Add syslog-ng with anon patch
Hanno Böck

Hanno Böck commited on 2007-10-04 15:37:12
Zeige 13 geänderte Dateien mit 1179 Einfügungen und 0 Löschungen.

... ...
@@ -0,0 +1,48 @@
1
+AUX syslog-ng-anon-2.0.4.diff 16854 RMD160 602aa45f8cd01415b202d2210d6765cc2352e720 SHA1 cd9f009a7f835045692eaf73d69d464a39a0b2b2 SHA256 ecc05be8fdcf1128ee0ccaea7290027609042ae966dd35e86310c29009cbe380
2
+MD5 660726d013b2a3b122e5c9ea66580011 files/syslog-ng-anon-2.0.4.diff 16854
3
+RMD160 602aa45f8cd01415b202d2210d6765cc2352e720 files/syslog-ng-anon-2.0.4.diff 16854
4
+SHA256 ecc05be8fdcf1128ee0ccaea7290027609042ae966dd35e86310c29009cbe380 files/syslog-ng-anon-2.0.4.diff 16854
5
+AUX syslog-ng.conf.debian 5445 RMD160 c3c2f319d437bb2548226f4f78db96cd6210c7cc SHA1 80256f810a5b87adf5b39320eb4b5758ba3003a0 SHA256 74943e12a92b415306e2fca27056a839fa7ce443ccd08fdafcfac9bcba08a1c3
6
+MD5 b9cf104e2020c2d8c5fa164b6f54de5c files/syslog-ng.conf.debian 5445
7
+RMD160 c3c2f319d437bb2548226f4f78db96cd6210c7cc files/syslog-ng.conf.debian 5445
8
+SHA256 74943e12a92b415306e2fca27056a839fa7ce443ccd08fdafcfac9bcba08a1c3 files/syslog-ng.conf.debian 5445
9
+AUX syslog-ng.conf.gentoo 1100 RMD160 02b1b6230d509369a86ac9e26c374f7972fbed9f SHA1 a27db752c611786062ac8e0d2e902c038d6323b2 SHA256 fbe8e8f7143748212d0726ad3ee6eed7479018eef788cdeee6796ae78cbdc96a
10
+MD5 9df476673c4f296fed44e21ca3cbd136 files/syslog-ng.conf.gentoo 1100
11
+RMD160 02b1b6230d509369a86ac9e26c374f7972fbed9f files/syslog-ng.conf.gentoo 1100
12
+SHA256 fbe8e8f7143748212d0726ad3ee6eed7479018eef788cdeee6796ae78cbdc96a files/syslog-ng.conf.gentoo 1100
13
+AUX syslog-ng.conf.gentoo.fbsd 702 RMD160 2fb49bab8ccc7ce763156ef14dbff858d7e6b416 SHA1 1a6bd708009fd6d18516d66a34bd9cb9ec7c3eed SHA256 ab54cc3e5595fad1b362039932ee8a7d7e852ebda3f08bb20ecc19c1be830751
14
+MD5 37af1755a1b1003fa49b4fd7197e268e files/syslog-ng.conf.gentoo.fbsd 702
15
+RMD160 2fb49bab8ccc7ce763156ef14dbff858d7e6b416 files/syslog-ng.conf.gentoo.fbsd 702
16
+SHA256 ab54cc3e5595fad1b362039932ee8a7d7e852ebda3f08bb20ecc19c1be830751 files/syslog-ng.conf.gentoo.fbsd 702
17
+AUX syslog-ng.conf.gentoo.hardened 4346 RMD160 18932d56ce748454941859dc04c417791184a84d SHA1 8773391798882c4120af039a073d670be5bb9d86 SHA256 110478ff3805ee917488b874fbdbb4b48f9f2b02840f83a0a1d967925ebe3552
18
+MD5 f33373c704c59b3141123ef16fc3e85d files/syslog-ng.conf.gentoo.hardened 4346
19
+RMD160 18932d56ce748454941859dc04c417791184a84d files/syslog-ng.conf.gentoo.hardened 4346
20
+SHA256 110478ff3805ee917488b874fbdbb4b48f9f2b02840f83a0a1d967925ebe3552 files/syslog-ng.conf.gentoo.hardened 4346
21
+AUX syslog-ng.confd 150 RMD160 b5ab31e1c285fdd2f41324abc2c6b39bce59038d SHA1 c5df6ef1eca2a169fb3073816d4a06b7c85c0b0c SHA256 8319ca8e39a5dab5ddc82eede088e1f58ff25deef330804648000359cb736a3f
22
+MD5 252ddaf4e3475b15b715b62f6c149fc1 files/syslog-ng.confd 150
23
+RMD160 b5ab31e1c285fdd2f41324abc2c6b39bce59038d files/syslog-ng.confd 150
24
+SHA256 8319ca8e39a5dab5ddc82eede088e1f58ff25deef330804648000359cb736a3f files/syslog-ng.confd 150
25
+AUX syslog-ng.logrotate 342 RMD160 ef72b796f96af38c421f2acc04ac3bed4c42de0e SHA1 77de0e56d3afb784d92b6e79f94a368952172eff SHA256 5a8a52e3832333eba51969d41cb6ae18e0a80d1e1ada39595dbc5f5075f91375
26
+MD5 fe66a527c7f36a560197b4187ad6d9db files/syslog-ng.logrotate 342
27
+RMD160 ef72b796f96af38c421f2acc04ac3bed4c42de0e files/syslog-ng.logrotate 342
28
+SHA256 5a8a52e3832333eba51969d41cb6ae18e0a80d1e1ada39595dbc5f5075f91375 files/syslog-ng.logrotate 342
29
+AUX syslog-ng.logrotate.hardened 1696 RMD160 9f22685778cf6d9c54ab899e586650e356a66498 SHA1 2c40af7591dac343047ac7a517c4ee8a5cb5f0a7 SHA256 e4530dab9b9d3c1a78bc1349e4ae647a6747b0aba7b3d5192f029281d71c89bf
30
+MD5 2adc9517b1dc66ebb76a40848178b937 files/syslog-ng.logrotate.hardened 1696
31
+RMD160 9f22685778cf6d9c54ab899e586650e356a66498 files/syslog-ng.logrotate.hardened 1696
32
+SHA256 e4530dab9b9d3c1a78bc1349e4ae647a6747b0aba7b3d5192f029281d71c89bf files/syslog-ng.logrotate.hardened 1696
33
+AUX syslog-ng.rc6 1615 RMD160 8cb414bc09c48fdb591320203947035f9c32e968 SHA1 3752874ee7d35cfb9ca92664f19caf5f187d6d5d SHA256 d4e574597148ae1b7009a9bc14df97c0b7b05e54f61619607e532984b5903b73
34
+MD5 b74c976f08eb333cd29db85f69ba5c36 files/syslog-ng.rc6 1615
35
+RMD160 8cb414bc09c48fdb591320203947035f9c32e968 files/syslog-ng.rc6 1615
36
+SHA256 d4e574597148ae1b7009a9bc14df97c0b7b05e54f61619607e532984b5903b73 files/syslog-ng.rc6 1615
37
+AUX syslog-ng.rc6-r1 1879 RMD160 846e8019a15887f3b95939cae25a04139a9697cf SHA1 a8c2c35ac85c65586d3d647698b4a24367d0840f SHA256 b894e6c5f860d81942467fa1449a3e9bf70779fe8ac288fa77b0feab811d4343
38
+MD5 3e699d770cbccadf59d1630426be3947 files/syslog-ng.rc6-r1 1879
39
+RMD160 846e8019a15887f3b95939cae25a04139a9697cf files/syslog-ng.rc6-r1 1879
40
+SHA256 b894e6c5f860d81942467fa1449a3e9bf70779fe8ac288fa77b0feab811d4343 files/syslog-ng.rc6-r1 1879
41
+DIST syslog-ng-2.0.5.tar.gz 363064 RMD160 feb568ca325259301ed320e53d09a7be0b6edf41 SHA1 f514e2d2ae7831298e71d6fa9cc1817f7038431c SHA256 34862f87d9d404ad4874d95ee871334f5bc2acad65420f672ad2ee286ab660a1
42
+EBUILD syslog-ng-2.0.5-r1.ebuild 2559 RMD160 54f4fde6a40d048487e3e42595f0c640e2399757 SHA1 e35436d2a3d28f6eeb06287e868291bd2c23f344 SHA256 ee2f06d4beba22ab3f2cc8ea92bb82de89faf99aa34ca6a2d85e77df4636f309
43
+MD5 c46b646a2d9a42a8f2ce25d0401db81f syslog-ng-2.0.5-r1.ebuild 2559
44
+RMD160 54f4fde6a40d048487e3e42595f0c640e2399757 syslog-ng-2.0.5-r1.ebuild 2559
45
+SHA256 ee2f06d4beba22ab3f2cc8ea92bb82de89faf99aa34ca6a2d85e77df4636f309 syslog-ng-2.0.5-r1.ebuild 2559
46
+MD5 cefbf1bbbac4106cecbdd48967e70bd7 files/digest-syslog-ng-2.0.5-r1 247
47
+RMD160 d37b1f38accd90e59e5b5fbee9d74382a4987a97 files/digest-syslog-ng-2.0.5-r1 247
48
