Implement LOGMARKER variable

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@546 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/changelog.txt

@@ -5,3 +5,5 @@ Changes since 1.4.2
 
 2. Added support for 6to4 tunnels.
 
+3. Added $LOGMARKER for fireparse support
+

Shorewall/firewall

@@ -1323,7 +1323,7 @@ setup_mac_lists() {
 	done
 
 	[ -n "$logpart" ] && \
-	    run_iptables -A $chain $logpart "Shorewall:$chain:$MACLIST_DISPOSITION:"
+	    run_iptables -A $chain $logpart "${LOGMARKER}$chain:$MACLIST_DISPOSITION:"
 
 	run_iptables -A $chain -j $maclist_target
     done
@@ -2022,11 +2022,11 @@ add_a_rule()
 		    if [ "$loglevel" = ULOG ]; then
 			run_iptables2 -A $chain $proto $multiport \
 			    $state $cli $sports $serv $dports -j ULOG $LOGPARMS \
-			    --ulog-prefix "Shorewall:$chain:$logtarget:"
+			    --ulog-prefix "${LOGMARKER}$chain:$logtarget:"
 		    else
 			run_iptables2 -A $chain $proto $multiport \
 			    $state $cli $sports $serv $dports -j LOG $LOGPARMS \
-			    --log-prefix "Shorewall:$chain:$logtarget:" \
+			    --log-prefix "${LOGMARKER}$chain:$logtarget:" \
 			    --log-level $loglevel
 		    fi
 		fi
@@ -2049,11 +2049,11 @@ add_a_rule()
 		if [ "$loglevel" = ULOG ]; then
 		    run_iptables2 -A $chain $proto $multiport \
 			$dest_interface $state $cli $sports $dports -j ULOG \
-			$LOGPARMS --ulog-prefix "Shorewall:$chain:$logtarget:"
+			$LOGPARMS --ulog-prefix "${LOGMARKER}$chain:$logtarget:"
 		else
 		    run_iptables2 -A $chain $proto $multiport \
 			$dest_interface $state $cli $sports $dports -j LOG \
-			$LOGPARMS --log-prefix "Shorewall:$chain:$logtarget:" \
+			$LOGPARMS --log-prefix "${LOGMARKER}$chain:$logtarget:" \
 			--log-level $loglevel
 		fi
 	    fi
@@ -2558,10 +2558,10 @@ policy_rules() # $1 = chain to add rules to
     if [ $# -eq 3 -a "x${3}" != "x-" ]; then
 	if [ "$3" = ULOG ]; then
 	    run_iptables -A $1 -j ULOG $LOGPARMS \
-		--ulog-prefix "Shorewall:${1}:${2}:"
+		--ulog-prefix "${LOGMARKER}${1}:${2}:"
 	else
 	    run_iptables -A $1 -j LOG $LOGPARMS \
-		--log-prefix "Shorewall:${1}:${2}:" --log-level $3
+		--log-prefix "${LOGMARKER}${1}:${2}:" --log-level $3
 	fi
     fi
 
@@ -2885,11 +2885,11 @@ add_blacklist_rule() {
 	if [ "$BLACKLIST_LOGLEVEL" = ULOG ]; then
 	    run_iptables2 -A blacklst $source $proto $dport -j \
 		ULOG $LOGPARMS --ulog-prefix \
-		"Shorewall:blacklst:$BLACKLIST_DISPOSITION:"
+		"${LOGMARKER}blacklst:$BLACKLIST_DISPOSITION:"
 	else
 	    run_iptables2 -A blacklst $source $proto $dport -j \
 		LOG $LOGPARMS --log-prefix \
-		"Shorewall:blacklst:$BLACKLIST_DISPOSITION:" \
+		"${LOGMARKER}blacklst:$BLACKLIST_DISPOSITION:" \
 		--log-level $BLACKLIST_LOGLEVEL
 	fi
     fi
@@ -3223,10 +3223,10 @@ initialize_netfilter () {
 	if [ -n "$LOGNEWNOTSYN" ]; then
 	    if [ "$LOGNEWNOTSYN" = ULOG ]; then
 		run_iptables -A newnotsyn -j ULOG $LOGPARMS \
-		    --ulog-prefix "Shorewall:newnotsyn:DROP:"
+		    --ulog-prefix "${LOGMARKER}newnotsyn:DROP:"
 	    else
 		run_iptables -A newnotsyn -j LOG $LOGPARMS \
-		    --log-prefix "Shorewall:newnotsyn:DROP:" --log-level $LOGNEWNOTSYN
+		    --log-prefix "${LOGMARKER}newnotsyn:DROP:" --log-level $LOGNEWNOTSYN
 	    fi
 	fi
 
