iptables. If you use a capabilities file, you need to regenerate
      the file with Shorewall 4.0.6 or Shorewall-lite 4.0.6.
-   e) You specify the address on the interface that corresponds to a
+   e) You must add route_rules entries for networks that are accessed
      particular provider in the INTERFACE column by following the
      interface name with a colon (":") and the address.
   f) You must add route_rules entries for networks that are accessed
      through a particular provider.
   f) If you have additional IP addresses through either provider,
      you must add route_rules to direct traffic FROM each of those
      addresses through the appropriate provider.
    Example:
    Providers Blarg (1) and Avvanta (2) are both connected to
    eth0. The firewall's IP address with Blarg is 206.124.146.176/24
    (gateway 206.124.146.254) and the IP address from Avvanta is
-    130.252.144.8/24 (gateway 130.252.144.254).
+    130.252.144.8/24 (gateway 130.252.144.254). We have a second IP
    address (206.124.146.177) from Blarg.
    /etc/shorewall/providers:
-       #PROVIDER   NUMBER  MARK    DUPLICATE INTERFACE            GATEWAY         OPTIONS
+       #PROVIDER   NUMBER  MARK    DUPLICATE INTERFACE            GATEWAY
-       Blarg       1       1       main      eth0:206.124.146.176 206.124.146.254 shared,...
+       Blarg       1       1       main      eth0:206.124.146.176 206.124.146.254 ...
-       Avvanta     2       2       main      eth0:130.252.144.8   130.252.144.254 shared,...
+       Avvanta     2       2       main      eth0:130.252.144.8   130.252.144.254 ...
    /etc/shorewall/masq:
@ -76,6 +112,7 @@ New Features in Shorewall 4.1.
 	#SOURCE		DEST			PROVIDER	PRIORITY
 	-		206.124.146.0/24	Blarg		1000
 	-		130.252.144.0/24	Avvanta		1000
 	206.124.146.177	-			Blarg		26000
 2)  You may now include the name of a table (nat, mangle or filter) in
    a 'shorewall refresh' command by following the name with a colon
--- a/Shorewall-common/shorewall
+++ b/Shorewall-common/shorewall
@ -224,7 +224,30 @@ get_config() {
 	export LOGFORMAT
-    fi
+	if [ -n "$STARTUP_LOG" ]; then
 	    if [ -n "$LOG_VERBOSITY" ]; then
 		case $LOG_VERBOSITY in
 		    -1)
 			;;
 		    0|1|2)
 			[ -n "$STARTUP_LOG" ] || $LOG_VERBOSITY=-1;
 			;;
 		    *)
 		        echo "  ERROR: INvalid LOG_VERBOSITY ($LOG_VERBOSITY)" >&2
 			exit 2;
 			;;
 		esac
 	    else
 		$LOG_VERBOSITY=2;
 	    fi
 	else
 	    LOG_VERBOSITY=-1;
 	fi
    else
 	STARTUP_LOG=
 	LOG_VERBOSITY=-1
    fi   
    if [ -n "$SHOREWALL_SHELL" ]; then
 	if [ ! -x "$SHOREWALL_SHELL" ]; then
@ -235,7 +258,7 @@ get_config() {
    [ -n "${VERBOSITY:=2}" ]
-    VERBOSE=$(($VERBOSE_OFFSET + $VERBOSITY))
+    [ -n "$USE_VERBOSITY" ] && VERBOSE=$USE_VERBOSITY || VERBOSE=$(($VERBOSE_OFFSET + $VERBOSITY))
    export VERBOSE
@ -315,6 +338,15 @@ compiler() {
 	fi
    fi
    case $COMMAND in
 	*start|try|refresh)
 	    ;;
 	*)