+SHA256 4d5aae112aa2c494fa93fc4ea74360d6d072436d394d25bd5ca3d71ccdb88858 files/digest-syslog-ng-2.0.5-r1 247
... ...
@@ -0,0 +1,3 @@
1
+MD5 c161eefc450fabc246c1a10997c6c6a5 syslog-ng-2.0.5.tar.gz 363064
2
+RMD160 feb568ca325259301ed320e53d09a7be0b6edf41 syslog-ng-2.0.5.tar.gz 363064
3
+SHA256 34862f87d9d404ad4874d95ee871334f5bc2acad65420f672ad2ee286ab660a1 syslog-ng-2.0.5.tar.gz 363064
... ...
@@ -0,0 +1,536 @@
1
+diff -urN syslog-ng-2.0.4.orig/doc/examples/syslog-ng-anon.conf syslog-ng-2.0.4/doc/examples/syslog-ng-anon.conf
2
+--- syslog-ng-2.0.4.orig/doc/examples/syslog-ng-anon.conf	1969-12-31 18:00:00.000000000 -0600
3
++++ syslog-ng-2.0.4/doc/examples/syslog-ng-anon.conf	2007-07-08 23:32:28.000000000 -0500
4
+@@ -0,0 +1,243 @@
5
++#
6
++# Configuration file for syslog-ng under Debian.
7
++# Customized for riseup.net using syslog-ng-anon patch
8
++# (http://dev.riseup.net/patches/syslog-ng/)
9
++#
10
++# see http://www.campin.net/syslog-ng/expanded-syslog-ng.conf
11
++# for examples.
12
++#
13
++# levels: emerg alert crit err warning notice info debug
14
++#
15
++
16
++############################################################
17
++## global options
18
++
19
++options {
20
++    chain_hostnames(0);
21
++    time_reopen(10);
22
++    time_reap(360);
23
++    sync(0);
24
++    log_fifo_size(2048);
25
++    create_dirs(yes);
26
++    group(adm);
27
++    perm(0640);
28
++    dir_perm(0755);
29
++    use_dns(no);
30
++};
31
++
32
++############################################################
33
++## universal source
34
++
35
++source s_all {
36
++    internal();
37
++    unix-stream("/dev/log");
38
++    file("/proc/kmsg" log_prefix("kernel: "));
39
++};
40
++
41
++############################################################
42
++## generic destinations
43
++
44
++destination df_facility_dot_info   { file("/var/log/$FACILITY.info");   };
45
++destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); };
46
++destination df_facility_dot_warn   { file("/var/log/$FACILITY.warn");   };
47
++destination df_facility_dot_err    { file("/var/log/$FACILITY.err");    };
48
++destination df_facility_dot_crit   { file("/var/log/$FACILITY.crit");   };
49
++
50
++############################################################
51
++## generic filters
52
++
53
++filter f_strip { strip(ips); };
54
++filter f_at_least_info   { level(info..emerg);   };
55
++filter f_at_least_notice { level(notice..emerg); };
56
++filter f_at_least_warn   { level(warn..emerg);   };
57
++filter f_at_least_err    { level(err..emerg);    };
58
++filter f_at_least_crit   { level(crit..emerg);   };
59
++
60
++############################################################
61
++## auth.log
62
++
63
++filter f_auth { facility(auth, authpriv); };
64
++destination df_auth { file("/var/log/auth.log"); };
65
++log {
66
++    source(s_all);
67
++    filter(f_auth);
68
++    destination(df_auth);
69
++};
70
++
71
++############################################################
72
++## daemon.log
73
++
74
++filter f_daemon { facility(daemon); };
75
++destination df_daemon { file("/var/log/daemon.log"); };
76
++log {
77
++    source(s_all);
78
++    filter(f_daemon);
79
++    destination(df_daemon);
80
++};
81
++
82
++############################################################
83
++## kern.log
84
++
85
++filter f_kern { facility(kern); };
86
++destination df_kern { file("/var/log/kern.log"); };
87
++log {
88
++    source(s_all);
89
++    filter(f_kern);
90
++    destination(df_kern);
91
++};
92
++
93
++############################################################
94
++## user.log
95
++
96
++filter f_user { facility(user); };
97
++destination df_user { file("/var/log/user.log"); };
98
++log {
99
++    source(s_all);
100
++    filter(f_user);
101
++    destination(df_user);
102
++};
103
++
104
++############################################################
105
++## sympa.log
106
++
107
++filter f_sympa { program("^(sympa|bounced|archived|task_manager)"); };
108
++destination d_sympa { file("/var/log/sympa.log"); };
109
++log {
110
++	source(s_all);
111
++	filter(f_sympa);
112
++	destination(d_sympa);
113
++	flags(final);
114
++};
115
++
116
++############################################################
117
++## wwsympa.log
118
++
119
++filter f_wwsympa { program("^wwsympa"); };
120
++destination d_wwsympa { file("/var/log/wwsympa.log"); };
121
++log {
122
++	source(s_all);
123
++	filter(f_wwsympa);
124
++	filter(f_strip);
125
++	destination(d_wwsympa);
126
++	flags(final);
127
++};
128
++
129
++############################################################
130
++## ldap.log
131
++
132
++filter f_ldap { program("slapd"); };
133
++destination d_ldap { file("/var/log/ldap.log"); };
134
++log {
135
++	source(s_all);
136
++	filter(f_ldap);
137
++	destination(d_ldap);
138
++	flags(final);
139
++};
140
++
141
++############################################################
142
++## postfix.log
143
++
144
++# special source because of chroot jail
145
++#source s_postfix { unix-stream("/var/spool/postfix/dev/log" keep-alive(yes)); }; 
146
++filter f_postfix { program("^postfix/"); };
147
++destination d_postfix { file("/var/log/postfix.log"); };
148
++log {
149
++	source(s_all);
150
++	filter(f_postfix);
151
++	filter(f_strip);
152
++	destination(d_postfix);
153
++	flags(final);
154
++};
155
++
156
++############################################################
157
++## courier.log
158
++
159
++filter f_courier { program("courier|imap|pop"); };
160
++destination d_courier { file("/var/log/courier.log"); };
161
++log {
162
++	source(s_all);
163
++	filter(f_courier);
164
++	filter(f_strip);
165
++	destination(d_courier);
166
++	flags(final);
167
++};
168
++
169
++############################################################
