Add -m option to 'show' and 'logwatch' commands to display MAC addresses

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3798 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/help

@@ -225,9 +225,10 @@ logdrop)
 	;;
 
 logwatch)
-	echo "logwatch: logwatch [<refresh interval>]
+	echo "logwatch: logwatch [ -m ] [<refresh interval>]
     Monitors the LOGFILE, $LOGFILE,
-    and produces an audible alarm when new Shorewall messages are logged."
+    and produces an audible alarm when new Shorewall messages are logged.
+    If \"-m\" is specified, then MAC addresses in the log entries (if any) are displayed."
 	;;
 
 logreject)
@@ -320,7 +321,8 @@ show)
     shorewall [-x] show nat - produce a verbose report about the nat table.
     (iptables -t nat -L -n -v)
 
-    shorewall show log - display the last 20 packet log entries.
+    shorewall show [ -m ] log - display the last 20 packet log entries. If \"-m\" is specified, then
+	MAC addresses in the log entries (if any) are displayed.
 
     shorewall show macros -- displays the standard macros.
 

Shorewall/releasenotes.txt

@@ -88,7 +88,7 @@ Migration Considerations:
     to the use of macros.
 
 3)  In previous Shorewall releases, DNAT and REDIRECT rules supported a
-    special syntax for exclusion of a subnet from the effect of the rule.
+    special syntax for exclusion of a sub-zone from the effect of the rule.
 
     Example:
 
@@ -159,10 +159,11 @@ New Features:
 
     You set the default level of verbosity using the VERBOSITY option in
     shorewall.conf. If you don't set it (as would be the case of you use your
-    old shorewall.conf file) then VERBOSITY defaults to a value of 2 which is
-    the old default. A value of 1 suppresses some of the output (like the old
-    -q option did) while a value of 0 makes Shorewall almost silent. A value
-    of -1 suppresses all output except warning and error messages.
+    old shorewall.conf file) then VERBOSITY defaults to a value of 2 which
+    results in behavior compatible with previous Shorewall versions.
+    A value of 1 suppresses some of the output (like the old -q option did)
+    while a value of 0 makes Shorewall almost silent. A value of -1
+    suppresses all output except warning and error messages.
 
     The value specified in the 3.2 shorewall.conf is 1. So you can make
     Shorewall as verbose as previously using a single -v and you can make it
@@ -181,6 +182,12 @@ New Features:
     VERBOSITY=0 in shorewall.conf, then you will need to include -vvv in
     commands that display log records in order to have MACs displayed.
 
+    To make the display of MAC addresses let cumbersome, a '-m' option has
+    been added to the "show" and logwatch commands:
+
+	shorewall show -m log
+	shorewall logwatch -m
+
 2)  A new 'shorewall compile' command has been added.
 
      shorewall compile [ -e ] [ -d <distro> ] [ <config directory> ] <script file>

Shorewall/shorewall

@@ -296,7 +296,7 @@ packet_log() # $1 = number of messages
 
     [ -n "$realtail" ] && options="-n$1"
 
-    if [ $VERBOSE -gt 2 ]; then
+    if [ -n "$SHOWMACS" -o $VERBOSE -gt 2 ]; then
 	grep "${LOGFORMAT}" $LOGFILE | \
 	    sed s/" kernel:"// | \
 	    sed s/" $host $LOGFORMAT"/" "/ | \
@@ -864,6 +864,10 @@ show_command() {
 			    IPT_OPTIONS="-xnv"
 			    option=${option#x}
 			    ;;
+			m*)
+			    SHOWMACS=Yes
+			    option=${option#m}
+			    ;;
 			*)
 			    usage 1
 			    ;;
@@ -1323,7 +1327,7 @@ usage() # $1 = exit status
     echo "   restart [ -n ] [ <directory> ]"
     echo "   restore [ -n ] [ <file name> ]"
     echo "   save [ <file name> ]"
-    echo "   show [ -x ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]"
+    echo "   show [ -x ] [ -m ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]"
     echo "   start [ -f ] [ -n ] [ <directory> ]"
     echo "   stop"
     echo "   status"
@@ -1748,6 +1752,10 @@ case "$COMMAND" in
 				VERBOSE=$(($VERBOSE - 1 ))
 				option=${option#q}
 				;;
+			    m*)
+				SHOWMACS=Yes
+				option=${option#m}
+				;;
 			    -)
 				finished=1
 				option=