From patchwork Tue Nov 21 05:40:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1560 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id E654960CB6 for ; Mon, 20 Nov 2017 19:40:20 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 48E3F34FF; Mon, 20 Nov 2017 19:40:20 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 2B14234F6 for ; Mon, 20 Nov 2017 19:40:18 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id 5175C40123 for ; Mon, 20 Nov 2017 19:40:12 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id D01BE9F49E for ; Mon, 20 Nov 2017 19:40:11 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1511203211; x=1574275211; bh=+uTn8n/GyXrVhgja15NnfQlzGIP+X1u0CbNobvpYrSU=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=fj6mjB3N+kiT/SHNVZgSCHlK3XXcTTwr2xKnMJjyR69Ri4YWzb/qP+rkXMqcEh9LD wZl80H+Qh1sjW06rbxx8bNb8AtAcS61ytwGpEoZOVet67hz23lsNsKCwAo915B59JO cW2bl4lNkQZFeESMtscnipruCQ4XgXuKEmusEUrAlFGRKOhTKQSsXlmykMlkrD3sAd SM3FSZB0LiJ/0xHJecPYVlvFlMxo20cj8MPqsM9rHvxXxslqw/XU3XyxcFMXauF9Ra jkRxSe6k29wTNCEebVtqPC1o68lnvZnR6DxORHoGwkrHUQnaVtpRkoLcrtCa6GfpED FNbYRs7CEzC0Q== Date: Mon, 20 Nov 2017 19:40:11 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 1/3 v4] allow remote syslog via TCP in syslogdctrl.c Message-ID: <20171120194011.3a066f96.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Make syslogctrl.c use TCP as remote logging file if specified so. Thanks to Michael for reviewing this. Signed-off-by: Peter Müller --- src/misc-progs/syslogdctrl.c | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/src/misc-progs/syslogdctrl.c b/src/misc-progs/syslogdctrl.c index 52719023e..83727162e 100644 --- a/src/misc-progs/syslogdctrl.c +++ b/src/misc-progs/syslogdctrl.c @@ -27,18 +27,19 @@ #define ERR_ANY 1 #define ERR_SETTINGS 2 /* error in settings file */ #define ERR_ETC 3 /* error with /etc permissions */ -#define ERR_CONFIG 4 /* error updated sshd_config */ +#define ERR_CONFIG 4 /* error updating syslogd config */ #define ERR_SYSLOG 5 /* error restarting syslogd */ int main(void) { - char buffer[STRING_SIZE], command[STRING_SIZE], hostname[STRING_SIZE]; + char buffer[STRING_SIZE], command[STRING_SIZE], hostname[STRING_SIZE], protocol[STRING_SIZE]; char varmessages[STRING_SIZE], asynclog[STRING_SIZE]; int config_fd,rc,fd,pid; struct stat st; struct keyvalue *kv = NULL; memset(buffer, 0, STRING_SIZE); memset(hostname, 0, STRING_SIZE); + memset(protocol, 0, STRING_SIZE); memset(varmessages, 0, STRING_SIZE); memset(asynclog, 0, STRING_SIZE); @@ -67,6 +68,12 @@ int main(void) exit(ERR_SETTINGS); } + if (!findkey(kv, "REMOTELOG_PROTOCOL", protocol)) + { + /* fall back to UDP if no protocol was given */ + protocol = "udp"; + } + if (strspn(hostname, VALID_FQDN) != strlen(hostname)) { fprintf(stderr, "Bad REMOTELOG_ADDR: %s\n", hostname); @@ -106,9 +113,24 @@ int main(void) } if (!strcmp(buffer,"on")) - snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + { + /* check which transmission protocol was given */ + if (strcmp(protocol, "tcp") == 0) + { + /* write line for TCP */ + snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + } + else + { + /* write line for UDP */ + snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@\\).\\+$/\\1%s/' /etc/syslog.conf >&%d", hostname, config_fd ); + } + } else + { + /* if remote syslog has been disabled */ snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' /etc/syslog.conf >&%d", config_fd ); + } /* if the return code isn't 0 failsafe */ if ((rc = unpriv_system(buffer,99,99)) != 0) From patchwork Tue Nov 21 05:40:17 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1561 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 1E66B60CB6 for ; Mon, 20 Nov 2017 19:40:32 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id BE6BB3501; Mon, 20 Nov 2017 19:40:31 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 9384334F7 for ; Mon, 20 Nov 2017 19:40:28 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id 2C3BC40123 for ; Mon, 20 Nov 2017 19:40:23 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id B143D9F876 