 	    STARTUP_LOG=
 	    LOG_VERBOSITY=-1
 	    ;;
    esac
    [ $command = exec ] || command=
    case "$compiler" in
@ -329,12 +361,14 @@ compiler() {
 	    [ "$1" = nolock ] && shift;
 	    shift 
-	    options="--verbose $VERBOSE ";
+	    options="--verbose=$VERBOSE "
 	    [ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG "
 	    [ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY ";
 	    [ -n "$EXPORT" ] && options="$options --export "
-	    [ -n "$SHOREWALL_DIR" ] && options="$options --directory $SHOREWALL_DIR "
+	    [ -n "$SHOREWALL_DIR" ] && options="$options --directory=$SHOREWALL_DIR "
 	    [ -n "$TIMESTAMP" ] && options="$options --timestamp "
 	    [ "$debugging" = trace ] && options="$options --debug "
-	    [ -n "$REFRESHCHAINS" ] && options="$options --refresh $REFRESHCHAINS"
+	    [ -n "$REFRESHCHAINS" ] && options="$options --refresh=$REFRESHCHAINS"
 	    [ -x $pc ] || startup_error "SHOREWALL_COMPILER=perl requires the shorewall-perl package which is not installed"
 	    #
 	    # Run the appropriate params file
@ -348,6 +382,8 @@ compiler() {
 	    $command perl $debugflags $pc $options $@
 	    ;;
 	shell)
 	    LOG_VERBOSE=$LOG_VERBOSITY
 	    export STARTUP_LOG LOG_VERBOSE
 	    [ -x $sc ] || startup_error "SHOREWALL_COMPILER=shell requires the shorewall-shell package which is not installed"
 	    [ -n "$REFRESHCHAINS" ] && startup_error "Shorewall-shell does not support refresh of specific chains"
 	    $command $SHOREWALL_SHELL $sc $@
@ -407,6 +443,10 @@ start_command() {
 			    option=
 			    shift
 			    ;;
 			d*)
 			    DEBUG=Yes
 			    option=${option#d}
 			    ;;
 			f*)
 			    FAST=Yes
 			    option=${option#f}
@ -669,6 +709,10 @@ restart_command() {
 			    finished=1
 			    option=
 			    ;;
 			d*)
 			    DEBUG=Yes
 			    option=${option#d}
 			    ;;
 			n*)
 			    NOROUTES=Yes
 			    option=${option#n}
@ -1332,6 +1376,7 @@ SHOREWALL_DIR=
 IPT_OPTIONS="-nv"
 FAST=
 VERBOSE_OFFSET=0
 USE_VERBOSITY=
 NOROUTES=
 EXPORT=
 export TIMESTAMP=
@ -1383,8 +1428,29 @@ while [ $finished -eq 0 ]; do
 			option=${option#f}
 			;;
 		    v*)
 			VERBOSE_OFFSET=$(($VERBOSE_OFFSET + 1 ))
 			option=${option#v}
 			case $option in 
 			    -1*)
 				USE_VERBOSITY=-1
 				option=${option#-1}
 				;;
 			    0*)
 				USE_VERBOSITY=0
 				option=${option#0}
 				;;
 			    1*)
 				USE_VERBOSITY=1
 				option=${option#1}
 				;;
 			    2*)
 				USE_VERBOSITY=2
 				option=${option#2}
 				;;
 			    *)
 				VERBOSE_OFFSET=$(($VERBOSE_OFFSET + 1 ))
 				USE_VERBOSITY=
 				;;
 			esac
 			;;
 		    n*)
 			NOROUTES=Yes
--- a/Shorewall-perl/Shorewall/Compiler.pm
+++ b/Shorewall-perl/Shorewall/Compiler.pm
@ -143,6 +143,8 @@ sub generate_script_1() {
 	   qq(PATH="$config{PATH}") ,
 	   'TERMINATOR=fatal_error' ,
 	   qq(DONT_LOAD="@dont_load") ,
 	   qq(STARTUP_LOG="$config{STARTUP_LOG}") ,
 	   "LOG_VERBOSE=$config{LOG_VERBOSITY}" ,
 	   ''
 	   );