170
++## maildrop.log
171
++
172
++filter f_maildrop { program("^maildrop"); };
173
++destination d_maildrop { file("/var/log/maildrop.log"); };
174
++log {
175
++	source(s_all);
176
++	filter(f_maildrop);
177
++	destination(d_courier);
178
++	flags(final);
179
++};
180
++
181
++############################################################
182
++## mail.log
183
++
184
++filter f_mail { facility(mail); };
185
++destination df_mail { file("/var/log/mail.log"); };
186
++
187
++log {
188
++    source(s_all);
189
++    filter(f_mail);
190
++    destination(df_mail);
191
++};
192
++
193
++############################################################
194
++## messages.log
195
++
196
++filter f_messages {
197
++	level(debug,info,notice)
198
++	and not facility(auth,authpriv,daemon,mail,user,kern);
199
++};
200
++destination df_messages { file("/var/log/messages.log"); };
201
++log {
202
++    source(s_all);
203
++    filter(f_messages);
204
++    destination(df_messages);
205
++};
206
++
207
++############################################################
208
++## errors.log
209
++
210
++filter f_errors {
211
++	level(warn,err,crit,alert,emerg)
212
++	and not facility(auth,authpriv,daemon,mail,user,kern);
213
++};
214
++destination df_errors { file("/var/log/errors.log"); };
215
++log {
216
++	source(s_all);
217
++	filter(f_errors);
218
++	destination(df_errors);
219
++};
220
++
221
++############################################################
222
++## emergencies
223
++
224
++filter f_emerg { level(emerg); };
225
++destination du_all { usertty("*"); };
226
++log {
227
++	source(s_all);
228
++	filter(f_emerg);
229
++	destination(du_all);
230
++};
231
++
232
++############################################################
233
++## console messages
234
++
235
++filter f_xconsole {
236
++    facility(daemon,mail)
237
++    or level(debug,info,notice,warn)
238
++    or (facility(news)
239
++    and level(crit,err,notice));
240
++};
241
++destination dp_xconsole { pipe("/dev/xconsole"); };
242
++log {
243
++    source(s_all);
244
++    filter(f_xconsole);
245
++    destination(dp_xconsole);
246
++};
247
++
248
+diff -urN syslog-ng-2.0.4.orig/doc/Makefile.am syslog-ng-2.0.4/doc/Makefile.am
249
+--- syslog-ng-2.0.4.orig/doc/Makefile.am	2007-04-19 14:37:16.000000000 -0500
250
++++ syslog-ng-2.0.4/doc/Makefile.am	2007-07-08 23:34:14.000000000 -0500
251
+@@ -6,8 +6,10 @@
252
+ 	reference/syslog-ng.xml \
253
+ 	reference/syslog-ng.txt \
254
+ 	reference/syslog-ng.xsl \
255
++	reference/README.syslog-ng-anon \
256
+ 	examples/syslog-ng.conf.sample \
257
+-	examples/syslog-ng.conf.solaris
258
++	examples/syslog-ng.conf.solaris \
259
++	examples/syslog-ng-anon.conf
260
+ 
261
+ man_MANS = man/syslog-ng.8 man/syslog-ng.conf.5
262
+ 
263
+diff -urN syslog-ng-2.0.4.orig/doc/Makefile.in syslog-ng-2.0.4/doc/Makefile.in
264
+--- syslog-ng-2.0.4.orig/doc/Makefile.in	2007-05-15 09:40:53.000000000 -0500
265
++++ syslog-ng-2.0.4/doc/Makefile.in	2007-07-08 23:35:39.000000000 -0500
266
+@@ -135,8 +135,10 @@
267
+ 	reference/syslog-ng.xml \
268
+ 	reference/syslog-ng.txt \
269
+ 	reference/syslog-ng.xsl \
270
++	reference/README.syslog-ng-anon \
271
+ 	examples/syslog-ng.conf.sample \
272
+-	examples/syslog-ng.conf.solaris
273
++	examples/syslog-ng.conf.solaris \
274
++	examples/syslog-ng-anon.conf
275
+ 
276
+ 
277
+ man_MANS = man/syslog-ng.8 man/syslog-ng.conf.5
278
+diff -urN syslog-ng-2.0.4.orig/doc/reference/README.syslog-ng-anon syslog-ng-2.0.4/doc/reference/README.syslog-ng-anon
279
+--- syslog-ng-2.0.4.orig/doc/reference/README.syslog-ng-anon	1969-12-31 18:00:00.000000000 -0600
280
++++ syslog-ng-2.0.4/doc/reference/README.syslog-ng-anon	2007-07-08 23:32:09.000000000 -0500
281
+@@ -0,0 +1,93 @@
282
++syslog-ng-anon
283
++
284
++ This patch adds the capability to syslog-ng that allows you to strip
285
++ out any given regexp or all IP addresses from log messages before
286
++ they are written to disk. The goal is to give the system administrator
287
++ the means to implement site logging policies, by allowing them easy
288
++ control over exactly what data they retain in their logfiles,
289
++ regardless of what a particular daemon might think is best.
290
++
291
++Background:
292
++
293
++ Data retention has become a hot legal topic for ISPs and other Online
294
++ Service Providers (OSPs). There are many instances where it is preferable
295
++ to keep less information on users than is collected by default on many
296
++ systems. In the United States it is not currently required to retain
297
++ data on users of a server, but you may be required to provide all data
298
++ on a user which you have retained. OSPs can protect themselves from legal
299
++ hassles and added work by choosing what data they wish to retain.
300
++
301
++ From "Best Practices for Online Service Providers"
302
++ (http://www.eff.org/osp):
303
++
304
++  As an intermediary, the OSP [Online Service Provider] finds itself in
305
++  a position to collect and store detailed information about its users
306
++  and their online activities that may be of great interest to third
307
++  parties. The USA PATRIOT Act also provides the government with
308
++  expanded powers to request this information. As a result, OSP owners
309
++  must deal with requests from law enforcement and lawyers to hand over
310
++  private user information and logs. Yet, compliance with these demands
311
++  takes away from an OSP's goal of providing users with reliable,
312
++  secure network services. In this paper, EFF offers some suggestions,
313
++  both legal and technical, for best practices that balance the needs
314
++  of OSPs and their users' privacy and civil liberties.
