From patchwork Mon Nov 20 03:40:29 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1556 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 3A0FD60971 for ; Sun, 19 Nov 2017 17:40:39 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id B5D1234CD; Sun, 19 Nov 2017 17:40:38 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 8ED4E34C7 for ; Sun, 19 Nov 2017 17:40:35 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id B774F40123 for ; Sun, 19 Nov 2017 17:40:29 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id 416BD9F785 for ; Sun, 19 Nov 2017 17:40:29 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1511109629; bh=+uTn8n/GyXrVhgja15NnfQlzGIP+X1u0CbNobvpYrSU=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=e/OJ+DUxKVPuWNEFG/GE+ypb7yKXQeHEY66sdK3odWV2hKFAtDqUKxYBRvTHRHzZo AYCFeE4HDb+UlXJltOEKgP0gkLVHdPvKqvUjR3g/1cBf7UlJ4AKagct7wkVDP+XCAM Ke0SzVg6AMSNdz1ujtTbm3jUXNKngXoRJ99sdos2I5/ZreWlCHjyLQJVjf7y9JEzBJ RaOIZKeGlHOaLHi5JbDuhyUToY7/LNS7doUgzqzADlVYTyDIFlZpF/jCebe8GQbBV8 Zke/8dDnmzMXzARdWh1NcDOdfMsOPzxZT44LpjcuhxGTHmfQvErygJLzd3ODJ3VUGh 0WGh1yjCoftlA== Date: Sun, 19 Nov 2017 17:40:29 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 1/3 v3] allow remote syslog via TCP in syslogdctrl.c Message-ID: <20171119174029.5988ad10.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Make syslogctrl.c use TCP as remote logging file if specified so. Thanks to Michael for reviewing this. Signed-off-by: Peter Müller --- src/misc-progs/syslogdctrl.c | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/src/misc-progs/syslogdctrl.c b/src/misc-progs/syslogdctrl.c index 52719023e..83727162e 100644 --- a/src/misc-progs/syslogdctrl.c +++ b/src/misc-progs/syslogdctrl.c @@ -27,18 +27,19 @@ #define ERR_ANY 1 #define ERR_SETTINGS 2 /* error in settings file */ #define ERR_ETC 3 /* error with /etc permissions */ -#define ERR_CONFIG 4 /* error updated sshd_config */ +#define ERR_CONFIG 4 /* error updating syslogd config */ #define ERR_SYSLOG 5 /* error restarting syslogd */ int main(void) { - char buffer[STRING_SIZE], command[STRING_SIZE], hostname[STRING_SIZE]; + char buffer[STRING_SIZE], command[STRING_SIZE], hostname[STRING_SIZE], protocol[STRING_SIZE]; char varmessages[STRING_SIZE], asynclog[STRING_SIZE]; int config_fd,rc,fd,pid; struct stat st; struct keyvalue *kv = NULL; memset(buffer, 0, STRING_SIZE); memset(hostname, 0, STRING_SIZE); + memset(protocol, 0, STRING_SIZE); memset(varmessages, 0, STRING_SIZE); memset(asynclog, 0, STRING_SIZE); @@ -67,6 +68,12 @@ int main(void) exit(ERR_SETTINGS); } + if (!findkey(kv, "REMOTELOG_PROTOCOL", protocol)) + { + /* fall back to UDP if no protocol was given */ + protocol = "udp"; + } + if (strspn(hostname, VALID_FQDN) != strlen(hostname)) { fprintf(stderr, "Bad REMOTELOG_ADDR: %s\n", hostname); @@ -106,9 +113,24 @@ int main(void) } if (!strcmp(buffer,"on")) - snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + { + /* check which transmission protocol was given */ + if (strcmp(protocol, "tcp") == 0) + { + /* write line for TCP */ + snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + } + else + { + /* write line for UDP */ + snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + } + } else + { + /* if remote syslog has been disabled */ snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' /etc/syslog.conf >&%d", config_fd ); + } /* if the return code isn't 0 failsafe */ if ((rc = unpriv_system(buffer,99,99)) != 0) From patchwork Mon Nov 20 03:40:33 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1557 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 1EE4460971 for ; Sun, 19 Nov 2017 17:40:49 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id C2E2734D4; Sun, 19 Nov 2017 17:40:48 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id AF56C34C7 for ; Sun, 19 Nov 2017 17:40:45 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id 452E940123 for ; Sun, 19 Nov 2017 17:40:40 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id 5251C9F876 for ; Sun, 19 Nov 