On Tue, 2011-07-19 at 06:34 -0700, Tom Eastep wrote: > On Tue, 2011-07-19 at 06:09 -0700, Tom Eastep wrote: > > LOGMARK is simply a log level, just like 'info' or 'NFLOG'. You use it > > any place that a log level may be used. If you simply want to log a > > packet > > > > LOG:LOGMARK <source zone> <dest zone> ... > > > > in the rules file. > > Hmmm -- it seems that the LOGMARK target is broken. > > I'll work on a fix.
A patch is attached.
To apply:
a) Save the attachment (LOGMARK.patch)
b) cd /usr/share/shorewall/Shorewall/ (assuming that's where your
distribution installs the Shorewall Perl modules)
c) patch < path/to/LOGMARK.patch
The patch applies (with offsets) back to at least Shorewall 4.4.11.
The syntax for invoking LOGMARK is:
LOGMARK(<priority>)
where <priority> is a syslog priority (values 0-7, or debug, info,
notice, etc.).
Example rule:
LOG:LOGMARK(info) lan dmz udp 1234
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index d3b1fc9..4e0f65f 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -3364,7 +3364,7 @@ sub log_rule_limit( $$$$$$$$ ) {
$prefix = "-j $level --nflog-prefix \"$prefix\" ";
} elsif ( $level =~ '^LOGMARK' ) {
$prefix = join( '', substr( $prefix, 0, 12 ) , ':' ) if length $prefix > 13;
- $prefix = "-j LOGMARK --log-level $level --log-prefix \"$prefix\" ";
+ $prefix = "-j $level --log-prefix \"$prefix\" ";
} else {
$prefix = "-j LOG $globals{LOGPARMS}--log-level $level --log-prefix \"$prefix\" ";
}
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index c53a446..ca9789a 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -2132,10 +2132,21 @@ sub validate_level( $ ) {
return $rawlevel;
}
- if ( $level eq 'LOGMARK' ) {
+ if ( $level =~ /^LOGMARK --/ ) {
+ require_capability ( 'LOG_TARGET' , 'A log level other than NONE', 's' );
+ return $rawlevel;
+ }
+
+ if ( $level =~ /LOGMARK[(](.*)[)]$/ ) {
+ my $sublevel = $1;
+
+ $sublevel = $validlevels{$sublevel} unless $sublevel =~ /^[0-7]$/;
+
+ level_error( $level ) unless defined $sublevel =~ /^[0-7]$/;
+
require_capability ( 'LOG_TARGET' , 'A log level other than NONE', 's' );
require_capability( 'LOGMARK_TARGET' , 'LOGMARK', 's' );
- return 'LOGMARK';
+ return "LOGMARK --log-level $sublevel";
}
level_error( $rawlevel );
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
