From patchwork Sun Nov 12 18:13:28 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1531 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 247A4611A8 for ; Sun, 12 Nov 2017 08:13:41 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 174FF34DB; Sun, 12 Nov 2017 08:13:39 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 9D4FF34D4 for ; Sun, 12 Nov 2017 08:13:36 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id E49B24016A for ; Sun, 12 Nov 2017 08:13:30 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id EF8289F509 for ; Sun, 12 Nov 2017 08:13:28 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1510470809; bh=HMkslBlXpYdcdmDkBcJqvkXB6Yy1bicoAUOV0DvG/D4=; h=Date:From:To:Subject:From; b=vhAGGjE2fUL39ZVrPJqvQwt0wZigXiQ+y4NY0DCohr4S9SNFlmlGqPEB990EKlx9E dY4qGDoTwmxT9OG6sADX3hWddRs04gh9H7OObHuBhe4JJ4T4238oOnoOiJNHqpODiH 1yUID3mhPuOYrfxn1cn/N/cs/9XnhDi5DtXuIU/EF0oL2t3WJs8FMUlRvg00oeT6T1 /GLvoIaUtKEDEb7U4vj41puT+21oJXUHEBiodIEpT1l2+f9A3cF0o8iqkRJpzuNzjA XwBohQaZgZnVEekpVnztE73hrgMukqBYNOQH1zArRmuI5oWlH2JOoFoNsHfiNSs7kh xnXKl//czO4Dg== Date: Sun, 12 Nov 2017 08:13:28 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 1/3] allow remote syslog via TCP in syslogdctrl.c Message-ID: <20171112081328.6a4b3621.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Make syslogctrl.c use TCP as remote logging file if specified so. NOTE: This patch likely contains errors, since I do not know anything about C at all. Please have a close look at it. Sorry. Signed-off-by: Peter Müller --- src/misc-progs/syslogdctrl.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/src/misc-progs/syslogdctrl.c b/src/misc-progs/syslogdctrl.c index 52719023e..b356ebe49 100644 --- a/src/misc-progs/syslogdctrl.c +++ b/src/misc-progs/syslogdctrl.c @@ -32,13 +32,14 @@ int main(void) { - char buffer[STRING_SIZE], command[STRING_SIZE], hostname[STRING_SIZE]; + char buffer[STRING_SIZE], command[STRING_SIZE], hostname[STRING_SIZE], protocol[STRING_SIZE]; char varmessages[STRING_SIZE], asynclog[STRING_SIZE]; int config_fd,rc,fd,pid; struct stat st; struct keyvalue *kv = NULL; memset(buffer, 0, STRING_SIZE); memset(hostname, 0, STRING_SIZE); + memset(protocol, 0, STRING_SIZE); memset(varmessages, 0, STRING_SIZE); memset(asynclog, 0, STRING_SIZE); @@ -73,6 +74,12 @@ int main(void) exit(ERR_SETTINGS); } + if (!findkey(kv, "REMOTELOG_PROTOCOL", protocol)) + { + fprintf(stderr, "Cannot read REMOTELOG_PROTOCOL\n"); + exit(ERR_SETTINGS); + } + freekeyvalues(kv); @@ -105,9 +112,22 @@ int main(void) exit(ERR_CONFIG); } + /* differ between UDP and TCP as rsyslog protocol */ if (!strcmp(buffer,"on")) - snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + if ( protocol == "udp" ) + { + snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + } + elif ( protocol == "tcp" ) + { + snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + } + else + { + fprintf(stderr, "Received invalid protocol for remote log\n"); + } else + /* turn off remote syslog if specified */ snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' /etc/syslog.conf >&%d", config_fd ); /* if the return code isn't 0 failsafe */ From patchwork Sun Nov 12 18:17:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1532 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 91879611A8 for ; Sun, 12 Nov 2017 08:17:20 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 1F36534DB; Sun, 12 Nov 2017 08:17:20 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 6CC2834D4 for ; Sun, 12 Nov 2017 08:17:17 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id BEC0F4016A for ; Sun, 12 Nov 2017 08:17:11 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id 0C98C9F509 for ; Sun, 12 Nov 2017 08:17:10 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1510471031; bh=9O2JvwB4gjwDWedaxX86CJr4UkEeV3q22ewrSHyPn7A=; h=Date:From:To:Subject:From; b=VVOmCooyKCSr+BwO1YLp9BzTA48nP4CuSErOMmEK6HdCXCHFz2fzEqYWAv9m93Jl/ hOn0t3xrJxjA9JMYhmcZHPYre6MG4KdOgpPpBb22Wg1pfA1hSnbEdTEOBOyvDOJ45p uNtVxRS+2tEK+Y3pa3cjw5YfSmV+tKc7NtbdovGK7ukfNP9ptrVYGUVQcOiU5YF7G5 Tj2qIfOur6dv2tTacDRmzkUvUWdY9HoJ8XT7XW6+9geEnOkrsfbPt5nscIsh3YfyEJ +WWGZfkDKCGTWzUrXfO6zV+sILnj2rCc7ygptEcjWnqlXUJFCZ1X38sy+QDuK8CKbQ OpxrRvHm36Dnw== Date: Sun, 12 Nov 2017 08:17:10 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 2/3] allow changing remote syslog protocol to TCP Message-ID: <20171112081710.3492ac74.