extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-11 08:08:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add -m option to 'show' and 'logwatch' commands to display MAC addresses

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3798 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-04-17 22:24:18 +00:00
parent 009d710cc5
commit d0afc17db7
3 changed files with 27 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Shorewall/help
View File

@ -225,9 +225,10 @@ logdrop)
;; ;;
logwatch) logwatch)
echo "logwatch: logwatch [<refresh interval>] echo "logwatch: logwatch [ -m ] [<refresh interval>]
Monitors the LOGFILE, $LOGFILE, Monitors the LOGFILE, $LOGFILE,
and produces an audible alarm when new Shorewall messages are logged." and produces an audible alarm when new Shorewall messages are logged.
If \"-m\" is specified, then MAC addresses in the log entries (if any) are displayed."
;; ;;
logreject) logreject)
@ -320,7 +321,8 @@ show)
shorewall [-x] show nat - produce a verbose report about the nat table. shorewall [-x] show nat - produce a verbose report about the nat table.
(iptables -t nat -L -n -v) (iptables -t nat -L -n -v)
shorewall show log - display the last 20 packet log entries. shorewall show [ -m ] log - display the last 20 packet log entries. If \"-m\" is specified, then
MAC addresses in the log entries (if any) are displayed.
shorewall show macros -- displays the standard macros. shorewall show macros -- displays the standard macros.

17
Shorewall/releasenotes.txt
View File

@ -88,7 +88,7 @@ Migration Considerations:
to the use of macros. to the use of macros.
3) In previous Shorewall releases, DNAT and REDIRECT rules supported a 3) In previous Shorewall releases, DNAT and REDIRECT rules supported a
special syntax for exclusion of a subnet from the effect of the rule. special syntax for exclusion of a sub-zone from the effect of the rule.
Example: Example:
@ -159,10 +159,11 @@ New Features:
You set the default level of verbosity using the VERBOSITY option in You set the default level of verbosity using the VERBOSITY option in
shorewall.conf. If you don't set it (as would be the case of you use your shorewall.conf. If you don't set it (as would be the case of you use your
old shorewall.conf file) then VERBOSITY defaults to a value of 2 which is old shorewall.conf file) then VERBOSITY defaults to a value of 2 which
the old default. A value of 1 suppresses some of the output (like the old results in behavior compatible with previous Shorewall versions.
-q option did) while a value of 0 makes Shorewall almost silent. A value A value of 1 suppresses some of the output (like the old -q option did)
of -1 suppresses all output except warning and error messages. while a value of 0 makes Shorewall almost silent. A value of -1
suppresses all output except warning and error messages.
The value specified in the 3.2 shorewall.conf is 1. So you can make The value specified in the 3.2 shorewall.conf is 1. So you can make
Shorewall as verbose as previously using a single -v and you can make it Shorewall as verbose as previously using a single -v and you can make it
@ -181,6 +182,12 @@ New Features:
VERBOSITY=0 in shorewall.conf, then you will need to include -vvv in VERBOSITY=0 in shorewall.conf, then you will need to include -vvv in
commands that display log records in order to have MACs displayed. commands that display log records in order to have MACs displayed.
To make the display of MAC addresses let cumbersome, a '-m' option has
been added to the "show" and logwatch commands:
shorewall show -m log
shorewall logwatch -m
2) A new 'shorewall compile' command has been added. 2) A new 'shorewall compile' command has been added.
shorewall compile [ -e ] [ -d <distro> ] [ <config directory> ] <script file> shorewall compile [ -e ] [ -d <distro> ] [ <config directory> ] <script file>

12
Shorewall/shorewall
View File

@ -296,7 +296,7 @@ packet_log() # $1 = number of messages
[ -n "$realtail" ] && options="-n$1" [ -n "$realtail" ] && options="-n$1"
if [ $VERBOSE -gt 2 ]; then if [ -n "$SHOWMACS" -o $VERBOSE -gt 2 ]; then
grep "${LOGFORMAT}" $LOGFILE | \ grep "${LOGFORMAT}" $LOGFILE | \
sed s/" kernel:"// | \ sed s/" kernel:"// | \
sed s/" $host $LOGFORMAT"/" "/ | \ sed s/" $host $LOGFORMAT"/" "/ | \
@ -864,6 +864,10 @@ show_command() {
IPT_OPTIONS="-xnv" IPT_OPTIONS="-xnv"
option=${option#x} option=${option#x}
;; ;;
m*)
SHOWMACS=Yes
option=${option#m}
;;
*) *)
usage 1 usage 1
;; ;;
@ -1323,7 +1327,7 @@ usage() # $1 = exit status
echo " restart [ -n ] [ <directory> ]" echo " restart [ -n ] [ <directory> ]"
echo " restore [ -n ] [ <file name> ]" echo " restore [ -n ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [ -x ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]" echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]"
echo " start [ -f ] [ -n ] [ <directory> ]" echo " start [ -f ] [ -n ] [ <directory> ]"
echo " stop" echo " stop"
echo " status" echo " status"
@ -1748,6 +1752,10 @@ case "$COMMAND" in
VERBOSE=$(($VERBOSE - 1 )) VERBOSE=$(($VERBOSE - 1 ))
option=${option#q} option=${option#q}
;; ;;
m*)
SHOWMACS=Yes
option=${option#m}
;;
-) -)
finished=1 finished=1
option= option=