diff --git a/Shorewall/lib.cli b/Shorewall/lib.cli index f585872c0..6076f8920 100644 --- a/Shorewall/lib.cli +++ b/Shorewall/lib.cli @@ -152,9 +152,9 @@ syslog_circular_buffer() { packet_log() # $1 = number of messages { if [ -n "$g_showmacs" -o $VERBOSE -gt 2 ]; then - $LOGREAD | grep 'IN=.* OUT=.*SRC=.*\..*DST=' | head -n$1 | tac | sed 's/ kernel://; s/\[.*\] //' | sed s/" $host $LOGFORMAT"/" "/ + $g_logread | grep 'IN=.* OUT=.*SRC=.*\..*DST=' | head -n$1 | tac | sed 's/ kernel://; s/\[.*\] //' | sed s/" $host $LOGFORMAT"/" "/ else - $LOGREAD | grep 'IN=.* OUT=.*SRC=.*\..*DST=' | head -n$1 | tac | sed 's/ kernel://; s/MAC=.* SRC=/SRC=/; s/\[.*\] '// | sed s/" $host $LOGFORMAT"/" "/ + $g_logread | grep 'IN=.* OUT=.*SRC=.*\..*DST=' | head -n$1 | tac | sed 's/ kernel://; s/MAC=.* SRC=/SRC=/; s/\[.*\] '// | sed s/" $host $LOGFORMAT"/" "/ fi } @@ -1287,10 +1287,10 @@ hits_command() { timeout=30 - if $LOGREAD | grep -q "${today}IN=.* OUT=" ; then + if $g_logread | grep -q "${today}IN=.* OUT=" ; then echo " HITS IP DATE" echo " ---- --------------- ------" - $LOGREAD | grep "${today}IN=.* OUT=" | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3 \1/' | sort | uniq -c | sort -rn | while read count address month day; do + $g_logread | grep "${today}IN=.* OUT=" | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3 \1/' | sort | uniq -c | sort -rn | while read count address month day; do printf '%7d %-15s %3s %2d\n' $count $address $month $day done @@ -1298,7 +1298,7 @@ hits_command() { echo " HITS IP PORT" echo " ---- --------------- -----" - $LOGREAD | grep "${today}IN=.* OUT=" | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2 \4/ + $g_logread | grep "${today}IN=.* OUT=" | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2 \4/ t s/\(.*SRC=\)\(.*\)\( DST=.*\)/\2/' | sort | uniq -c | sort -rn | while read count address port; do printf '%7d %-15s %d\n' $count $address $port @@ -1308,7 +1308,7 @@ hits_command() { echo " HITS DATE" echo " ---- ------" - $LOGREAD | grep "${today}IN=.* OUT=" | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | while read count month day; do + $g_logread | grep "${today}IN=.* OUT=" | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | while read count month day; do printf '%7d %3s %2d\n' $count $month $day done @@ -1316,7 +1316,7 @@ hits_command() { echo " HITS PORT SERVICE(S)" echo " ---- ----- ----------" - $LOGREAD | grep "${today}IN=.* OUT=.*DPT" | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | while read count port ; do + $g_logread | grep "${today}IN=.* OUT=.*DPT" | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | while read count port ; do # List all services defined for the given port srv=$(grep "^[^#].*\\b$port/" /etc/services | cut -f 1 | cut -f 1 -d' ' | sort -u) srv=$(echo $srv | sed 's/ /,/g') diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 064a98667..639860daa 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -1,7 +1,16 @@ -Shorewall 4.4.8 +---------------------------------------------------------------------------- + S H O R E W A L L 4 . 4 . 8 +---------------------------------------------------------------------------- + +I. RELEASE 4.4 HIGHLIGHTS +II. MIGRATION ISSUES +III. PROBLEMS CORRECTED IN THIS RELEASE +IV. KNOWN PROBLEMS REMAINING +V. NEW FEATURES IN THIS RELEASE +VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES ---------------------------------------------------------------------------- - R E L E A S E 4 . 4 H I G H L I G H T S + I. R E L E A S E 4 . 4 H I G H L I G H T S ---------------------------------------------------------------------------- 1) Support for Shorewall-shell has been discontinued. Shorewall-perl @@ -59,7 +68,7 @@ Shorewall 4.4.8 15) TPROXY support has been added. ---------------------------------------------------------------------------- - M I G R A T I O N I S S U E S + I I. M I G R A T I O N I S S U E S ---------------------------------------------------------------------------- 1) If you are currently using Shorewall-shell: @@ -184,7 +193,7 @@ Shorewall 4.4.8 one from the release (not recommended). ---------------------------------------------------------------------------- - P R O B L E M S C O R R E C T E D I N 4 . 4 . 8 +I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) A CONTINUE rule specifying a log level would cause the compiler to @@ -235,17 +244,21 @@ Shorewall 4.4.8 returns a failure status (1) when the command fails. ---------------------------------------------------------------------------- - K N O W N P R O B L E M S R E M A I N I N G + I V. K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- None. ---------------------------------------------------------------------------- - N E W F E A T U R E S I N 4 . 4 . 8 + V. N E W F E A T U R E S I N T H I S R E L E A S E ---------------------------------------------------------------------------- None. +---------------------------------------------------------------------------- +V I. P R O B L E M S C O R R E C T E D A N D N E W F E A T U R E S + I N P R I O R R E L E A S E S +---------------------------------------------------------------------------- ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N 4 . 4 . 7 ---------------------------------------------------------------------------- diff --git a/Shorewall/shorewall b/Shorewall/shorewall index 325b472f4..0de0b2410 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -72,9 +72,9 @@ get_config() { [ -z "$LOGFILE" ] && LOGFILE=/var/log/messages if [ -n "$(syslog_circular_buffer)" ]; then - LOGREAD="logread | tac" + g_logread="logread | tac" elif [ -r $LOGFILE ]; then - LOGREAD="tac $LOGFILE" + g_logread="tac $LOGFILE" else echo "LOGFILE ($LOGFILE) does not exist!" >&2 exit 2