extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-23 14:48:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix whitespace in LOGFORMAT

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4808 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-11-08 00:16:30 +00:00
parent 7f372fb0b6
commit 60aec9802d
5 changed files with 51 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/changelog.txt
View File

@ -13,6 +13,8 @@ Changes in 3.3.4
6) Move config file documentary comments to a separate file. 6) Move config file documentary comments to a separate file.
7) Fix whitespace in LOGFORMAT.
Changes in 3.3.4 Changes in 3.3.4
1) Make exclusion work with "show zones" 1) Make exclusion work with "show zones"

36
Shorewall/compiler
View File

@ -690,6 +690,40 @@ disable_critical_hosts()
done done
} }
#
# Logging Rules
#
log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = disposition , $5 = rate limit $6=log tag $7=command $... = predicates for the rule
{
local level=$1
local chain=$2
local displayChain=$3
local disposition=$4
local rulenum=
local limit=
local tag=${6:+$6 }
local command=${7:--A}
local prefix
local base=$(chain_base $displayChain)
limit="${5:-$LOGLIMIT}" # Do this here rather than in the declaration above to appease /bin/ash.
shift 7
save_command "do_log_rule_limit \"$level\" \"$chain\" \"$displayChain\" \"$disposition\" \"$limit\" \"$tag\" \"$command\" $@"
}
log_rule() # $1 = log level, $2 = chain, $3 = disposition , $... = predicates for the rule
{
local level=$1
local chain=$2
local disposition=$3
shift 3
log_rule_limit $level $chain $chain $disposition "$LOGLIMIT" "" -A $@
}
# #
# Set up SYN flood protection # Set up SYN flood protection
# #
@ -3515,7 +3549,7 @@ ip -f inet addr show $interface 2> /dev/null | grep 'inet.*brd' | sed 's/inet.*b
__EOF__ __EOF__
[ -n "$SMURF_LOG_LEVEL" ] && \ [ -n "$SMURF_LOG_LEVEL" ] && \
indent >&3 << __EOF__ indent >&3 << __EOF__
log_rule $SMURF_LOG_LEVEL smurfs DROP -s \$address do_log_rule $SMURF_LOG_LEVEL smurfs DROP -s \$address
__EOF__ __EOF__
indent >&3 << __EOF__ indent >&3 << __EOF__
run_iptables -A smurfs -s \$address -j DROP run_iptables -A smurfs -s \$address -j DROP

16
Shorewall/lib.base
View File

@ -554,6 +554,10 @@ chain_base() #$1 = interface
while true; do while true; do
case $c in case $c in
@*)
c=at_${c#@}
;;
*.*) *.*)
c="${c%.*}_${c##*.}" c="${c%.*}_${c##*.}"
;; ;;
@ -1187,7 +1191,7 @@ disable_ipv6() {
# #
# Add a logging rule. # Add a logging rule.
# #
log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = disposition , $5 = rate limit $6=log tag $7=command $... = predicates for the rule do_log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = disposition , $5 = rate limit $6=log tag $7=command $... = predicates for the rule
{ {
local level=$1 local level=$1
local chain=$2 local chain=$2
@ -1227,14 +1231,12 @@ log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = dispositi
error_message "WARNING: Log Prefix shortened to \"$prefix\"" error_message "WARNING: Log Prefix shortened to \"$prefix\""
fi fi
[ "$PROGRAM" = compiler ] && prefix="\"$prefix\""
case $level in case $level in
ULOG) ULOG)
run_iptables $command $chain $@ $limit -j ULOG $LOGPARMS --ulog-prefix "$prefix" $IPTABLES $command $chain $@ $limit -j ULOG $LOGPARMS --ulog-prefix "$prefix"
;; ;;
*) *)
run_iptables $command $chain $@ $limit -j LOG $LOGPARMS --log-level $level --log-prefix "$prefix" $IPTABLES $command $chain $@ $limit -j LOG $LOGPARMS --log-level $level --log-prefix "$prefix"
;; ;;
esac esac
@ -1243,7 +1245,7 @@ log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = dispositi
fi fi
} }
log_rule() # $1 = log level, $2 = chain, $3 = disposition , $... = predicates for the rule do_log_rule() # $1 = log level, $2 = chain, $3 = disposition , $... = predicates for the rule
{ {
local level=$1 local level=$1
local chain=$2 local chain=$2
@ -1251,7 +1253,7 @@ log_rule() # $1 = log level, $2 = chain, $3 = disposition , $... = predicates fo
shift 3 shift 3
log_rule_limit $level $chain $chain $disposition "$LOGLIMIT" "" -A $@ do_log_rule_limit $level $chain $chain $disposition "$LOGLIMIT" "" -A $@
} }
delete_tc1() delete_tc1()

4
Shorewall/prog.footer
View File

@ -8,8 +8,6 @@ usage() {
################################################################################ ################################################################################
# E X E C U T I O N B E G I N S H E R E # # E X E C U T I O N B E G I N S H E R E #
################################################################################ ################################################################################
initialize
# #
# Start trace if first arg is "debug" or "trace" # Start trace if first arg is "debug" or "trace"
# #
@ -18,6 +16,8 @@ if [ $# -gt 1 ] && [ "x$1" = "xdebug" -o "x$1" = "xtrace" ]; then
shift shift
fi fi
initialize
finished=0 finished=0
while [ $finished -eq 0 -a $# -gt 0 ]; do while [ $finished -eq 0 -a $# -gt 0 ]; do

3
Shorewall/releasenotes.txt
View File

@ -40,6 +40,9 @@ Problems Corrected in 3.3.5
2) Previously, restoration of routing was ignoring the "-n" 2) Previously, restoration of routing was ignoring the "-n"
option. Now such restoration only occurs if "-n" was not specified. option. Now such restoration only occurs if "-n" was not specified.
3) Previously, a startup error resulted when white space was included
in LOGFORMAT.
Other Changes in 3.3.5. Other Changes in 3.3.5.
1) Shorewall no longer includes policy matches in its generated 1) Shorewall no longer includes policy matches in its generated