From d0afc17db7ebff7f889a70df08b1a7a3009f33f1 Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 17 Apr 2006 22:24:18 +0000 Subject: [PATCH] Add -m option to 'show' and 'logwatch' commands to display MAC addresses git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3798 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/help | 8 +++++--- Shorewall/releasenotes.txt | 17 ++++++++++++----- Shorewall/shorewall | 12 ++++++++++-- 3 files changed, 27 insertions(+), 10 deletions(-) diff --git a/Shorewall/help b/Shorewall/help index 633a1ef2a..541aeb515 100755 --- a/Shorewall/help +++ b/Shorewall/help @@ -225,9 +225,10 @@ logdrop) ;; logwatch) - echo "logwatch: logwatch [] + echo "logwatch: logwatch [ -m ] [] Monitors the LOGFILE, $LOGFILE, - and produces an audible alarm when new Shorewall messages are logged." + and produces an audible alarm when new Shorewall messages are logged. + If \"-m\" is specified, then MAC addresses in the log entries (if any) are displayed." ;; logreject) @@ -320,7 +321,8 @@ show) shorewall [-x] show nat - produce a verbose report about the nat table. (iptables -t nat -L -n -v) - shorewall show log - display the last 20 packet log entries. + shorewall show [ -m ] log - display the last 20 packet log entries. If \"-m\" is specified, then + MAC addresses in the log entries (if any) are displayed. shorewall show macros -- displays the standard macros. diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index acbc5efcf..bf1f64e63 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -88,7 +88,7 @@ Migration Considerations: to the use of macros. 3) In previous Shorewall releases, DNAT and REDIRECT rules supported a - special syntax for exclusion of a subnet from the effect of the rule. + special syntax for exclusion of a sub-zone from the effect of the rule. Example: @@ -159,10 +159,11 @@ New Features: You set the default level of verbosity using the VERBOSITY option in shorewall.conf. If you don't set it (as would be the case of you use your - old shorewall.conf file) then VERBOSITY defaults to a value of 2 which is - the old default. A value of 1 suppresses some of the output (like the old - -q option did) while a value of 0 makes Shorewall almost silent. A value - of -1 suppresses all output except warning and error messages. + old shorewall.conf file) then VERBOSITY defaults to a value of 2 which + results in behavior compatible with previous Shorewall versions. + A value of 1 suppresses some of the output (like the old -q option did) + while a value of 0 makes Shorewall almost silent. A value of -1 + suppresses all output except warning and error messages. The value specified in the 3.2 shorewall.conf is 1. So you can make Shorewall as verbose as previously using a single -v and you can make it @@ -181,6 +182,12 @@ New Features: VERBOSITY=0 in shorewall.conf, then you will need to include -vvv in commands that display log records in order to have MACs displayed. + To make the display of MAC addresses let cumbersome, a '-m' option has + been added to the "show" and logwatch commands: + + shorewall show -m log + shorewall logwatch -m + 2) A new 'shorewall compile' command has been added. shorewall compile [ -e ] [ -d ] [ ]