@ -699,9 +701,9 @@ EOF
 #    If the first argument is non-null, it names the script file to generate.
 #    Otherwise, this is a 'check' command and no script is produced.
 #
-sub compiler( $$$$$ ) {
+sub compiler( $$$$$$$ ) {
-    my ( $objectfile, $directory, $verbosity, $options , $chains ) = @_;
+    my ( $objectfile, $directory, $verbosity, $options , $chains , $log , $log_verbosity ) = @_;
    $export = 0;
@ -712,10 +714,11 @@ sub compiler( $$$$$ ) {
 	set_shorewall_dir( $directory );
    }
-    set_verbose( $verbosity ) unless $verbosity eq '';
+    set_verbose( $verbosity )     unless $verbosity eq '';
-    $export = 1               if $options & EXPORT;
+    set_log($log, $log_verbosity) if $log;
-    set_timestamp( 1 )        if $options & TIMESTAMP;
+    $export = 1                   if $options & EXPORT;
-    set_debug( 1 )            if $options & DEBUG;
+    set_timestamp( 1 )            if $options & TIMESTAMP;
    set_debug( 1 )                if $options & DEBUG;
    #
    # Get shorewall.conf and capabilities.
    #
@ -875,6 +878,8 @@ sub compiler( $$$$$ ) {
 	generate_aux_config if $export;
    }
    close_log if $log;
    1;
 }
--- a/Shorewall-perl/Shorewall/Config.pm
+++ b/Shorewall-perl/Shorewall/Config.pm
@ -54,12 +54,15 @@ our @EXPORT_OK = qw( $shorewall_dir initialize read_a_line1 set_config_path shor
 our %EXPORT_TAGS = ( internal => [ qw( create_temp_object 
 				       finalize_object
 		                       numeric_value
 				       emit
 				       emit_unindented
 				       save_progress_message
 				       save_progress_message_short
 				       set_timestamp
 				       set_verbose
 				       set_log
 				       close_log
 				       set_command
 				       push_indent
 				       pop_indent
@ -113,6 +116,10 @@ our ($command, $doing, $done );
 #
 our $verbose;
 #
 # Logging
 #
 our ( $log, $log_verbose );
 #
 # Timestamp each progress message, if true.
 #
 our $timestamp;
@ -228,6 +235,8 @@ sub initialize() {
    ( $command, $doing, $done ) = qw/ compile Compiling Compiled/; #describe the current command, it's present progressive, and it's completion.
    $verbose = 0;              # Verbosity setting. 0 = almost silent, 1 = major progress messages only, 2 = all progress messages (very noisy)
    $log = undef;              # File reference for log file
    $log_verbose = -1;         # Verbosity of log.
    $timestamp = '';           # If true, we are to timestamp each progress message
    $object = 0;               # Object (script) file Handle Reference
    $lastlineblank = 0;        # Avoid extra blank lines in the output
@ -268,6 +277,8 @@ sub initialize() {
 		RFC1918_LOG_LEVEL => undef,
 		SMURF_LOG_LEVEL => undef,
 		LOG_MARTIANS => undef,
 		LOG_VERBOSITY => undef,
 		STARTUP_LOG => undef,
 		#
 		# Location of Files
 		#
@ -425,8 +436,10 @@ sub warning_message
    if ( $debug ) {
 	print STDERR longmess( "   WARNING: @_$currentlineinfo" );
 	print $log   longmess( "   WARNING: @_$currentlineinfo" ) if $log;
    } else {
 	print STDERR "   WARNING: @_$currentlineinfo\n";
 	print $log   "   WARNING: @_$currentlineinfo\n" if $log;
    }
    $| = 0;
@ -438,17 +451,51 @@ sub warning_message
 sub fatal_error	{
    my $linenumber = $currentlinenumber || 1;
    my $currentlineinfo = $currentfile ?  " : $currentfilename (line $linenumber)" : '';
    $| = 1;
    if ( $log ) {
 	if ( $debug ) {
 	    print $log longmess( "   ERROR: @_$currentlineinfo" );
 	} else {
 	    print $log "   ERROR: @_$currentlineinfo\n";
 	}
 	close $log;
 	$log = undef;
    }
    confess "   ERROR: @_$currentlineinfo" if $debug;
    die "   ERROR: @_$currentlineinfo\n";
 }
 sub fatal_error1	{
    $| = 1;
    if ( $log ) {
 	if ( $debug ) {
 	    print $log longmess( "   ERROR: @_\n" );
 	} else {
 	    print $log "   ERROR: @_\n";
 	}
 	close $log;
 	$log = undef;
    }
    confess "   ERROR: @_" if $debug;
    die "   ERROR: @_\n";
 }
 #
 # Convert value to decimal number
 #
 sub numeric_value ( $ ) {
    my $mark = lc $_[0];
    fatal_error "Invalid Numeric Value ($mark)" unless $mark =~ /^-?(0x[a-f0-9]+|0[0-7]*|[1-9]\d*)$/;
    $mark =~ /^0/ ? oct $mark : $mark;