315
++ 
316
++  Rather than scrubbing the information you don't want in logs, this patch
317
++  ensures that the information is never written to disk. Also, for those 
318
++  daemons which log through syslog facilities, this patch provides a 
319
++  convenient single configuration to limit what you wish to log.
320
++  
321
++  Here are some related links:
322
++  
323
++  Best Practices for Online Service Providers
324
++  http://www.eff.org/osp
325
++  http://www.eff.org/osp/20040819_OSPBestPractices.pdf
326
++  
327
++  EPIC International Data Retention Page
328
++  http://www.epic.org/privacy/intl/data_retention.html
329
++  
330
++  Working Paper on Usage Log Data Management (from Computer, Freedom, and 
331
++  Privacy conference) http://cryptome.org/usage-logs.htm
332
++  
333
++
334
++Installing syslog-ng-anon 
335
++  
336
++ Applying the patch
337
++
338
++  This patch has been tested against the following versions of syslog-ng:
339
++ 	. version 1.6.7
340
++ 	. Debian package syslog-ng_1.6.7-2
341
++
342
++
343
++  To use this patch, obtain the source for syslog-ng 
344
++  (http://www.balabit.com/downloads/syslog-ng/1.6/src/) and the latest
345
++  syslog-ng-anon patch (http://dev.riseup.net/patches/syslog-ng/). 
346
++  Uncompress the syslog-ng source and then apply the patch:
347
++
348
++  % tar -zxvf syslog-ng.tar.gz
349
++  % cd syslog-ng
350
++  % patch -p1 < syslog-ng-anon.diff
351
++ 
352
++  Then compile and install syslog-ng as normal.
353
++
354
++ Debian package
355
++
356
++  Alternately, you can install syslog-ng-anon from this repository:
357
++  deb http://deb.riseup.net/debian unstable main
358
++
359
++ How to use it
360
++
361
++  This patch adds the filter "strip". For example:
362
++
363
++ 	filter f_strip {strip(<regexp>);};
364
++
365
++  This will strip out all matches of the regular expression on logs to
366
++  which the filter is applied and replaces all matches with the fixed length
367
++  four dashes ("----").
368
++
369
++  In place of a regular expression, you can put "ips", which will replace all
370
++  internet addresses with 0.0.0.0. For example:
371
++
372
++ 	filter f_strip {strip(ips);};
373
++
374
++  You can alter what the replacement strings are by using replace:
375
+diff -urN syslog-ng-2.0.4.orig/src/cfg-grammar.y syslog-ng-2.0.4/src/cfg-grammar.y
376
+--- syslog-ng-2.0.4.orig/src/cfg-grammar.y	2007-04-20 15:24:08.000000000 -0500
377
++++ syslog-ng-2.0.4/src/cfg-grammar.y	2007-07-08 23:38:07.000000000 -0500
378
+@@ -107,7 +107,7 @@
379
+ %token KW_USE_TIME_RECVD
380
+ 
381
+ /* filter items*/
382
+-%token KW_FACILITY KW_LEVEL KW_HOST KW_MATCH KW_NETMASK
383
++%token KW_FACILITY KW_LEVEL KW_HOST KW_MATCH KW_NETMASK KW_STRIP KW_REPLACE
384
+ 
385
+ /* yes/no switches */
386
+ %token KW_YES KW_NO
387
+@@ -803,6 +803,8 @@
388
+ 	| KW_PROGRAM '(' string ')'		{ $$ = filter_prog_new($3); free($3); }
389
+ 	| KW_HOST '(' string ')'		{ $$ = filter_host_new($3); free($3); }	
390
+ 	| KW_MATCH '(' string ')'		{ $$ = filter_match_new($3); free($3); }
391
++	| KW_STRIP '(' string ')'		{ $$ = filter_strip_new($3); free($3); }
392
++	| KW_REPLACE '(' string string ')'	{ $$ = filter_replace_new($3, $4); free($3); free($4); }
393
+ 	| KW_FILTER '(' string ')'		{ $$ = filter_call_new($3, configuration); free($3); }
394
+ 	| KW_NETMASK '(' string ')'		{ $$ = filter_netmask_new($3); free($3); }
395
+ 	;
396
+@@ -908,4 +910,4 @@
397
+   last_reader_options = NULL;
398
+   last_writer_options = NULL;
399
+   last_template = NULL;
400
+-}
401
+\ No newline at end of file
402
++}
403
+diff -urN syslog-ng-2.0.4.orig/src/cfg-lex.l syslog-ng-2.0.4/src/cfg-lex.l
404
+--- syslog-ng-2.0.4.orig/src/cfg-lex.l	2007-04-19 14:37:16.000000000 -0500
405
++++ syslog-ng-2.0.4/src/cfg-lex.l	2007-07-08 23:38:51.000000000 -0500
406
+@@ -165,6 +165,8 @@
407
+         { "host",               KW_HOST },
408
+         { "match",		KW_MATCH },
409
+         { "netmask",		KW_NETMASK },
410
++	{ "strip",		KW_STRIP },
411
++	{ "replace",		KW_REPLACE },
412
+ 
413
+ 	/* on/off switches */
414
+ 	{ "yes",		KW_YES },
415
+diff -urN syslog-ng-2.0.4.orig/src/filter.c syslog-ng-2.0.4/src/filter.c
416
+--- syslog-ng-2.0.4.orig/src/filter.c	2007-04-29 11:59:54.000000000 -0500
417
++++ syslog-ng-2.0.4/src/filter.c	2007-07-09 00:29:40.000000000 -0500
418
+@@ -226,6 +226,7 @@
419
+ typedef struct _FilterRE
420
+ {
421
+   FilterExprNode super;
422
++  GString *replace;
423
+   regex_t regex;
424
+ } FilterRE;
425
+ 
426
+@@ -310,6 +311,9 @@
427
+ filter_re_free(FilterExprNode *s)
428
+ {
429
+   FilterRE *self = (FilterRE *) s;
430
++
431
++  if (self->replace != NULL)
432
++    g_string_free(self->replace, TRUE);
433
+   
434
+   regfree(&self->regex);
435
+   g_free(s);
436
+@@ -494,3 +498,88 @@
437
+   self->super.eval = filter_netmask_eval;
438
+   return &self->super;
439
+ }
440
++
441
++FilterExprNode *
442
++filter_strip_new(const gchar *re)
443
++{
444
++  if (g_ascii_strcasecmp(re, "ips") == 0)
445
++    return filter_replace_new(re, "0.0.0.0");
446
++
447
++  return filter_replace_new(re, "----");
448
++}
449
++
450
++#define FMIN(a, b) (a) < (b) ? (a) : (b)
451
++#define NEW_MSG_SIZE 2048
452
++
453
++static gboolean
454
++filter_replace_eval(FilterExprNode *s, LogMessage *log)
455
++{
456
++  FilterRE *self = (FilterRE *) s;
457
++  gchar *buffer = log->msg.str;
458
++  gint snippet_size;
459
++  regmatch_t pmatch;
460
++  gchar new_msg[NEW_MSG_SIZE];
461
++  gchar *new_msg_max = new_msg + NEW_MSG_SIZE;
462
++  gchar *new_msg_ptr = new_msg;
463
++  gint replace_length = self->replace->len;
464
++  gint error;
465
++
466
++  error = regexec(&self->regex, buffer, 1, &pmatch, 0);