for ; Mon, 20 Nov 2017 19:40:17 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1511203217; x=1574275217; bh=tmn2RCyZkkh+bq38MKSHu4OiPQEGs8IrXHFHNwag/DE=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=XL2l8xG0hR2FiRAl3/FFaRS/cwXy1WNmgqkK608iZ99S5UefmchINFxkZUUrbiBdB +Se9yAcp5OeLawizpaRRhlV4XHtmzUjwmAOzmYAelknZUE92r2pAQU3LJCmSVD2zyH qcQWo4KH1qpBvJKHa0p0uJBJQuVLuXlpQIyOqXEZGiD75XiLFIStb17l4QTg9rgwQW tVnzN6ZH1qZ5yzHkq5j1geDSRXTA9mzc99Ezsae+q3waiKrnaRRHtiEuDkFBWGTDtX 6MCnsUXuX7NMkJ1Tg3Ogi6dys64fMC51hkkrk2JNLw/JF74t/7cv1KRQeJNz98E+Ep 8pX+1H7Orw6Wg== Date: Mon, 20 Nov 2017 19:40:17 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 2/3 v4] allow changing remote syslog protocol to TCP Message-ID: <20171120194017.5d10d634.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Add option to change remote syslog protocol to TCP, which is more reliable than UDP, but might be unsupported on older syslog servers. Signed-off-by: Peter Müller --- html/cgi-bin/logs.cgi/config.dat | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/html/cgi-bin/logs.cgi/config.dat b/html/cgi-bin/logs.cgi/config.dat index 789341dbe..aed0db9cf 100644 --- a/html/cgi-bin/logs.cgi/config.dat +++ b/html/cgi-bin/logs.cgi/config.dat @@ -33,6 +33,7 @@ $logsettings{'LOGWATCH_KEEP'} = '56'; my @VS = ('15','50','100','150','250','500'); $logsettings{'ENABLE_REMOTELOG'} = 'off'; $logsettings{'REMOTELOG_ADDR'} = ''; +$logsettings{'REMOTELOG_PROTOCOL'} = 'udp'; $logsettings{'ACTION'} = ''; &Header::getcgihash(\%logsettings); @@ -45,6 +46,10 @@ if ($logsettings{'ACTION'} eq $Lang::tr{'save'}) { $errormessage = $Lang::tr{'invalid logserver address'}; } + unless ($logsettings{'REMOTELOG_PROTOCOL'} =~ /^udp|tcp$/) + { + $errormessage = $Lang::tr{'invalid logserver protocol'}; + } } unless ($logsettings{'LOGWATCH_KEEP'} =~ /^\d+$/) { @@ -69,6 +74,10 @@ $checked{'ENABLE_REMOTELOG'}{'off'} = ''; $checked{'ENABLE_REMOTELOG'}{'on'} = ''; $checked{'ENABLE_REMOTELOG'}{$logsettings{'ENABLE_REMOTELOG'}} = "checked='checked'"; +$selected{'REMOTELOG_PROTOCOL'}{'udp'} = ''; +$selected{'REMOTELOG_PROTOCOL'}{'tcp'} == ''; +$selected{'REMOTELOG_PROTOCOL'}{$logsettings{'REMOTELOG_PROTOCOL'}} = "selected='selected'"; + $checked{'LOGVIEW_REVERSE'}{'off'} = ''; $checked{'LOGVIEW_REVERSE'}{'on'} = ''; $checked{'LOGVIEW_REVERSE'}{$logsettings{'LOGVIEW_REVERSE'}} = "checked='checked'"; @@ -139,6 +148,11 @@ print < $Lang::tr{'enabled'} $Lang::tr{'log server address'} + $Lang::tr{'log server protocol'} + END From patchwork Tue Nov 21 05:40:32 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1562 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 5444860CB6 for ; Mon, 20 Nov 2017 19:40:47 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id ED5933501; Mon, 20 Nov 2017 19:40:46 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id EEC9D34F6 for ; Mon, 20 Nov 2017 19:40:43 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id EEAD840395 for ; Mon, 20 Nov 2017 19:40:33 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id 707BB9F49E for ; Mon, 20 Nov 2017 19:40:33 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1511203233; x=1574275233; bh=M0DPR+jwgREKC3URBBPpJMZOeJFnGWnVy759BveD4jc=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=QoAeoSj6UR1qDiuySd+ZDCFRqsfXTNvrKuUrAKBB5D6HKVWQr2hlie9X2IUlOpKod kclPitb5JW408jRk57h9NkGjnd0vN5aWK/S1n9vH8Jodskluq9WgmKpjI6PPd8D86c ZUSDnWF8Gl5CmhBf0jCuDseHV9rlOkPzIXcEzEgcZWU32MtpdUgv14UwGGK/4uwAJ6 Kskk5xSSyM8Cdi/B0a4ZY1WcX07sp2KH3YjhoZsC2S4xjRIiyAYX2VYtgKTgkir0lM KcoAvlcWNamqjx/YT8bOO8AACGHJCtSfFnBvT+nJecCfy9XWcNAl3rTiP7Xkj0v59x O1IOHXtwZGzKQ== Date: Mon, 20 Nov 2017 19:40:32 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 3/3 v4] add language strings Message-ID: <20171120194032.36ea9561.