diff --git a/Shorewall-lite/shorewall-lite b/Shorewall-lite/shorewall-lite index dc9fd6e25..d9aeb483e 100755 --- a/Shorewall-lite/shorewall-lite +++ b/Shorewall-lite/shorewall-lite @@ -376,7 +376,7 @@ usage() # $1 = exit status echo " show connections" echo " show filters" echo " show ip" - echo " show [ -m ] log" + echo " show [ -m ] log []" echo " show [ -x ] mangle|nat|raw|routing" echo " show policies" echo " show tc [ device ]" diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 602ef405f..40523ea99 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -27,6 +27,8 @@ Changes in Shorewall 4.4.9 13) Don't create output chains for BPORT zones. +14) Implement 'show log ip-addr' in /sbin/shorewall and /sbin/shorewall-lite/ + Changes in Shorewall 4.4.8 1) Correct handling of RATE LIMIT on NAT rules. diff --git a/Shorewall/lib.cli b/Shorewall/lib.cli index 0f8a467f0..31040d927 100644 --- a/Shorewall/lib.cli +++ b/Shorewall/lib.cli @@ -159,6 +159,15 @@ packet_log() # $1 = number of messages fi } +search_log() # $1 = IP address to search for +{ + if [ -n "$g_showmacs" -o $VERBOSITY -gt 2 ]; then + $g_logread | grep 'IN=.* OUT=.*SRC=.*\..*DST=' | grep "$1" | tac | sed 's/ kernel://; s/\[.*\] //' | sed s/" $host $LOGFORMAT"/" "/ + else + $g_logread | grep 'IN=.* OUT=.*SRC=.*\..*DST=' | grep "$1" | tac | sed 's/ kernel://; s/MAC=.* SRC=/SRC=/; s/\[.*\] '// | sed s/" $host $LOGFORMAT"/" "/ + fi +} + # # Show traffic control information # @@ -541,12 +550,17 @@ show_command() { $IPTABLES -t mangle -L $g_ipt_options ;; log) - [ $# -gt 1 ] && usage 1 + [ $# -gt 2 ] && usage 1 echo "$g_product $SHOREWALL_VERSION Log ($LOGFILE) at $g_hostname - $(date)" echo show_reset host=$(echo $g_hostname | sed 's/\..*$//') - packet_log 20 + + if [ $# -eq 2 ]; then + search_log $2 + else + packet_log 20 + fi ;; tc) [ $# -gt 2 ] && usage 1 diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index dadcf3b71..79f157325 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -336,6 +336,11 @@ None. duplicate chains. So to set all possible optimizations, specify OPTIMIZE=15. +5) /sbin/shorewall and /sbin/shorewall-lite now support 'show log + ' where is an IP address. The command searches the + current LOGFILE for Netfilter messages containing the supplied + address. + ---------------------------------------------------------------------------- V I. P R O B L E M S C O R R E C T E D A N D N E W F E A T U R E S I N P R I O R R E L E A S E S diff --git a/Shorewall/shorewall b/Shorewall/shorewall index e63278858..fb03f2295 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -1360,7 +1360,7 @@ usage() # $1 = exit status echo " show dynamic " echo " show filters" echo " show ip" - echo " show [ -m ] log" + echo " show [ -m ] log []" echo " show macro " echo " show macros" echo " show [ -x ] mangle|nat|raw|routing"