467
++  if (error)
468
++    return TRUE;
469
++  while (!error)
470
++    {
471
++      /* copy string snippet which preceeds matched text */
472
++      snippet_size = FMIN(pmatch.rm_so, new_msg_max - new_msg_ptr);
473
++      memcpy(new_msg_ptr, buffer, snippet_size);
474
++      new_msg_ptr += snippet_size;
475
++
476
++      /* copy replacement */
477
++      snippet_size = FMIN(replace_length, new_msg_max - new_msg_ptr);
478
++      memcpy(new_msg_ptr, self->replace->str, snippet_size);
479
++      new_msg_ptr += snippet_size;
480
++
481
++      /* search for next match */
482
++      buffer += pmatch.rm_eo;
483
++      error = regexec(&self->regex, buffer, 1, &pmatch, REG_NOTBOL);
484
++    }
485
++
486
++  /* copy the rest of the old message */
487
++  snippet_size = FMIN(log->msg.len, new_msg_max - new_msg_ptr);
488
++  memcpy(new_msg_ptr, buffer, snippet_size);
489
++  new_msg_ptr += snippet_size;
490
++
491
++  g_string_erase(&log->msg, 0, -1);
492
++  g_string_append(&log->msg, new_msg);
493
++
494
++  return TRUE;
495
++}
496
++
497
++FilterExprNode *
498
++filter_replace_new(const gchar *re, const gchar *replacement)
499
++{
500
++  FilterRE *self = g_new0(FilterRE, 1);
501
++  gint regerr;
502
++
503
++  if (!g_ascii_strcasecmp(re, "ips"))
504
++    re = "25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])([\\.\\-](25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])){3}";
505
++
506
++  regerr = regcomp(&self->regex, re, REG_ICASE | REG_EXTENDED);
507
++  if (regerr)
508
++    {
509
++      gchar errorbuf[256];
510
++      regerror(regerr, &self->regex, errorbuf, sizeof(errorbuf));
511
++      msg_error("Error compiling regular expression:",
512
++                evt_tag_str("re", re),
513
++                evt_tag_str("error", errorbuf),
514
++                NULL);
515
++      g_free(self);
516
++      return NULL;
517
++    }
518
++
519
++  self->replace = g_string_new(replacement);
520
++  self->super.eval = filter_replace_eval;
521
++  self->super.free_fn = filter_re_free;
522
++
523
++  return &self->super;
524
++}
525
+diff -urN syslog-ng-2.0.4.orig/src/filter.h syslog-ng-2.0.4/src/filter.h
526
+--- syslog-ng-2.0.4.orig/src/filter.h	2007-04-19 14:37:16.000000000 -0500
527
++++ syslog-ng-2.0.4/src/filter.h	2007-07-09 00:10:57.000000000 -0500
528
+@@ -54,6 +54,8 @@
529
+ FilterExprNode *filter_match_new(gchar *re);
530
+ FilterExprNode *filter_call_new(gchar *rule, struct _GlobalConfig *cfg);
531
+ FilterExprNode *filter_netmask_new(gchar *cidr);
532
++FilterExprNode *filter_strip_new(const gchar *re);
533
++FilterExprNode *filter_replace_new(const gchar *re, const gchar *replacement);
534
+ 
535
+ typedef struct _LogFilterRule
536
+ {
... ...
@@ -0,0 +1,149 @@
1
+#
2
+# Syslog-ng configuration file, compatible with default Debian syslogd
3
+# installation. Originally written by anonymous (I can't find his name)
4
+# Revised, and rewrited by me (SZALAY Attila <sasa@debian.org>)
5
+
6
+# First, set some global options.
7
+options { chain_hostnames(off); sync(0); use_dns(no);
8
+	  owner("root"); group("adm"); perm(0640);
9
+};
10
+
11
+########################
12
+# Sources
13
+########################
14
+# This is the default behavior of sysklogd package
15
+# Logs may come from unix stream, but not from another machine.
16
+#
17
+source src { unix-dgram("/dev/log"); internal();
18
+       	     file("/proc/kmsg" log_prefix("kernel: "));
19
+};
20
+
21
+# If you wish to get logs from remote machine you should uncomment
22
+# this and comment the above source line.
23
+#
24
+#source net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); };
25
+
26
+########################
27
+# Destinations
28
+########################
29
+# First some standard logfile
30
+#
31
+destination auth { file("/var/log/auth.log"); };
32
+destination cron { file("/var/log/cron.log"); };
33
+destination daemon { file("/var/log/daemon.log"); };
34
+destination kern { file("/var/log/kern.log"); };
35
+destination lpr { file("/var/log/lpr.log"); };
36
+destination mail { file("/var/log/mail.log"); };
37
+destination syslog { file("/var/log/syslog.log"); };
38
+destination user { file("/var/log/user.log"); };
39
+destination uucp { file("/var/log/uucp.log"); };
40
+
41
+# This files are the log come from the mail subsystem.
42
+#
43
+destination mailinfo { file("/var/log/mail/mail.info"); };
44
+destination mailwarn { file("/var/log/mail/mail.warn"); };
45
+destination mailerr { file("/var/log/mail/mail.err"); };
46
+
47
+# Logging for INN news system
48
+#
49
+destination newscrit { file("/var/log/news/news.crit"); };
50
+destination newserr { file("/var/log/news/news.err"); };
51
+destination newsnotice { file("/var/log/news/news.notice"); };
52
+
53
+# Some `catch-all' logfiles.
54
+#
55
+destination debug { file("/var/log/debug"); };
56
+destination error { file("/var/log/error"); };
57
+
58
+# The root's console.
59
+#
60
+destination console { usertty("root"); };
61
+
62
+# Virtual console.
63
+#
64
+destination console_all { file("/dev/vc/10"); };
65
+
66
+# The named pipe /dev/xconsole is for the nsole' utility.  To use it,
67
+# you must invoke nsole' with the -file' option:
68
+#
69
+#    $ xconsole -file /dev/xconsole [...]
70
+#
71
+destination xconsole { pipe("/dev/xconsole"); };
72
+
73
+# Send the messages to an other host
74
+#
75
+#destination net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); };
76
+
77
+# Debian only
78
+destination ppp { file("/var/log/ppp.log"); };
79
+
80
+########################
81
+# Filters
82
+########################
83
+# Here's come the filter options. With this rules, we can set which 
84
+# message go where.