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Add language strings for changed config.dat CGI file. Signed-off-by: Peter Müller --- langs/de/cgi-bin/de.pl | 6 +++++- langs/en/cgi-bin/en.pl | 4 ++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 4cf866a3a..67c9aacbd 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1396,6 +1396,7 @@ 'invalid loaded file' => 'Ungültige geladene Datei', 'invalid local-remote id' => 'Local-Id und Remote-Id dürfen nicht gleich sein, und müssen einem "@"-Zeichen beginnen. Dies sind leftid und rightid in der StrongSwan-Terminologie.', 'invalid logserver address' => 'Ungültige syslogd-Server-Adresse', +'invalid logserver protocol' => 'Ungültiges syslogd-Server-Übertragungsprotokoll', 'invalid mac address' => 'Ungültige MAC-Adresse', 'invalid max lease time' => 'Ungültige max. Haltezeit.', 'invalid maximum incoming size' => 'Ungültige max. ankommende Größe.', @@ -1482,7 +1483,8 @@ 'log enabled' => 'Protokoll aktiviert', 'log level' => 'Protokollierungslevel', 'log lines per page' => 'Zeilen pro Seite', -'log server address' => 'Syslog Server', +'log server address' => 'Syslog Server:', +'log server protocol' => 'Übertragungsprotokoll:', 'log settings' => 'Protokolldatei-Einstellungen', 'log summaries' => 'Protokollübersicht', 'log summary' => 'Protokollzusammenfassung', @@ -2189,6 +2191,7 @@ 'system logs' => 'Systemprotokolldateien', 'system status information' => 'System-Statusinformationen', 'ta key' => 'TLS-Authentifizierungsschlüssel', +'tcp more reliable' => 'TCP (zuverlässiger)', 'telephone not set' => 'Telefonnummer nicht angegeben.', 'template' => 'Vorlage', 'template warning' => 'Zur Einrichtung von QoS stehen Ihnen 2 Möglichkeiten zur Auswahl. Entweder Sie wählen speichern und erstellen Klassen und Regeln nach Ihren Wünschen, oder Sie wählen Vorlage, dann werden die Klassen und Regeln durch ein Template generiert.', @@ -2309,6 +2312,7 @@ 'tripwirewarningpolicy' => 'ACHTUNG - Ihr Policy wird neu erzeugt, anschließen wird die Datenbank neu initialisiert. Hierfür wird der Site-Key und Local-Key benötigt.', 'tuesday' => 'Dienstag', 'type' => 'Typ', +'udp less overhead' => 'UDP (geringerer Overhead)', 'umount' => 'Abmelden', 'umount removable media before to unplug' => 'Wechselmedien vor dem Entfernen unbedingt abmelden', 'unable to alter profiles while red is active' => 'Profile können nicht geändert werden, solange ROT aktiv ist.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 946aba873..1e9754b53 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1428,6 +1428,7 @@ 'invalid loaded file' => 'Invalid loaded file', 'invalid local-remote id' => 'local & remote id must not be equal and begin with a "@" sign. These are leftid and rightid in strongswan terminology.', 'invalid logserver address' => 'Invalid syslogd server address', +'invalid logserver protocol' => 'Invalid syslogd server protocol', 'invalid mac address' => 'Invalid MAC address', 'invalid max lease time' => 'Invalid max lease time.', 'invalid maximum incoming size' => 'Invalid maximum incoming size.', @@ -1515,6 +1516,7 @@ 'log level' => 'Log Level', 'log lines per page' => 'Lines per page', 'log server address' => 'Syslog server:', +'log server protocol' => 'protocol:', 'log settings' => 'Log Settings', 'log summaries' => 'Log summaries', 'log summary' => 'Log Summary', @@ -2231,6 +2233,7 @@ 'system logs' => 'System Logs', 'system status information' => 'System Status Information', 'ta key' => 'TLS-Authentification-Key', +'tcp more reliable' => 'TCP (more reliable)', 'telephone not set' => 'Telephone not set.', 'template' => 'Preset', 'template warning' => 'You have two options to set up Qos. The First, you press the save button and generate the classes and rules on your own. The second, you press the preset button and classes and rules will be set up by a template.', @@ -2354,6 +2357,7 @@ 'tripwirewarningpolicy' => 'WARNING - Your policy will be rebuild, after that your database will be reinitalised. Therefor the site-key and the local-key are neeeded.', 'tuesday' => 'Tuesday', 'type' => 'Type', +'udp less overhead' => 'UDP (less overhead)', 'umount' => 'Umount', 'umount removable media before to unplug' => 'Umount removable media before unplugging the device', 'unable to alter profiles while red is active' => 'Unable to alter profiles while RED is active.',