Restore 5-character zone name capability

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@570 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/firewall

@@ -916,26 +916,41 @@ log_rule() # $1 = log level, $2 = chain, $3 = disposition , $... = predicates fo
 
     shift;shift;shift
 
-    eval rulenum=\$${chain}_logrules
+    if [ -n "$LOGRULENUMBERS" ]; then
+	eval rulenum=\$${chain}_logrules
 
-    [ -z "$rulenum" ] && rulenum=1
+	[ -z "$rulenum" ] && rulenum=1
 
-    case $level in
+	case $level in
-	ULOG)
+	    ULOG)
-	    eval iptables -A $chain $@ -j ULOG $LOGPARMS --ulog-prefix '"`printf "$LOGFORMAT" $chain $rulenum $disposition`"'
+		eval iptables -A $chain $@ -j ULOG $LOGPARMS --ulog-prefix '"`printf "$LOGFORMAT" $chain $rulenum $disposition`"'
-	    ;;
+		;;
-	*)
+	    *)
-	    eval iptables -A $chain $@ -j LOG $LOGPARMS --log-prefix '"`printf "$LOGFORMAT" $chain $rulenum $disposition`"'
+		eval iptables -A $chain $@ -j LOG $LOGPARMS --log-prefix '"`printf "$LOGFORMAT" $chain $rulenum $disposition`"'
-	    ;;
+		;;
-    esac
+	esac
 	
-    if [ $? -ne 0 ] ; then
+	if [ $? -ne 0 ] ; then
-	[ -z "$stopping" ] && { stop_firewall; exit 2; }
+	    [ -z "$stopping" ] && { stop_firewall; exit 2; }
+	fi
+
+	rulenum=$(($rulenum + 1))
+
+	eval ${chain}_logrules=$rulenum
+    else
+	case $level in
+	    ULOG)
+		eval iptables -A $chain $@ -j ULOG $LOGPARMS --ulog-prefix '"`printf "$LOGFORMAT" $chain $disposition`"'
+		;;
+	    *)
+		eval iptables -A $chain $@ -j LOG $LOGPARMS --log-prefix '"`printf "$LOGFORMAT" $chain $disposition`"'
+		;;
+	esac
+	
+	if [ $? -ne 0 ] ; then
+	    [ -z "$stopping" ] && { stop_firewall; exit 2; }
+	fi
     fi
-
-    rulenum=$(($rulenum + 1))
-
-    eval ${chain}_logrules=$rulenum
 }
 
 #
@@ -4339,6 +4354,7 @@ do_initialize() {
     FUNCTIONS=
     VERSION_FILE=
     LOGFORMAT=
+    LOGRULENUMBERS=
 
     stopping=
     have_mutex=
@@ -4469,8 +4485,9 @@ do_initialize() {
 	if ! qt printf "$LOGFORMAT" foo 1 bar ; then
 	    startup_error "Invalid LOGFORMAT string: \"$LOGFORMAT\""
 	fi
+	[ -n "`echo $LOGFORMAT | grep '%d'`" ] && LOGRULENUMBERS=Yes
     else
-	LOGFORMAT="Shorewall:%s:%d:%s:"
+	LOGFORMAT="Shorewall:%s:%s:"
     fi
     #
     # Strip the files that we use often

Shorewall/shorewall.conf

@@ -59,16 +59,18 @@ LOGFILE=/var/log/messages
 #
 # Shell 'printf' Formatting template for the --log-prefix value in log messages
 # generated by Shorewall to identify Shorewall log messages. The supplied
-# template is expected to accept three arguments; the first is the chain name,
+# template is expected to accept either two or three arguments; the first is
-# the second is the logging rule number within that chain and the third is the
+# the chain name, the second (optional) is the logging rule number within that
-# ACTION specifying the disposition of the packet being logged.
+# chain and the third is the ACTION specifying the disposition of the packet
+# being logged. You must use the %d formatting type for the rule number; if your
+# template does not contain %d then the rule number will not be included.
 #
 # If you want to integrate Shorewall with fireparse, then set LOGFORMAT as:
 #
 #	LOGFORMAT="fp=%s:%d a=%s "
 #
 # If not specified or specified as empty (LOGFORMAT="") then the value
-# "Shorewall:%s:%d:%s:" is assumed.
+# "Shorewall:%s:%s:" is assumed.
 # 
 # CAUTION: /sbin/shorewall uses the leading part of the LOGFORMAT string (up 
 # to but not including the first '%') to find log messages in the 'show log',
@@ -76,7 +78,7 @@ LOGFILE=/var/log/messages
 # LOGFORMAT should not begin with "%") and the leading part should be
 # sufficiently unique for /sbin/shorewall to identify Shorewall messages.
 
-LOGFORMAT="Shorewall:%s:%d:%s:"
+LOGFORMAT="Shorewall:%s:%s:"
 
 #
 # LOG RATE LIMITING

Shorewall/zones

@@ -3,7 +3,7 @@
 #
 # This file determines your network zones. Columns are:
 #
-#	ZONE		Short name of the zone
+#	ZONE		Short name of the zone (4 Characters or less in length).
 #	DISPLAY		Display name of the zone
 #	COMMENTS	Comments about the zone
 #