85
+
86
+filter dbg { level(debug); };
87
+filter info { level(info); };
88
+filter notice { level(notice); };
89
+filter warn { level(warn); };
90
+filter err { level(err); };
91
+filter crit { level(crit .. emerg); };
92
+
93
+filter debug { level(debug) and not facility(auth, authpriv, news, mail); };
94
+filter error { level(err .. emerg) ; };
95
+
96
+filter auth { facility(auth, authpriv) and not filter(debug); };
97
+filter cron { facility(cron) and not filter(debug); };
98
+filter daemon { facility(daemon) and not filter(debug); };
99
+filter kern { facility(kern) and not filter(debug); };
100
+filter lpr { facility(lpr) and not filter(debug); };
101
+filter local { facility(local0, local1, local3, local4, local5,
102
+                        local6, local7) and not filter(debug); };
103
+filter mail { facility(mail) and not filter(debug); };
104
+filter news { facility(news) and not filter(debug); };
105
+filter syslog { facility(syslog) and not filter(debug); };
106
+filter user { facility(user) and not filter(debug); };
107
+filter uucp { facility(uucp) and not filter(debug); };
108
+
109
+filter cnews { level(notice, err, crit) and facility(news); };
110
+filter cother { level(debug, info, notice, warn) or facility(daemon, mail); };
111
+
112
+filter ppp { facility(local2) and not filter(debug); };
113
+filter console { level(warn .. emerg); };
114
+
115
+########################
116
+# Log paths
117
+########################
118
+log { source(src); filter(auth); destination(auth); };
119
+log { source(src); filter(cron); destination(cron); };
120
+log { source(src); filter(daemon); destination(daemon); };
121
+log { source(src); filter(kern); destination(kern); };
122
+log { source(src); filter(lpr); destination(lpr); };
123
+log { source(src); filter(syslog); destination(syslog); };
124
+log { source(src); filter(user); destination(user); };
125
+log { source(src); filter(uucp); destination(uucp); };
126
+
127
+log { source(src); filter(mail); destination(mail); };
128
+#log { source(src); filter(mail); filter(info); destination(mailinfo); };
129
+#log { source(src); filter(mail); filter(warn); destination(mailwarn); };
130
+#log { source(src); filter(mail); filter(err); destination(mailerr); };
131
+
132
+log { source(src); filter(news); filter(crit); destination(newscrit); };
133
+log { source(src); filter(news); filter(err); destination(newserr); };
134
+log { source(src); filter(news); filter(notice); destination(newsnotice); };
135
+#log { source(src); filter(cnews); destination(console_all); };
136
+#log { source(src); filter(cother); destination(console_all); };
137
+
138
+#log { source(src); filter(ppp); destination(ppp); };
139
+
140
+log { source(src); filter(debug); destination(debug); };
141
+log { source(src); filter(error); destination(error); };
142
+
143
+log { source(src); filter(console); destination(console_all);
144
+				    destination(xconsole); };
145
+log { source(src); filter(crit); destination(console); };
146
+
147
+# All messages send to a remote site
148
+#
149
+#log { source(src); destination(net); };
... ...
@@ -0,0 +1,33 @@
1
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v 1.7 2007/08/02 04:52:18 mr_bones_ Exp $
2
+#
3
+# Syslog-ng default configuration file for Gentoo Linux
4
+# contributed by Michael Sterrett
5
+
6
+options { 
7
+	chain_hostnames(off); 
8
+	sync(0); 
9
+
10
+	# The default action of syslog-ng 1.6.0 is to log a STATS line
11
+	# to the file every 10 minutes.  That's pretty ugly after a while.
12
+	# Change it to every 12 hours so you get a nice daily update of
13
+	# how many messages syslog-ng missed (0).
14
+	stats(43200); 
15
+};
16
+
17
+source src {
18
+    unix-stream("/dev/log" max-connections(256));
19
+    internal();
20
+    file("/proc/kmsg");
21
+};
22
+
23
+destination messages { file("/var/log/messages"); };
24
+
25
+# By default messages are logged to tty12...
26
+destination console_all { file("/dev/tty12"); };
27
+# ...if you intend to use /dev/console for programs like xconsole
28
+# you can comment out the destination line above that references /dev/tty12
29
+# and uncomment the line below.
30
+#destination console_all { file("/dev/console"); };
31
+
32
+log { source(src); destination(messages); };
33
+log { source(src); destination(console_all); };
... ...
@@ -0,0 +1,20 @@
1
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.fbsd,v 1.1 2007/03/27 07:38:41 mr_bones_ Exp $
2
+#
3
+# Syslog-ng default configuration file for Gentoo FreeBSD
4
+# contributed by Tiziano Mülle
5
+options {
6
+	chain_hostnames(off);
7
+	sync(0);
8
+
9
+	# The default action of syslog-ng 1.6.0 is to log a STATS line
10
+	# to the file every 10 minutes.  That's pretty ugly after a while.
11
+	# Change it to every 12 hours so you get a nice daily update of
12
+	# how many messages syslog-ng missed (0).
13
+	stats(43200);
14
+};
15
+
16
+source src { unix-dgram("/var/run/log"); file("/dev/klog"); internal(); };
17
+
18
+destination messages { file("/var/log/messages"); };
19
+
20
+log { source(src); destination(messages); };
... ...
@@ -0,0 +1,102 @@
1
+# Copyright 2005 Gentoo Foundation
2
+# Distributed under the terms of the GNU General Public License v2
3
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened,v 1.4 2006/07/12 23:59:59 solar Exp $
4
+
5
+#
6
+# Syslog-ng configuration file, compatible with default hardened installations.
