diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 2eb91587f..a275b2f4b 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -574,6 +574,13 @@ sub initialize( $ ) {
MASK_BITS => undef
);
+
+ #
+ # Valid log levels
+ #
+ # Note that we don't include LOGMARK; that is so we can default its
+ # priority to 'info' (LOGMARK itself defaults to 'warn').
+ #
%validlevels = ( DEBUG => 7,
INFO => 6,
NOTICE => 5,
@@ -587,7 +594,7 @@ sub initialize( $ ) {
PANIC => 0,
NONE => '',
NFLOG => 'NFLOG',
- LOGMARK => 'LOGMARK' );
+ );
#
# From parsing the capabilities file or capabilities detection
@@ -2137,12 +2144,15 @@ sub validate_level( $ ) {
return $rawlevel;
}
- if ( $level =~ /LOGMARK[(](.*)[)]$/ ) {
- my $sublevel = $1;
-
- $sublevel = $validlevels{$sublevel} unless $sublevel =~ /^[0-7]$/;
+ if ( $level =~ /LOGMARK([(](.+)[)])?$/ ) {
+ my $sublevel = $2;
- level_error( $level ) unless defined $sublevel =~ /^[0-7]$/;
+ if ( $1 ) {
+ $sublevel = $validlevels{$sublevel} unless $sublevel =~ /^[0-7]$/;
+ level_error( $level ) unless defined $sublevel =~ /^[0-7]$/;
+ } else {
+ $sublevel = 6; # info
+ }
require_capability ( 'LOG_TARGET' , 'A log level other than NONE', 's' );
require_capability( 'LOGMARK_TARGET' , 'LOGMARK', 's' );
diff --git a/manpages/shorewall.conf.xml b/manpages/shorewall.conf.xml
index 44858c9ea..b2c175225 100644
--- a/manpages/shorewall.conf.xml
+++ b/manpages/shorewall.conf.xml
@@ -80,11 +80,12 @@
LOGMARK(priority)
+ role="bold">LOGMARK[(priority)]
where priority is one of the levels
- listed in the list above.
+ listed in the list above. If omitted, the default is info (6).
The following options may be set in shorewall.conf.