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Add option to change remote syslog protocol to TCP, which is more reliable than UDP, but might be unsupported on older syslog servers. Signed-off-by: Peter Müller --- html/cgi-bin/logs.cgi/config.dat | 16 ++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/html/cgi-bin/logs.cgi/config.dat b/html/cgi-bin/logs.cgi/config.dat index 789341dbe..ec3c2a92d 100644 --- a/html/cgi-bin/logs.cgi/config.dat +++ b/html/cgi-bin/logs.cgi/config.dat @@ -33,6 +33,7 @@ $logsettings{'LOGWATCH_KEEP'} = '56'; my @VS = ('15','50','100','150','250','500'); $logsettings{'ENABLE_REMOTELOG'} = 'off'; $logsettings{'REMOTELOG_ADDR'} = ''; +$logsettings{'REMOTELOG_PROTOCOL'} = 'udp'; $logsettings{'ACTION'} = ''; &Header::getcgihash(\%logsettings); @@ -45,6 +46,10 @@ if ($logsettings{'ACTION'} eq $Lang::tr{'save'}) { $errormessage = $Lang::tr{'invalid logserver address'}; } + unless ($logsettings{'REMOTELOG_PROTOCOL'} =~ /^udp|tcp$/) + { + + } } unless ($logsettings{'LOGWATCH_KEEP'} =~ /^\d+$/) { @@ -69,6 +74,10 @@ $checked{'ENABLE_REMOTELOG'}{'off'} = ''; $checked{'ENABLE_REMOTELOG'}{'on'} = ''; $checked{'ENABLE_REMOTELOG'}{$logsettings{'ENABLE_REMOTELOG'}} = "checked='checked'"; +$selected{'REMOTELOG_PROTOCOL'}{'udp'} = ''; +$selected{'REMOTELOG_PROTOCOL'}{'tcp'} == ''; +$selected{'REMOTELOG_PROTOCOL'}{$logsettings{'REMOTELOG_PROTOCOL'}} = "selected='selected'"; + $checked{'LOGVIEW_REVERSE'}{'off'} = ''; $checked{'LOGVIEW_REVERSE'}{'on'} = ''; $checked{'LOGVIEW_REVERSE'}{$logsettings{'LOGVIEW_REVERSE'}} = "checked='checked'"; @@ -139,6 +148,11 @@ print < $Lang::tr{'enabled'} $Lang::tr{'log server address'} + $Lang::tr{'log server protocol'} + END From patchwork Sun Nov 12 18:18:14 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1533 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id BE6A7611A8 for ; Sun, 12 Nov 2017 08:18:22 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 57A2A34DB; Sun, 12 Nov 2017 08:18:22 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id E541334D4 for ; Sun, 12 Nov 2017 08:18:19 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id 662E14016A for ; Sun, 12 Nov 2017 08:18:14 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id EC0409F509 for ; Sun, 12 Nov 2017 08:18:13 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1510471094; bh=M0DPR+jwgREKC3URBBPpJMZOeJFnGWnVy759BveD4jc=; h=Date:From:To:Subject:From; b=fac5TOd2Y9jwIXgmY/nJP8+XRLFpDJrhfHWOJ4T70Ec7UB/+UFll0W7yTWWpXPTud Nnb2KMdRtvC+3s7d3xqcABe+m7FldZv7QT8J4IYjASDzPsv0Y+1ui/v3uq6u0UPoVw dJL0PCoRlNXYzKrWc4ipYi4E0o0JnGnIz3aKwQRSpEOhfJGv8HHX5LrH8EE+yjf835 zRaY+te9VNEynY5gQrhrNx6X2OZrmFIB0YtGl0JYqbw2eGFIIJVLcHakJ+JTjcgVmz qGyuiv+j9fTj7QVGe5vApbhJawxF1N1AnoGjbKQayX7gZXLAcwLrdwfVex9B01kOXc ZN5CNdrQkAdFQ== Date: Sun, 12 Nov 2017 08:18:14 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 3/3] add language strings Message-ID: <20171112081814.72735a89.