7
+#
8
+
9
+options { chain_hostnames(off); sync(0); };
10
+
11
+source src { unix-stream("/dev/log"); internal(); };
12
+source kernsrc { file("/proc/kmsg"); };
13
+#source net { udp(); };
14
+
15
+destination authlog { file("/var/log/auth.log"); };
16
+destination syslog { file("/var/log/syslog"); };
17
+destination cron { file("/var/log/cron.log"); };
18
+destination daemon { file("/var/log/daemon.log"); };
19
+destination kern { file("/var/log/kern.log"); file("/dev/tty12"); };
20
+destination lpr { file("/var/log/lpr.log"); };
21
+destination user { file("/var/log/user.log"); };
22
+destination uucp { file("/var/log/uucp.log"); };
23
+#destination ppp { file("/var/log/ppp.log"); };
24
+destination mail { file("/var/log/mail.log"); };
25
+
26
+destination avc { file("/var/log/avc.log"); };
27
+destination audit { file("/var/log/audit.log"); };
28
+destination pax { file("/var/log/pax.log"); };
29
+destination grsec { file("/var/log/grsec.log"); };
30
+
31
+destination mailinfo { file("/var/log/mail.info"); };
32
+destination mailwarn { file("/var/log/mail.warn"); };
33
+destination mailerr { file("/var/log/mail.err"); };
34
+
35
+destination newscrit { file("/var/log/news/news.crit"); };
36
+destination newserr { file("/var/log/news/news.err"); };
37
+destination newsnotice { file("/var/log/news/news.notice"); };
38
+
39
+destination debug { file("/var/log/debug"); };
40
+destination messages { file("/var/log/messages"); };
41
+destination console { usertty("root"); };
42
+destination console_all { file("/dev/tty12"); };
43
+#destination loghost { udp("loghost" port(999)); };
44
+
45
+destination xconsole { pipe("/dev/xconsole"); };
46
+
47
+filter f_auth { facility(auth); };
48
+filter f_authpriv { facility(auth, authpriv); };
49
+filter f_syslog { not facility(authpriv, mail); };
50
+filter f_cron { facility(cron); };
51
+filter f_daemon { facility(daemon); };
52
+filter f_kern { facility(kern); };
53
+filter f_lpr { facility(lpr); };
54
+filter f_mail { facility(mail); };
55
+filter f_user { facility(user); };
56
+filter f_uucp { facility(uucp); };
57
+#filter f_ppp { facility(ppp); };
58
+filter f_news { facility(news); };
59
+filter f_debug { not facility(auth, authpriv, news, mail); };
60
+filter f_messages { level(info..warn) 
61
+	and not facility(auth, authpriv, mail, news); };
62
+filter f_emergency { level(emerg); };
63
+
64
+filter f_info { level(info); };
65
+
66
+filter f_notice { level(notice); };
67
+filter f_warn { level(warn); };
68
+filter f_crit { level(crit); };
69
+filter f_err { level(err); };
70
+
71
+filter f_avc { match(".*avc: .*"); };
72
+filter f_audit { match("^audit.*") and not match(".*avc: .*"); };
73
+filter f_pax { match("^PAX:.*"); };
74
+filter f_grsec { match("^grsec:.*"); };
75
+
76
+log { source(src); filter(f_authpriv); destination(authlog); };
77
+log { source(src); filter(f_syslog); destination(syslog); };
78
+log { source(src); filter(f_cron); destination(cron); };
79
+log { source(src); filter(f_daemon); destination(daemon); };
80
+log { source(kernsrc); filter(f_kern); destination(kern); };
81
+log { source(src); filter(f_lpr); destination(lpr); };
82
+log { source(src); filter(f_mail); destination(mail); };
83
+log { source(src); filter(f_user); destination(user); };
84
+log { source(src); filter(f_uucp); destination(uucp); };
85
+log { source(kernsrc); filter(f_pax); destination(pax); };
86
+log { source(kernsrc); filter(f_grsec); destination(grsec); };
87
+log { source(kernsrc); filter(f_audit); destination(audit); };
88
+log { source(kernsrc); filter(f_avc); destination(avc); };
89
+log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };
90
+log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };
91
+log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };
92
+log { source(src); filter(f_news); filter(f_crit); destination(newscrit); };
93
+log { source(src); filter(f_news); filter(f_err); destination(newserr); };
94
+log { source(src); filter(f_news); filter(f_notice); destination(newsnotice); };
95
+log { source(src); filter(f_debug); destination(debug); };
96
+log { source(src); filter(f_messages); destination(messages); };
97
+log { source(src); filter(f_emergency); destination(console); };
98
+#log { source(src); filter(f_ppp); destination(ppp); };
99
+log { source(src); destination(console_all); };
100
+
101
+
102
+
... ...
@@ -0,0 +1,6 @@
1
+# Config file for /etc/init.d/syslog-ng
2
+
3
+# Put any additional options for syslog-ng here.
4
+# See syslog-ng(8) for more information.
5
+
6
+SYSLOG_NG_OPTS=""
... ...
@@ -0,0 +1,12 @@
1
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate,v 1.2 2004/07/18 02:25:02 dragonheart Exp $
2
+#
3
+# Syslog-ng logrotate snippet for Gentoo Linux
4
+# contributed by Michael Sterrett
5
+#
6
+
7
+/var/log/messages {
8
+    sharedscripts
9
+    postrotate
10
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
11
+    endscript
12
+}
... ...
@@ -0,0 +1,73 @@
1
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate.hardened,v 1.2 2007/07/26 20:58:01 mr_bones_ Exp $
2
+#
3
+# Syslog-ng logrotate snippet for Hardened Gentoo Linux
4
+# contributed by Maciej Grela
5
+#
6
+
7
+# Generic
8
+/var/log/debug /var/log/syslog /var/log/kern.log {
9
+    sharedscripts
10
+    postrotate
11
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
12
+    endscript
13
+}
14
+
15
+# System services
16
+/var/log/cron.log /var/log/daemon.log /var/log/lpr.log /var/log/uucp.log {
17
+    sharedscripts
18
+    missingok
19
+    postrotate
20
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
21
+    endscript
22
+}
23
+
24
+# User log
25
+/var/log/user.log {
26
+    sharedscripts
27
+    postrotate
28
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
29
+    endscript
30
+}
31
+
32
+# News system
33
+/var/log/news/news.crit /var/log/news/news.err /var/log/news/news.notice {
34
+    sharedscripts
35
+    missingok
36
+    postrotate
37
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
38
+    endscript
39
+}
40
+
41
+# Mail system
42
+/var/log/mail.log /var/log/mail.info /var/log/mail.err /var/log/mail.warn {
43
+    sharedscripts
44
+    missingok
45
+    postrotate
46
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
47
+    endscript
48
+}
49
+
50
+# Hardened logs
51
+/var/log/avc.log /var/log/audit.log /var/log/pax.log /var/log/grsec.log {
52
+    sharedscripts
53
+    missingok
54
+    postrotate
55
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
56
+    endscript
57
+}
58
+
59
+# Authentication
60
+/var/log/auth.log {
61
+    sharedscripts
62
+    postrotate
63
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
64
+    endscript
65
+}
66
+
67
+# the rest
68
+/var/log/messages {
69
+    sharedscripts
70
+    postrotate
71
+        /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true
72
+    endscript
73
+}
... ...
@@ -0,0 +1,53 @@
1
+#!/sbin/runscript
2
+# Copyright 1999-2004 Gentoo Foundation
3
+# Distributed under the terms of the GNU General Public License v2
4
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.rc6,v 1.18 2006/11/02 20:51:37 mr_bones_ Exp $
5
+
6
+opts="depend checkconfig start stop reload"
7
+
8
+depend() {
9
+	# Make networking dependency conditional on configuration
10
+	case $(sed 's/#.*//' /etc/syslog-ng/syslog-ng.conf) in
11
+		*source*tcp*|*source*udp*|*destination*tcp*|*destination*udp*)
12
+			need net ;;
13
+	esac
14
+
15
+	need clock hostname
16
+	provide logger
17
+}
18
+
19
+checkconfig() {
20
+	if [ ! -e /etc/syslog-ng/syslog-ng.conf ] ; then
21
+		eerror "You need to create /etc/syslog-ng/syslog-ng.conf first."