 }
 #
 # Write the arguments to the object file (if any) with the current indentation.
 #
@ -510,6 +557,36 @@ sub set_verbose( $ ) {
    $verbose = shift;
 }
 #
 # Set $log and $log_verbose
 #
 sub set_log ( $$ ) {
    my ( $l, $v ) = @_;
    if ( defined $v ) {
 	my $value = numeric_value( $v );
 	if ( ( $value < -1 ) || ( $value > 2 ) ) {
 	    fatal_error "Invalid Log Verbosity ( $v )";
 	}
 	$log_verbose = $value;
    }
    if ( $l && $log_verbose >= 0 ) {	
 	unless ( open $log , '>>' , $l ) {
 	    $log = undef; 
 	    fatal_error "Unable to open $l for writing: $!";
 	}
    } else {
 	$log_verbose = -1;
    }
 }
 sub close_log() {
    close $log, $log = undef if $log;
 }
 #
 # Set $command, $doing and $done
 #
@ -524,6 +601,8 @@ sub timestamp() {
    printf '%02d:%02d:%02d ', ( localtime ) [2,1,0];
 }
 my @abbr = qw( Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec );
 #
 # Write a message if $verbose >= 2
 #
@ -538,6 +617,15 @@ sub progress_message {
 	$line =~ s/\s+/ /g;
 	print "$line\n";
    }
    if ( $log_verbose > 1 ) {
 	my @localtime = localtime;
 	printf $log '%s %02d %02d:%02d:%02d ', $abbr[$localtime[4]], @localtime[3,2,1,0];
 	my $line = "@_";
 	$line =~ s/\s+/ /g;
 	print $log "$line\n";
    }
 }
 #
@ -548,6 +636,13 @@ sub progress_message2 {
 	timestamp if $timestamp;
 	print "@_\n";
    }
    if ( $log_verbose > 0 ) {
 	my @localtime = localtime;
 	printf $log '%s %02d %02d:%02d:%02d ', $abbr[$localtime[4]], @localtime[3,2,1,0];
 	print $log "@_\n";
    }
 }
 #
@ -558,6 +653,13 @@ sub progress_message3 {
 	timestamp if $timestamp;
 	print "@_\n";
    }
    if ( $log_verbose > 0 ) {
 	my @localtime = localtime;
 	printf $log '%s %02d %02d:%02d:%02d ', $abbr[$localtime[4]], @localtime[3,2,1,0];
 	print $log "@_\n";
    }
 }
 #
@ -1651,6 +1753,9 @@ sub get_configuration( $ ) {
    check_trivalue ( 'ROUTE_FILTER',  '' );
    check_trivalue ( 'LOG_MARTIANS',  '' );
    default 'LOG_VERBOSITY' , -1;
    default 'STARTUP_LOG'   , '';
    default_yes_no 'ADD_IP_ALIASES'             , 'Yes';
    default_yes_no 'ADD_SNAT_ALIASES'           , '';
    default_yes_no 'DETECT_DNAT_IPADDRS'        , '';
@ -1993,6 +2098,7 @@ END {
    #
    close  $object         if $object;
    close  $scriptfile     if $scriptfile;
    close  $log            if $log;
    #
    # Unlink temporary files
    #
--- a/Shorewall-perl/Shorewall/Zones.pm
+++ b/Shorewall-perl/Shorewall/Zones.pm
@ -37,7 +37,6 @@ our @EXPORT = qw( NOTHING
 		  IPSECPROTO
 		  IPSECMODE
 		  numeric_value
 		  determine_zones
 		  zone_report
 		  dump_zone_contents
@ -158,15 +157,6 @@ INIT {
    initialize;
 }
 #
 # Convert value to decimal number
 #
 sub numeric_value ( $ ) {
    my $mark = lc $_[0];
    fatal_error "Invalid Numeric Value ($mark)" unless $mark =~ /^(0x[a-f0-9]+|0[0-7]*|[1-9]\d*)$/;
    $mark =~ /^0/ ? oct $mark : $mark;
 }
 #
 # Parse the passed option list and return a reference to a hash as follows:
 #
--- a/Shorewall-perl/compiler.pl
