Change interpretation of the log tag when LOGTAGONLY=Yes

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Perl/Shorewall/Chains.pm

@@ -5393,8 +5393,15 @@ sub log_rule_limit( $$$$$$$$ ) {
 	}
     } else {
 	if ( $tag ) {
-	    if ( $config{LOGTAGONLY} ) {
+	    if ( $config{LOGTAGONLY} && $tag ne ',' ) {
+		if ( $tag =~ /^,/ ) {
+		    ( $disposition = $tag ) =~ s/,//;
+		} elsif ( $tag =~ /,/ ) {
+		    ( $chain, $disposition ) = split ',', $tag;
+		} else { 
 		    $chain = $tag;
+		}
+
 		$tag   = '';
 	    } else {
 		$tag .= ' ';

Shorewall/manpages/shorewall.conf.xml

@@ -1319,6 +1319,33 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
           names may be used with log tags if you set LOGTAGONLY=Yes. With
           LOGTAGONLY=Yes, if a log tag is specified then the tag is included
           in the log prefix in place of the chain name.</para>
+
+          <para>Beginning with Shorewall 4.5.12, when LOGTAGONLY=Yes, you have
+          more control over the generated log prefix. Beginning with that
+          release, the tag is interpreted as a <replaceable>chain
+          name</replaceable> and a <replaceable>disposition</replaceable>
+          separated by a comma. So this rule:</para>
+
+          <programlisting>#ACTION                                SOURCE         DEST
+LOG:info:foo,bar                 net                   fw</programlisting>
+
+          <para>would generate the following log prefix when using the default
+          LOGFORMAT setting:</para>
+
+          <simplelist>
+            <member>Shorewall:foo:bar:</member>
+          </simplelist>
+
+          <para>Similarly,</para>
+
+          <programlisting>#ACTION                               SOURCE            DEST
+LOG:info:,bar                        net                    fw</programlisting>
+
+          <para>would generate</para>
+
+          <simplelist>
+            <member>Shorewall:net2fw:bar:</member>
+          </simplelist>
         </listitem>
       </varlistentry>
 

Shorewall6/manpages/shorewall6.conf.xml

@@ -1167,6 +1167,33 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
           names may be used with log tags if you set LOGTAGONLY=Yes. With
           LOGTAGONLY=Yes, if a log tag is specified then the tag is included
           in the log prefix in place of the chain name.</para>
+
+          <para>Beginning with Shorewall 4.5.12, when LOGTAGONLY=Yes, you have
+          more control over the generated log prefix. Beginning with that
+          release, the tag is interpreted as a <replaceable>chain
+          name</replaceable> and a <replaceable>disposition</replaceable>
+          separated by a comma. So this rule:</para>
+
+          <programlisting>#ACTION                                SOURCE         DEST
+LOG:info:foo,bar                 net                   fw</programlisting>
+
+          <para> would generate the following log prefix when using the
+          default LOGFORMAT setting:</para>
+
+          <simplelist>
+            <member>Shorewall:foo:bar:</member>
+          </simplelist>
+
+          <para>Similarly,</para>
+
+          <programlisting>#ACTION                               SOURCE            DEST
+LOG:info:,bar                        net                    fw</programlisting>
+
+          <para>would generate</para>
+
+          <simplelist>
+            <member>Shorewall:net2fw:bar:</member>
+          </simplelist>
         </listitem>
       </varlistentry>