@@ -3301,9 +3301,9 @@ add_common_rules() {
     logdisp() # $1 = Chain Name
     {
 	if [ "$RFC1918_LOG_LEVEL" = ULOG ]; then
-	    echo "ULOG $LOGPARMS --ulog-prefix Shorewall:${1}:DROP:"
+	    echo "ULOG $LOGPARMS --ulog-prefix ${LOGMARKER}${1}:DROP:"
 	else
-	    echo "LOG $LOGPARMS --log-prefix Shorewall:${1}:DROP: --log-level $RFC1918_LOG_LEVEL"
+	    echo "LOG $LOGPARMS --log-prefix ${LOGMARKER}${1}:DROP: --log-level $RFC1918_LOG_LEVEL"
 	fi
     }
     #
@@ -3331,10 +3331,10 @@ add_common_rules() {
 
 	if [ -n "$LOGUNCLEAN" ]; then
             if [ "$LOGUNCLEAN" = ULOG ]; then
-		logoptions="-j ULOG $LOGPARMS --ulog-prefix Shorewall:badpkt:DROP:"
+		logoptions="-j ULOG $LOGPARMS --ulog-prefix ${LOGMARKER}badpkt:DROP:"
 		logoptions="$logoptions --log-ip-options"
 	    else
-		logoptions="-j LOG $LOGPARMS --log-prefix Shorewall:badpkt:DROP:"
+		logoptions="-j LOG $LOGPARMS --log-prefix ${LOGMARKER}badpkt:DROP:"
 		logoptions="$logoptions --log-level $LOGUNCLEAN --log-ip-options"
 	    fi
 
@@ -3363,10 +3363,10 @@ add_common_rules() {
 	[ -z"$LOGUNCLEAN" ] && LOGUNCLEAN=info
 
 	if [ "$LOGUNCLEAN" = ULOG ]; then
-	    logoptions="-j ULOG $LOGPARMS --ulog-prefix Shorewall:logpkt:LOG:"
+	    logoptions="-j ULOG $LOGPARMS --ulog-prefix ${LOGMARKER}logpkt:LOG:"
 	    logoptions="$logoptions --log-ip-options"
 	else
-	    logoptions="-j LOG $LOGPARMS --log-prefix Shorewall:logpkt:LOG:"
+	    logoptions="-j LOG $LOGPARMS --log-prefix ${LOGMARKER}logpkt:LOG:"
 	    logoptions="$logoptions --log-level $LOGUNCLEAN --log-ip-options"
 	fi
 
@@ -3467,12 +3467,12 @@ add_common_rules() {
 
 	    if [ "$TCP_FLAGS_LOG_LEVEL" = ULOG ]; then
 		run_iptables -A logflags -j ULOG  $LOGPARMS \
-		    --ulog-prefix "Shorewall:logflags:$TCP_FLAGS_DISPOSITION:" \
+		    --ulog-prefix "${LOGMARKER}logflags:$TCP_FLAGS_DISPOSITION:" \
 		    --log-tcp-options --log-ip-options
 	    else
 		run_iptables -A logflags -j LOG  $LOGPARMS \
 		    --log-level $TCP_FLAGS_LOG_LEVEL \
-		    --log-prefix "Shorewall:logflags:$TCP_FLAGS_DISPOSITION:" \
+		    --log-prefix "${LOGMARKER}logflags:$TCP_FLAGS_DISPOSITION:" \
 		    --log-tcp-options --log-ip-options
 	    fi
 	    case $TCP_FLAGS_DISPOSITION in
@@ -4344,6 +4344,7 @@ do_initialize() {
     SHARED_DIR=/usr/share/shorewall
     FUNCTIONS=
     VERSION_FILE=
+    LOGMARKER=
 
     stopping=
     have_mutex=
@@ -4470,6 +4471,8 @@ do_initialize() {
 	CLEAR_TC=
     fi
 
