Change for OpenWRT compatibility

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5061 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/changelog.txt

@@ -21,6 +21,8 @@ Changes in 3.3.6
 10) Allow capabilities file to be used with Shorewall as well as
     Shorewall Lite.
 
+11) Allow in-memory circular buffer for system log.
+
 Changes in 3.3.5
 
 1)  Restore default route when there are no 'balance' providers.

Shorewall/lib.cli

@@ -130,12 +130,12 @@ packet_log() # $1 = number of messages
     [ -n "$realtail" ] && options="-n$1"
 
     if [ -n "$SHOWMACS" -o $VERBOSE -gt 2 ]; then
-	grep 'IN=.* OUT=' $LOGFILE | \
+	$LOGREAD | grep 'IN=.* OUT=' | \
 	    sed s/" kernel:"// | \
 	    sed s/" $host $LOGFORMAT"/" "/ | \
 	    tail $options
     else
-	grep 'IN=.* OUT=' $LOGFILE | \
+	$LOGREAD | grep 'IN=.* OUT=' | \
 	    sed s/" kernel:"// | \
 	    sed s/" $host $LOGFORMAT"/" "/ | \
 	    sed 's/MAC=.* SRC=/SRC=/' | \
@@ -866,10 +866,10 @@ hits_command() {
 
     timeout=30
 
-    if [ $(grep -c 'IN=.* OUT=' $LOGFILE ) -gt 0 ] ; then
+    if [ $( $LOGREAD | grep -c 'IN=.* OUT=' ) -gt 0 ] ; then
 	echo "   HITS IP		  DATE"
 	echo "   ---- --------------- ------"
-	grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3	\1/' | sort | uniq -c | sort -rn | \
+	$LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3	\1/' | sort | uniq -c | sort -rn | \
 	    while read count address month day; do
 	    printf '%7d %-15s %3s %2d\n' $count $address $month $day
 	done
@@ -878,7 +878,7 @@ hits_command() {
 
 	echo "   HITS IP		  PORT"
 	echo "   ---- --------------- -----"
-	grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2	\4/
+	$LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2	\4/
 						t
 						s/\(.*SRC=\)\(.*\)\( DST=.*\)/\2/' | sort | uniq -c | sort -rn | \
 						    while read count address port; do
@@ -889,7 +889,7 @@ hits_command() {
 
 	echo "   HITS DATE"
 	echo "   ---- ------"
-	grep 'IN=.* OUT=' $LOGFILE | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | \
+	$LOGREAD | grep 'IN=.* OUT=' | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn | \
 	    while read count month day; do
 	    printf '%7d %3s %2d\n' $count $month $day
 	done
@@ -898,7 +898,7 @@ hits_command() {
 
 	echo "   HITS  PORT SERVICE(S)"
 	echo "   ---- ----- ----------"
-	grep 'IN=.* OUT=.*DPT' $LOGFILE | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \
+	$LOGREAD | grep 'IN=.* OUT=.*DPT' | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \
 	    while read count port ; do
 	    # List all services defined for the given port
 	    srv=$(grep "^[^#].*\\b$port/" /etc/services | cut -f 1 | cut -f 1 -d' ' | sort -u)

Shorewall/releasenotes.txt

@@ -128,6 +128,11 @@ Other Changes in 3.3.6
     When you install a new kernel and/or iptables, be sure to generate
     a new file.
 	
+9)  When syslogd is run with the -C option (which in some
+    implementations causes syslogd to log to an in-memory circular
+    buffer), /sbin/shorewall will now use the 'logread' command to read
+    the log from that buffer. This is for combatibility with OpenWRT.
+
 Migration Considerations:
 
 1)  Shorewall supports the notion of "default actions". A default

Shorewall/shorewall

@@ -128,7 +128,11 @@ get_config() {
 
 	[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
 
-	if [ ! -f $LOGFILE ]; then
+	if ( ps ax 2> /dev/null | qt grep 'syslogd.*-C' ) ; then
+	    LOGREAD="logread"
+	elif [ -f $LOGFILE ]; then
+	    LOGREAD="cat $LOGFILE"
+	else
 	    echo "LOGFILE ($LOGFILE) does not exist!" >&2
 	    exit 2
 	fi
@@ -152,7 +156,7 @@ get_config() {
         # See if we have a real version of "tail" -- use separate redirection so
         # that ash (aka /bin/sh on LRP) doesn't crap
         #
-	if ( tail -n5 $LOGFILE > /dev/null 2> /dev/null ) ; then
+	if ( tail -n5 /dev/null > /dev/null 2> /dev/null ) ; then
 	    realtail="Yes"
 	else
 	    realtail=""