2017 17:40:33 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1511109633; bh=9O2JvwB4gjwDWedaxX86CJr4UkEeV3q22ewrSHyPn7A=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=OuHdD3OXRQqjwsvddda4dlMxS+w1J/vG/ijCZfV+CvMfDFOeigilK5beosaZuGpmi 46qyxkuIpLA2OW8d+F1t6AXZsNVQ+T8NlBLyIg0P2gS6wrtKqYk5jctZ0SUuSI8Ff9 TV7I+4hrEiyL/AGVYAx0d89wSdnNKDUuUQXhzbupV5RfD21eS7bTVd5iFT+YHcwa/w a8jUvH9HyHyHB43pgEStPusxikLJxJuw7pLCndrxWE1itdrUV3Cl7V4COsGAJfh5Y3 4pcAdBypcca6Tu0sepo1IDWNwPwWFCEyHQSEJpXbF1iIE61DSOUNF3pO2nCY8jzaWN bXDeNuFTgVjOQ== Date: Sun, 19 Nov 2017 17:40:33 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 2/3 v3] allow changing remote syslog protocol to TCP Message-ID: <20171119174033.3dc70013.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Add option to change remote syslog protocol to TCP, which is more reliable than UDP, but might be unsupported on older syslog servers. Signed-off-by: Peter Müller --- html/cgi-bin/logs.cgi/config.dat | 16 ++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/html/cgi-bin/logs.cgi/config.dat b/html/cgi-bin/logs.cgi/config.dat index 789341dbe..ec3c2a92d 100644 --- a/html/cgi-bin/logs.cgi/config.dat +++ b/html/cgi-bin/logs.cgi/config.dat @@ -33,6 +33,7 @@ $logsettings{'LOGWATCH_KEEP'} = '56'; my @VS = ('15','50','100','150','250','500'); $logsettings{'ENABLE_REMOTELOG'} = 'off'; $logsettings{'REMOTELOG_ADDR'} = ''; +$logsettings{'REMOTELOG_PROTOCOL'} = 'udp'; $logsettings{'ACTION'} = ''; &Header::getcgihash(\%logsettings); @@ -45,6 +46,10 @@ if ($logsettings{'ACTION'} eq $Lang::tr{'save'}) { $errormessage = $Lang::tr{'invalid logserver address'}; } + unless ($logsettings{'REMOTELOG_PROTOCOL'} =~ /^udp|tcp$/) + { + + } } unless ($logsettings{'LOGWATCH_KEEP'} =~ /^\d+$/) { @@ -69,6 +74,10 @@ $checked{'ENABLE_REMOTELOG'}{'off'} = ''; $checked{'ENABLE_REMOTELOG'}{'on'} = ''; $checked{'ENABLE_REMOTELOG'}{$logsettings{'ENABLE_REMOTELOG'}} = "checked='checked'"; +$selected{'REMOTELOG_PROTOCOL'}{'udp'} = ''; +$selected{'REMOTELOG_PROTOCOL'}{'tcp'} == ''; +$selected{'REMOTELOG_PROTOCOL'}{$logsettings{'REMOTELOG_PROTOCOL'}} = "selected='selected'"; + $checked{'LOGVIEW_REVERSE'}{'off'} = ''; $checked{'LOGVIEW_REVERSE'}{'on'} = ''; $checked{'LOGVIEW_REVERSE'}{$logsettings{'LOGVIEW_REVERSE'}} = "checked='checked'"; @@ -139,6 +148,11 @@ print < $Lang::tr{'enabled'} $Lang::tr{'log server address'} + $Lang::tr{'log server protocol'} + END From patchwork Mon Nov 20 03:40:35 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1558 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 76EBE60971 for ; Sun, 19 Nov 2017 17:41:00 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 257E334E0; Sun, 19 Nov 2017 17:41:00 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id AD60434C7 for ; Sun, 19 Nov 2017 17:40:56 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id A893C40123 for ; Sun, 19 Nov 2017 17:40:50 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id D5C909F785 for ; Sun, 19 Nov 2017 17:40:35 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1511109635; bh=M0DPR+jwgREKC3URBBPpJMZOeJFnGWnVy759BveD4jc=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=Nftk7lhaBm7x1ix9tqmB4ABzlofjUbEy+u7gXMQ+/w68TaFeNLvcgG3j0jSq099N8 rZM/f+io+QVNuSCpF9UpV+aJVIG+MCMSJUcir1EhM8s/qJ1g249PWnfaOrBReiq7fw Svxzy52ZfFfh9qvwIWaL5MJE3ko6i09aDx0zSB1S7NHVhK31xxE5ofHYTQ6LF9Bolz R6xsarYafXYEe+mvLUUPLzZxhYpQcR2tdcLi6M+JIZ79wjHGq5t2sDrBWH+NKAWAFX bz3KZSzfS4SbrBQk4rcI3kjVZ+LHQ45NepLyPOnhTCp0hYDNdmkrwnOhOGeg98ueyo oYEOU6mVwdW4w== Date: Sun, 19 Nov 2017 17:40:35 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 3/3 v3] add language strings Message-ID: <20171119174035.3d9c44a9.