Correct/complete Scott Sumate's LOGFILE enhancement

Signed-off-by: Tom Eastep <teastep@shorewall.net>
Added support for systemd logging by configuring LOGFILE=systemd
2016-07-15 14:25:02 -07:00 · 2016-07-15 13:40:23 -05:00 · 2016-07-07 12:44:28 -07:00 · 2016-07-06 08:46:32 -04:00 · 2016-07-06 08:43:21 -04:00 · 2016-07-04 17:37:00 -04:00
11 changed files with 32 additions and 17 deletions
--- a/Shorewall-core/lib.cli
+++ b/Shorewall-core/lib.cli
@@ -191,6 +191,8 @@ setup_logread() {
 	else
 	    g_logread="logread"
 	fi
+    elif [ "$LOGFILE" = "systemd" ]; then
+	g_logread="journalctl -r"
    elif [ -r $LOGFILE ]; then
 	if qt mywhich tac; then
 	    g_logread="tac $LOGFILE"
--- a/Shorewall-init/init.debian.sh
+++ b/Shorewall-init/init.debian.sh
@@ -30,7 +30,7 @@
 # Required-Stop:     $local_fs
 # X-Stop-After:      $network
 # Default-Start:     S
-# Default-Stop:      0 6
+# Default-Stop:      0 1 6
 # Short-Description: Initialize the firewall at boot time
 # Description:       Place the firewall in a safe state at boot time prior to
 #                    bringing up the network
--- a/Shorewall-lite/init.debian.sh
+++ b/Shorewall-lite/init.debian.sh
@@ -5,7 +5,7 @@
 # Required-Start:    $network $remote_fs
 # Required-Stop:     $network $remote_fs
 # Default-Start:     S
-# Default-Stop:      0 6
+# Default-Stop:      0 1 6
 # Short-Description: Configure the firewall at boot time
 # Description:       Configure the firewall according to the rules specified in
 #                    /etc/shorewall-lite
@@ -92,10 +92,11 @@ shorewall_start () {

 # stop the firewall
 shorewall_stop () {
-  echo -n "Stopping \"Shorewall firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
+      echo -n "Stopping \"Shorewall Lite firewall\": "
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
+      echo -n "Clearing all \"Shorewall Lite firewall\" rules: "
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
--- a/Shorewall/init.debian.sh
+++ b/Shorewall/init.debian.sh
@@ -4,7 +4,7 @@
 # Required-Start:    $network $remote_fs
 # Required-Stop:     $network $remote_fs
 # Default-Start:     S
-# Default-Stop:      0 6
+# Default-Stop:      0 1 6
 # Short-Description: Configure the firewall at boot time
 # Description:       Configure the firewall according to the rules specified in
 #                    /etc/shorewall
@@ -97,10 +97,11 @@ shorewall_start () {

 # stop the firewall
 shorewall_stop () {
-  echo -n "Stopping \"Shorewall firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
+      echo -n "Stopping \"Shorewall firewall\": "
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
+      echo -n "Clearing all \"Shorewall firewall\" rules: "
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
@@ -145,7 +146,7 @@ case "$1" in
  restart)
     shorewall_restart
     ;;
-  force0reload|reload)
+  force-reload|reload)
     shorewall_reload
     ;;
  status)
--- a/Shorewall/manpages/shorewall.conf.xml
+++ b/Shorewall/manpages/shorewall.conf.xml
@@ -1354,7 +1354,7 @@ net     all  DROP   info</programlisting>then the chain name is 'net-all'

      <varlistentry>
        <term><emphasis
-        role="bold">LOGFILE=</emphasis>[<emphasis>pathname</emphasis>]</term>
+        role="bold">LOGFILE=</emphasis>[<emphasis>pathname</emphasis>|<option>systemd</option>]</term>

        <listitem>
          <para>This parameter tells the /sbin/shorewall program where to look
@@ -1364,7 +1364,10 @@ net     all  DROP   info</programlisting>then the chain name is 'net-all'
          log</emphasis>, and <emphasis role="bold">hits</emphasis> commands.
          If not assigned or if assigned an empty value, /var/log/messages is
          assumed. For further information, see <ulink
-          url="/shorewall_logging.html">http://www.shorewall.net/shorewall_logging.html</ulink>.</para>
+          url="/shorewall_logging.html">http://www.shorewall.net/shorewall_logging.html</ulink>.
+          Beginning with Shorewall 5.0.10.1, you may specify
+          <option>systemd</option> to use <command>journelctl -r</command> to
+          read the log.</para>
        </listitem>
      </varlistentry>

--- a/Shorewall6-lite/init.debian.sh
+++ b/Shorewall6-lite/init.debian.sh
@@ -5,7 +5,7 @@
 # Required-Start:    $network $remote_fs
 # Required-Stop:     $network $remote_fs
 # Default-Start:     S
-# Default-Stop:      0 6
+# Default-Stop:      0 1 6
 # Short-Description: Configure the firewall at boot time
 # Description:       Configure the firewall according to the rules specified in
 #                    /etc/shorewall6-lite
@@ -92,10 +92,11 @@ shorewall6_start () {