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Add language strings for changed config.dat CGI file. Signed-off-by: Peter Müller --- langs/de/cgi-bin/de.pl | 6 +++++- langs/en/cgi-bin/en.pl | 4 ++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 4cf866a3a..67c9aacbd 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1396,6 +1396,7 @@ 'invalid loaded file' => 'Ungültige geladene Datei', 'invalid local-remote id' => 'Local-Id und Remote-Id dürfen nicht gleich sein, und müssen einem "@"-Zeichen beginnen. Dies sind leftid und rightid in der StrongSwan-Terminologie.', 'invalid logserver address' => 'Ungültige syslogd-Server-Adresse', +'invalid logserver protocol' => 'Ungültiges syslogd-Server-Übertragungsprotokoll', 'invalid mac address' => 'Ungültige MAC-Adresse', 'invalid max lease time' => 'Ungültige max. Haltezeit.', 'invalid maximum incoming size' => 'Ungültige max. ankommende Größe.', @@ -1482,7 +1483,8 @@ 'log enabled' => 'Protokoll aktiviert', 'log level' => 'Protokollierungslevel', 'log lines per page' => 'Zeilen pro Seite', -'log server address' => 'Syslog Server', +'log server address' => 'Syslog Server:', +'log server protocol' => 'Übertragungsprotokoll:', 'log settings' => 'Protokolldatei-Einstellungen', 'log summaries' => 'Protokollübersicht', 'log summary' => 'Protokollzusammenfassung', @@ -2189,6 +2191,7 @@ 'system logs' => 'Systemprotokolldateien', 'system status information' => 'System-Statusinformationen', 'ta key' => 'TLS-Authentifizierungsschlüssel', +'tcp more reliable' => 'TCP (zuverlässiger)', 'telephone not set' => 'Telefonnummer nicht angegeben.', 'template' => 'Vorlage', 'template warning' => 'Zur Einrichtung von QoS stehen Ihnen 2 Möglichkeiten zur Auswahl. Entweder Sie wählen speichern und erstellen Klassen und Regeln nach Ihren Wünschen, oder Sie wählen Vorlage, dann werden die Klassen und Regeln durch ein Template generiert.', @@ -2309,6 +2312,7 @@ 'tripwirewarningpolicy' => 'ACHTUNG - Ihr Policy wird neu erzeugt, anschließen wird die Datenbank neu initialisiert. Hierfür wird der Site-Key und Local-Key benötigt.', 'tuesday' => 'Dienstag', 'type' => 'Typ', +'udp less overhead' => 'UDP (geringerer Overhead)', 'umount' => 'Abmelden', 'umount removable media before to unplug' => 'Wechselmedien vor dem Entfernen unbedingt abmelden', 'unable to alter profiles while red is active' => 'Profile können nicht geändert werden, solange ROT aktiv ist.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 946aba873..1e9754b53 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1428,6 +1428,7 @@ 'invalid loaded file' => 'Invalid loaded file', 'invalid local-remote id' => 'local & remote id must not be equal and begin with a "@" sign. These are leftid and rightid in strongswan terminology.', 'invalid logserver address' => 'Invalid syslogd server address', +'invalid logserver protocol' => 'Invalid syslogd server protocol', 'invalid mac address' => 'Invalid MAC address', 'invalid max lease time' => 'Invalid max lease time.', 'invalid maximum incoming size' => 'Invalid maximum incoming size.', @@ -1515,6 +1516,7 @@ 'log level' => 'Log Level', 'log lines per page' => 'Lines per page', 'log server address' => 'Syslog server:', +'log server protocol' => 'protocol:', 'log settings' => 'Log Settings', 'log summaries' => 'Log summaries', 'log summary' => 'Log Summary', @@ -2231,6 +2233,7 @@ 'system logs' => 'System Logs', 'system status information' => 'System Status Information', 'ta key' => 'TLS-Authentification-Key', +'tcp more reliable' => 'TCP (more reliable)', 'telephone not set' => 'Telephone not set.', 'template' => 'Preset', 'template warning' => 'You have two options to set up Qos. The First, you press the save button and generate the classes and rules on your own. The second, you press the preset button and classes and rules will be set up by a template.', @@ -2354,6 +2357,7 @@ 'tripwirewarningpolicy' => 'WARNING - Your policy will be rebuild, after that your database will be reinitalised. Therefor the site-key and the local-key are neeeded.', 'tuesday' => 'Tuesday', 'type' => 'Type', +'udp less overhead' => 'UDP (less overhead)', 'umount' => 'Umount', 'umount removable media before to unplug' => 'Umount removable media before unplugging the device', 'unable to alter profiles while red is active' => 'Unable to alter profiles while RED is active.',