+    [ -n "$LOGMARKER" ] || LOGMARKER="Shorewall:"
+
     #
     # Strip the files that we use often
     #

Shorewall/releasenotes.txt

@@ -9,3 +9,7 @@ New Features:
 
 1) IPV6-IPV4 (6to4) tunnels are now supported in the
    /etc/shorewall/tunnels file.
+
+2) Shorewall can now be easily integrated with fireparse
+   (http://www.fireparse.com) by setting LOGMARKER="fp=" in
+   /etc/shorewall/shorewall.conf.

Shorewall/shorewall

@@ -134,6 +134,8 @@ get_config() {
     fi
 
     [ -n "$FW" ] || FW=fw
+
+    [ -n "$LOGMARKER" ] || LOGMARKER="Shorewall:"
 }
 
 #
@@ -259,9 +261,9 @@ packet_log() # $1 = number of messages
 
     [ -n "$realtail" ] && options="-n$1"
 
-    grep 'Shorewall:\|ipt_unclean' $LOGFILE | \
+    grep "${LOGMARKER}\|ipt_unclean" $LOGFILE | \
 	 sed s/" kernel:"// | \
-	 sed s/" $host Shorewall:"/" "/ | \
+	 sed s/" $host $LOGMARKER"/" "/ | \
 	 sed s/" $host kernel: ipt_unclean: "/" "/ | \
 	 sed 's/MAC=.*SRC=/SRC=/' | \
 	 tail $options
@@ -732,27 +734,27 @@ case "$1" in
 
 	timeout=30
 
-	if [ `grep -c "Shorewall:" $LOGFILE ` -gt 0 ] ; then
+	if [ `grep -c "$LOGMARKER" $LOGFILE ` -gt 0 ] ; then
 	    echo "   HITS IP		  DATE"
 	    echo "   ---- --------------- ------"
-	    grep "Shorewall:" $LOGFILE | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3	\1/' | sort | uniq -c | sort -rn
+	    grep "$LOGMARKER" $LOGFILE | sed 's/\(.\{6\}\)\(.*SRC=\)\(.*\)\( DST=.*\)/\3	\1/' | sort | uniq -c | sort -rn
 	    echo ""
 
 	    echo "   HITS IP		  PORT"
 	    echo "   ---- --------------- -----"
-	    grep "Shorewall:" $LOGFILE | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2	\4/
+	    grep "$LOGMARKER" $LOGFILE | sed 's/\(.*SRC=\)\(.*\)\( DST=.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2	\4/
 						t
 						s/\(.*SRC=\)\(.*\)\( DST=.*\)/\2/' | sort | uniq -c | sort -rn
 	    echo ""
 
 	    echo "   HITS DATE"
 	    echo "   ---- ------"
-	    grep "Shorewall:" $LOGFILE | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn
+	    grep "$LOGMARKER" $LOGFILE | sed 's/\(.\{6\}\)\(.*\)/\1/' | sort | uniq -c | sort -rn
 	    echo ""
 
 	    echo "   HITS  PORT SERVICE(S)"
 	    echo "   ---- ----- ----------"
-	    grep 'Shorewall:.*DPT' $LOGFILE | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \
+	    grep '${LOGMARKER}.*DPT' $LOGFILE | sed 's/\(.*DPT=\)\([0-9]\{1,5\}\)\(.*\)/\2/' | sort | uniq -c | sort -rn | \
 	    while read count port ; do
 		# List all services defined for the given port
 		srv=`grep "^[^#].*\\b$port/" /etc/services | cut -f 1 | sort -u`

Shorewall/shorewall.conf

@@ -54,6 +54,15 @@
 
 LOGFILE=/var/log/messages
 
+#
+# LOG MARKER
+#
+# Used to identify Shorewall log messages. If you are using fireparse, you must
+# set this to "fp=Shorewall:". You may not use the ULOG level with fireparse and
+# you must not embed white space in the LOGMARKER value.
+
+LOGMARKER="Shorewall:"
+
 #
 # LOG RATE LIMITING
 #