+++ b/Shorewall-perl/compiler.pl
@ -41,7 +41,18 @@ use Shorewall::Compiler;
 use Getopt::Long;
 sub usage() {
-    print STDERR "usage: compiler.pl [ --export ] [ --directory=<directory> ] [ --verbose={0-2} ] [ --timestamp ] [ -- debug ] [ --refresh=<chainlist> ] [ <filename> ]\n";
+    print STDERR 'usage: compiler.pl [ <option> ... ] <filename> ]
  options are:
    [ --export ]
    [ --directory=<directory> ]
    [ --verbose={0-2} ]
    [ --timestamp ]
    [ -- debug ]
    [ --refresh=<chainlist> ]
    [ --log=<filename> ]
    [ --log-verbose={0-2} ]
 ';
    exit 1;
 }
@ -54,20 +65,25 @@ my $verbose       = 0;
 my $timestamp     = '';
 my $debug         = 0;
 my $chains        = '';
 my $log           = '';
 my $log_verbose   = 0;
 Getopt::Long::Configure ('bundling');
-my $result = GetOptions('export'      => \$export,
+my $result = GetOptions('export'          => \$export,
-			'e'           => \$export,
+			'e'               => \$export,
-			'directory=s' => \$shorewall_dir,
+			'directory=s'     => \$shorewall_dir,
-			'd=s'         => \$shorewall_dir,
+			'd=s'             => \$shorewall_dir,
-			'verbose=i'   => \$verbose,
+			'verbose=i'       => \$verbose,
-			'v=i'         => \$verbose,
+			'v=i'             => \$verbose,
-			'timestamp'   => \$timestamp,
+			'timestamp'       => \$timestamp,
-			't'           => \$timestamp,
+			't'               => \$timestamp,
-		        'debug'       => \$debug,
+		        'debug'           => \$debug,
-			'r=s'         => \$chains,
+			'r=s'             => \$chains,
-			'refresh=s'   => \$chains
+			'refresh=s'       => \$chains,
 			'log=s'           => \$log,
 			'l=s'             => \$log,
 			'log_verbosity=i' => \$log_verbose,
 		       );
 usage unless $result && @ARGV < 2;
@ -78,4 +94,4 @@ $options |= EXPORT    if $export;
 $options |= TIMESTAMP if $timestamp;
 $options |= DEBUG     if $debug;
-compiler $ARGV[0], $shorewall_dir, $verbose, $options, $chains;
+compiler $ARGV[0], $shorewall_dir, $verbose, $options, $chains, $log , $log_verbose;
--- a/Shorewall-perl/prog.header
+++ b/Shorewall-perl/prog.header
@ -41,6 +41,11 @@ progress_message() # $* = Message
 	[ -n "$TIMESTAMP" ] && timestamp="$(date +%H:%M:%S) "
 	echo "${timestamp}$@"
    fi
    if [ $LOG_VERBOSE -gt 1 ]; then
        timestamp="$(date +'%_b %d %T') "
        echo "${timestamp}$@" >> $STARTUP_LOG
    fi
 }
 progress_message2() # $* = Message
@ -51,6 +56,11 @@ progress_message2() # $* = Message
 	[ -n "$TIMESTAMP" ] && timestamp="$(date +%H:%M:%S) "
 	echo "${timestamp}$@"
    fi
    if [ $LOG_VERBOSE -gt 0 ]; then
        timestamp="$(date +'%_b %d %T') "
        echo "${timestamp}$@" >> $STARTUP_LOG
    fi
 }
 progress_message3() # $* = Message
@ -61,6 +71,11 @@ progress_message3() # $* = Message
 	[ -n "$TIMESTAMP" ] && timestamp="$(date +%H:%M:%S) "
 	echo "${timestamp}$@"
    fi
    if [ $LOG_VERBOSE -ge 0 ]; then
        timestamp="$(date +'%_b %d %T') "
        echo "${timestamp}$@" >> $STARTUP_LOG
    fi
 }
 #