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Add language strings for changed config.dat CGI file. Signed-off-by: Peter Müller --- langs/de/cgi-bin/de.pl | 6 +++++- langs/en/cgi-bin/en.pl | 4 ++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 4cf866a3a..67c9aacbd 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1396,6 +1396,7 @@ 'invalid loaded file' => 'Ungültige geladene Datei', 'invalid local-remote id' => 'Local-Id und Remote-Id dürfen nicht gleich sein, und müssen einem "@"-Zeichen beginnen. Dies sind leftid und rightid in der StrongSwan-Terminologie.', 'invalid logserver address' => 'Ungültige syslogd-Server-Adresse', +'invalid logserver protocol' => 'Ungültiges syslogd-Server-Übertragungsprotokoll', 'invalid mac address' => 'Ungültige MAC-Adresse', 'invalid max lease time' => 'Ungültige max. Haltezeit.', 'invalid maximum incoming size' => 'Ungültige max. ankommende Größe.', @@ -1482,7 +1483,8 @@ 'log enabled' => 'Protokoll aktiviert', 'log level' => 'Protokollierungslevel', 'log lines per page' => 'Zeilen pro Seite', -'log server address' => 'Syslog Server', +'log server address' => 'Syslog Server:', +'log server protocol' => 'Übertragungsprotokoll:', 'log settings' => 'Protokolldatei-Einstellungen', 'log summaries' => 'Protokollübersicht', 'log summary' => 'Protokollzusammenfassung', @@ -2189,6 +2191,7 @@ 'system logs' => 'Systemprotokolldateien', 'system status information' => 'System-Statusinformationen', 'ta key' => 'TLS-Authentifizierungsschlüssel', +'tcp more reliable' => 'TCP (zuverlässiger)', 'telephone not set' => 'Telefonnummer nicht angegeben.', 'template' => 'Vorlage', 'template warning' => 'Zur Einrichtung von QoS stehen Ihnen 2 Möglichkeiten zur Auswahl. Entweder Sie wählen speichern und erstellen Klassen und Regeln nach Ihren Wünschen, oder Sie wählen Vorlage, dann werden die Klassen und Regeln durch ein Template generiert.', @@ -2309,6 +2312,7 @@ 'tripwirewarningpolicy' => 'ACHTUNG - Ihr Policy wird neu erzeugt, anschließen wird die Datenbank neu initialisiert. Hierfür wird der Site-Key und Local-Key benötigt.', 'tuesday' => 'Dienstag', 'type' => 'Typ', +'udp less overhead' => 'UDP (geringerer Overhead)', 'umount' => 'Abmelden', 'umount removable media before to unplug' => 'Wechselmedien vor dem Entfernen unbedingt abmelden', 'unable to alter profiles while red is active' => 'Profile können nicht geändert werden, solange ROT aktiv ist.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 946aba873..1e9754b53 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1428,6 +1428,7 @@ 'invalid loaded file' => 'Invalid loaded file', 'invalid local-remote id' => 'local & remote id must not be equal and begin with a "@" sign. These are leftid and rightid in strongswan terminology.', 'invalid logserver address' => 'Invalid syslogd server address', +'invalid logserver protocol' => 'Invalid syslogd server protocol', 'invalid mac address' => 'Invalid MAC address', 'invalid max lease time' => 'Invalid max lease time.', 'invalid maximum incoming size' => 'Invalid maximum incoming size.', @@ -1515,6 +1516,7 @@ 'log level' => 'Log Level', 'log lines per page' => 'Lines per page', 'log server address' => 'Syslog server:', +'log server protocol' => 'protocol:', 'log settings' => 'Log Settings', 'log summaries' => 'Log summaries', 'log summary' => 'Log Summary', @@ -2231,6 +2233,7 @@ 'system logs' => 'System Logs', 'system status information' => 'System Status Information', 'ta key' => 'TLS-Authentification-Key', +'tcp more reliable' => 'TCP (more reliable)', 'telephone not set' => 'Telephone not set.', 'template' => 'Preset', 'template warning' => 'You have two options to set up Qos. The First, you press the save button and generate the classes and rules on your own. The second, you press the preset button and classes and rules will be set up by a template.', @@ -2354,6 +2357,7 @@ 'tripwirewarningpolicy' => 'WARNING - Your policy will be rebuild, after that your database will be reinitalised. Therefor the site-key and the local-key are neeeded.', 'tuesday' => 'Tuesday', 'type' => 'Type', +'udp less overhead' => 'UDP (less overhead)', 'umount' => 'Umount', 'umount removable media before to unplug' => 'Umount removable media before unplugging the device', 'unable to alter profiles while red is active' => 'Unable to alter profiles while RED is active.',