 # stop the firewall
 shorewall6_stop () {
-  echo -n "Stopping \"Shorewall6 Lite firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
+      echo -n "Stopping \"Shorewall6 Lite firewall\": "
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
+      echo -n "Clearing all \"Shorewall6 Lite firewall\" rules: "
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
--- a/Shorewall6/init.debian.sh
+++ b/Shorewall6/init.debian.sh
@@ -4,7 +4,7 @@
 # Required-Start:    $network $remote_fs
 # Required-Stop:     $network $remote_fs
 # Default-Start:     S
-# Default-Stop:      0 6
+# Default-Stop:      0 1 6
 # Short-Description: Configure the firewall at boot time
 # Description:       Configure the firewall according to the rules specified in
 #                    /etc/shorewall6
@@ -97,10 +97,11 @@ shorewall6_start () {

 # stop the firewall
 shorewall6_stop () {
-  echo -n "Stopping \"Shorewall6 firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
+      echo -n "Stopping \"Shorewall6 firewall\": "
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
+      echo -n "Clearing all \"Shorewall6 firewall\" rules: "
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
--- a/Shorewall6/manpages/shorewall6.conf.xml
+++ b/Shorewall6/manpages/shorewall6.conf.xml
@@ -1166,7 +1166,7 @@ net     all  DROP   info</programlisting>then the chain name is 'net-all'

      <varlistentry>
        <term><emphasis
-        role="bold">LOGFILE=</emphasis>[<emphasis>pathname</emphasis>]</term>
+        role="bold">LOGFILE=</emphasis>[<emphasis>pathname</emphasis>|<option>systemd</option>]</term>

        <listitem>
          <para>This parameter tells the /sbin/shorewall6 program where to
@@ -1175,7 +1175,9 @@ net     all  DROP   info</programlisting>then the chain name is 'net-all'
          role="bold">logwatch</emphasis>, <emphasis role="bold">show
          log</emphasis>, and <emphasis role="bold">hits</emphasis> commands.
          If not assigned or if assigned an empty value, /var/log/messages is
-          assumed.</para>
+          assumed. Beginning with Shorewall 5.0.10.1, you may specify
+          <option>systemd</option> to use <command>journelctl -r</command> to
+          read the log.</para>
        </listitem>
      </varlistentry>

--- a/docs/Anatomy.xml
+++ b/docs/Anatomy.xml
@@ -61,7 +61,7 @@
      <listitem>
        <para><emphasis role="bold">Shorewall6</emphasis>. This package
        requires the Shorewall package and adds those components needed to
-        create an IPv6 fireawall.</para>
+        create an IPv6 firewall.</para>
      </listitem>

      <listitem>
--- a/docs/GettingStarted.xml
+++ b/docs/GettingStarted.xml
@@ -26,6 +26,8 @@

      <year>2011</year>

+      <year>2016</year>
+
      <holder>Thomas M. Eastep</holder>
    </copyright>

@@ -89,7 +91,9 @@

    <listitem>
      <para><ulink url="two-interface.htm">Two-interface</ulink> Linux System
-      acting as a firewall/router for a small local network</para>
+      acting as a firewall/router for a small local network. For
+      Redhat-specific install/configure information, see <ulink url="???">this
+      article </ulink>contributed by Digimer.</para>
    </listitem>

    <listitem>
--- a/docs/Introduction.xml
+++ b/docs/Introduction.xml
@@ -398,7 +398,7 @@ ACCEPT     net           $FW       tcp        22</programlisting>
      <listitem>
        <para><emphasis role="bold">Shorewall6</emphasis>. This package
        requires the Shorewall package and adds those components needed to
-        create an IPv6 fireawall.</para>
+        create an IPv6 firewall.</para>
      </listitem>

      <listitem>
Author	SHA1	Message	Date
Tom Eastep	4a6338d857	Correct/complete Scott Sumate's LOGFILE enhancement Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-07-15 14:25:02 -07:00
Scott Shumate	55ee0113ea	Added support for systemd logging by configuring LOGFILE=systemd	2016-07-15 13:40:23 -05:00
Tom Eastep	65d5249bd8	Link to Digimer's article on Shorewall/REL7 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-07-07 12:44:28 -07:00
Roberto C. Sánchez	0364c15be1	Fix typos, thanks to Marco Di Cerbo for reporting them	2016-07-06 08:46:32 -04:00
Roberto C. Sánchez	76b2b0de78	Debian init script: fix name of force-reload target (Closes: #830110 )	2016-07-06 08:43:21 -04:00
Roberto C. Sánchez	7c9876241c	Debian init scripts: add run-level 1 to Default-Stop specification	2016-07-04 17:37:00 -04:00
Roberto C. Sánchez	8b36c2c1cf	Debian init scripts: more accurately describe what action is being taken	2016-07-04 13:34:33 -04:00