mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-07 16:24:01 +01:00
Document Universal Configuration and allow for empty LOGFILE
This commit is contained in:
parent
4e02031985
commit
bebeba8cae
@ -10,4 +10,4 @@
|
||||
#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT:
|
||||
# LEVEL BURST MASK
|
||||
$FW net ACCEPT
|
||||
net all DROP info
|
||||
net all DROP
|
||||
|
@ -21,7 +21,7 @@ VERBOSITY=1
|
||||
# L O G G I N G
|
||||
###############################################################################
|
||||
|
||||
LOGFILE=/var/log/messages
|
||||
LOGFILE=
|
||||
|
||||
STARTUP_LOG=/var/log/shorewall-init.log
|
||||
|
||||
|
@ -22,7 +22,7 @@ VERBOSITY=1
|
||||
# L O G G I N G
|
||||
###############################################################################
|
||||
|
||||
LOGFILE=/var/log/messages
|
||||
LOGFILE=
|
||||
|
||||
STARTUP_LOG=/var/log/shorewall6-init.log
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
#!/bin/sh
|
||||
ss_#!/bin/sh
|
||||
#
|
||||
# Shorewall 4.4 -- /usr/share/shorewall/lib.cli.
|
||||
#
|
||||
@ -226,6 +226,18 @@ show_classifiers() {
|
||||
logwatch() # $1 = timeout -- if negative, prompt each time that
|
||||
# an 'interesting' packet count changes
|
||||
{
|
||||
if [ -z "$LOGFILE" ]; then
|
||||
LOGFILE=/var/log/messages
|
||||
|
||||
if [ -n "$(syslog_circular_buffer)" ]; then
|
||||
g_logread="logread | tac"
|
||||
elif [ -r $LOGFILE ]; then
|
||||
g_logread="tac $LOGFILE"
|
||||
else
|
||||
echo "LOGFILE ($LOGFILE) does not exist!" >&2
|
||||
exit 2
|
||||
fi
|
||||
fi
|
||||
|
||||
host=$(echo $g_hostname | sed 's/\..*$//')
|
||||
oldrejects=$($IPTABLES -L -v -n | grep 'LOG')
|
||||
@ -541,6 +553,20 @@ show_command() {
|
||||
;;
|
||||
log)
|
||||
[ $# -gt 2 ] && usage 1
|
||||
|
||||
if [ -z "$LOGFILE" ]; then
|
||||
LOGFILE=/var/log/messages
|
||||
|
||||
if [ -n "$(syslog_circular_buffer)" ]; then
|
||||
g_logread="logread | tac"
|
||||
elif [ -r $LOGFILE ]; then
|
||||
g_logread="tac $LOGFILE"
|
||||
else
|
||||
echo "LOGFILE ($LOGFILE) does not exist!" >&2
|
||||
exit 2
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "$g_product $SHOREWALL_VERSION Log ($LOGFILE) at $g_hostname - $(date)"
|
||||
echo
|
||||
show_reset
|
||||
@ -781,6 +807,17 @@ dump_command() {
|
||||
esac
|
||||
done
|
||||
|
||||
if [ -z "$LOGFILE" ]; then
|
||||
if [ -n "$(syslog_circular_buffer)" ]; then
|
||||
g_logread="logread | tac"
|
||||
elif [ -r $LOGFILE ]; then
|
||||
g_logread="tac $LOGFILE"
|
||||
else
|
||||
echo "LOGFILE ($LOGFILE) does not exist!" >&2
|
||||
exit 2
|
||||
fi
|
||||
fi
|
||||
|
||||
g_ipt_options="$g_ipt_options $g_ipt_options1"
|
||||
|
||||
[ $VERBOSITY -lt 2 ] && VERBOSITY=2
|
||||
|
@ -67,15 +67,15 @@ get_config() {
|
||||
# This block is avoided for compile for export and when the user isn't root
|
||||
#
|
||||
if [ "$3" = Yes ]; then
|
||||
[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
|
||||
|
||||
if [ -n "$(syslog_circular_buffer)" ]; then
|
||||
g_logread="logread | tac"
|
||||
elif [ -r $LOGFILE ]; then
|
||||
g_logread="tac $LOGFILE"
|
||||
else
|
||||
echo "LOGFILE ($LOGFILE) does not exist!" >&2
|
||||
exit 2
|
||||
if [ -n "$LOGFILE" ]; then
|
||||
if [ -n "$(syslog_circular_buffer)" ]; then
|
||||
g_logread="logread | tac"
|
||||
elif [ -r $LOGFILE ]; then
|
||||
g_logread="tac $LOGFILE"
|
||||
else
|
||||
echo "LOGFILE ($LOGFILE) does not exist!" >&2
|
||||
exit 2
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
|
@ -22,6 +22,8 @@
|
||||
|
||||
<year>2007</year>
|
||||
|
||||
<year>2010</year>
|
||||
|
||||
<holder>Thomas M. Eastep</holder>
|
||||
</copyright>
|
||||
|
||||
@ -48,6 +50,16 @@
|
||||
<para>Next, read the QuickStart Guide that is appropriate for your
|
||||
configuration:</para>
|
||||
|
||||
<para><emphasis role="bold">If you just want to protect a system: (Requires
|
||||
Shorewall 4.4.12-Beta3 or later)</emphasis></para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para><ulink url="Universal.html">Universal</ulink> configuration --
|
||||
requires no configuration to protect a single system.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para><emphasis role="bold">If you have only one public IP
|
||||
address:</emphasis></para>
|
||||
|
||||
|
@ -18,7 +18,7 @@
|
||||
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
|
||||
|
||||
<copyright>
|
||||
<year>2009</year>
|
||||
<year>2010</year>
|
||||
|
||||
<holder>Thomas M. Eastep</holder>
|
||||
</copyright>
|
||||
|
Loading…
Reference in New Issue
Block a user