22
+		eerror "An example can be found in /etc/syslog-ng/syslog-ng.conf.sample"
23
+		return 1
24
+	fi
25
+	syslog-ng -s /etc/syslog-ng/syslog-ng.conf
26
+	eend $? "Configuration error. Please fix your configfile (/etc/syslog-ng/syslog-ng.conf)"
27
+}
28
+
29
+start() {
30
+	checkconfig || return 1
31
+	ebegin "Starting syslog-ng"
32
+	[[ -n ${SYSLOG_NG_OPTS} ]] && SYSLOG_NG_OPTS="-- ${SYSLOG_NG_OPTS}"
33
+	start-stop-daemon --start --quiet --exec /usr/sbin/syslog-ng ${SYSLOG_NG_OPTS}
34
+	eend $? "Failed to start syslog-ng"
35
+}
36
+
37
+stop() {
38
+	ebegin "Stopping syslog-ng"
39
+	start-stop-daemon --stop --quiet --pidfile /var/run/syslog-ng.pid
40
+	eend $? "Failed to stop syslog-ng"
41
+	sleep 1 # needed for syslog-ng to stop in case we're restarting
42
+}
43
+
44
+reload() {
45
+	if [ ! -f /var/run/syslog-ng.pid ]; then
46
+		eerror "syslog-ng isn't running"
47
+		return 1
48
+	fi
49
+	checkconfig || return 1
50
+	ebegin "Reloading configuration and re-opening log files"
51
+	kill -HUP `cat /var/run/syslog-ng.pid` &>/dev/null
52
+	eend $?
53
+}
... ...
@@ -0,0 +1,59 @@
1
+#!/sbin/runscript
2
+# Copyright 1999-2004 Gentoo Foundation
3
+# Distributed under the terms of the GNU General Public License v2
4
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.rc6-r1,v 1.6 2007/10/02 23:01:00 mr_bones_ Exp $
5
+
6
+opts="checkconfig reload"
7
+
8
+depend() {
9
+	# Make networking dependency conditional on configuration
10
+	case $(sed 's/#.*//' /etc/syslog-ng/syslog-ng.conf) in
11
+		*source*tcp*|*source*udp*|*destination*tcp*|*destination*udp*)
12
+			need net ;;
13
+	esac
14
+
15
+	# kludge for baselayout-1 compatibility
16
+	[ -z "${svclib}" ] && config /etc/syslog-ng/syslog-ng.conf
17
+	need clock hostname localmount
18
+	provide logger
19
+}
20
+
21
+checkconfig() {
22
+	if [ ! -e /etc/syslog-ng/syslog-ng.conf ] ; then
23
+		eerror "You need to create /etc/syslog-ng/syslog-ng.conf first."
24
+		eerror "An example can be found in /etc/syslog-ng/syslog-ng.conf.sample"
25
+		return 1
26
+	fi
27
+	syslog-ng -s /etc/syslog-ng/syslog-ng.conf
28
+	
29
+	# the start and reload functions have their own eends so 
30
+	# avoid calling this twice when there are no problems
31
+	[ $? -eq 0 ] || eend $? "Configuration error. Please fix your configfile (/etc/syslog-ng/syslog-ng.conf)"
32
+}
33
+
34
+start() {
35
+	checkconfig || return 1
36
+	ebegin "Starting syslog-ng"
37
+	[ -n "${SYSLOG_NG_OPTS}" ] && SYSLOG_NG_OPTS="-- ${SYSLOG_NG_OPTS}"
38
+	start-stop-daemon --start --quiet --exec /usr/sbin/syslog-ng ${SYSLOG_NG_OPTS}
39
+	eend $? "Failed to start syslog-ng"
40
+}
41
+
42
+stop() {
43
+	ebegin "Stopping syslog-ng"
44
+	start-stop-daemon --stop --quiet --pidfile /var/run/syslog-ng.pid
45
+	eend $? "Failed to stop syslog-ng"
46
+	sleep 1 # needed for syslog-ng to stop in case we're restarting
47
+}
48
+
49
+reload() {
50
+	if [ ! -f /var/run/syslog-ng.pid ]; then
51
+		eerror "syslog-ng isn't running"
52
+		return 1
53
+	fi
54
+	checkconfig || return 1
55
+	ebegin "Reloading configuration and re-opening log files"
56
+	start-stop-daemon --stop --oknodo --signal HUP \
57
+	    --pidfile /var/run/syslog-ng.pid
58
+	eend $?
59
+}
... ...
@@ -0,0 +1,85 @@
1
+# Copyright 1999-2007 Gentoo Foundation
2
+# Distributed under the terms of the GNU General Public License v2
3
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/syslog-ng-2.0.5.ebuild,v 1.1 2007/07/25 03:58:38 mr_bones_ Exp $
4
+
5
+inherit fixheadtails
6
+
7
+MY_PV=${PV/_/}
8
+DESCRIPTION="syslog replacement with advanced filtering features"
9
+HOMEPAGE="http://www.balabit.com/products/syslog_ng/"
10
+SRC_URI="http://www.balabit.com/downloads/files/syslog-ng/sources/2.0/src/${P}.tar.gz"
11
+
12
+LICENSE="GPL-2"
13
+SLOT="0"
14
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
15
+IUSE="hardened ipv6 selinux spoof-source static tcpd"
16
+
17
+RDEPEND=">=dev-libs/eventlog-0.2
18
+	spoof-source? ( net-libs/libnet )
19
+	tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
20
+	>=dev-libs/glib-2.2"
21
+DEPEND="${RDEPEND}
22
+	sys-devel/flex"
23
+PROVIDE="virtual/logger"
24
+
25
+src_unpack() {
26
+	unpack ${A}
27
+	cd "${S}"
28
+	epatch "${FILESDIR}/syslog-ng-anon-2.0.4.diff"
29
+	ht_fix_file configure
30
+	cd "${S}/doc/reference"
31
+	tar xzf syslog-ng.html.tar.gz || die "tar failed"
32
+}
33
+
34
+src_compile() {
35
+	econf \
36
+		--sysconfdir=/etc/syslog-ng \
37
+		--disable-dependency-tracking \
38
+		$(use_enable ipv6) \
39
+		$(use_enable !static dynamic-linking) \
40
+		$(use_enable static static-linking) \
41
+		$(use_enable spoof-source) \
42
+		$(use_enable tcpd tcp-wrapper) \
43
+		|| die
44
+	emake || die "emake failed"
45
+}
46
+
47
+src_install() {
48
+	emake DESTDIR="${D}" install || die "emake install failed"
49
+
50
+	dodoc AUTHORS ChangeLog NEWS README \
51
+		doc/examples/{syslog-ng.conf.sample,syslog-ng.conf.solaris} \
52
+		contrib/syslog-ng.conf* \
53
+		doc/reference/syslog-ng.txt \
54
+		contrib/syslog2ng "${FILESDIR}/syslog-ng.conf."*
55
+	dohtml doc/reference/syslog-ng.html/*
56
+
57
+	# Install default configuration
58
+	insinto /etc/syslog-ng
59
+	if use hardened || use selinux ; then
60
+		newins "${FILESDIR}/syslog-ng.conf.gentoo.hardened" syslog-ng.conf
61
+	elif use userland_BSD ; then
62
+		newins "${FILESDIR}/syslog-ng.conf.gentoo.fbsd" syslog-ng.conf
63
+	else
64
+		newins "${FILESDIR}/syslog-ng.conf.gentoo" syslog-ng.conf
65
+	fi
66
+
67
+	insinto /etc/logrotate.d
68
+	# Install snippet for logrotate, which may or may not be installed
69
+	if use hardened || use selinux ; then
70
+		newins "${FILESDIR}/syslog-ng.logrotate.hardened" syslog-ng
71
+	else
72
+		newins "${FILESDIR}/syslog-ng.logrotate" syslog-ng
73
+	fi
74
+
75
+	newinitd "${FILESDIR}/syslog-ng.rc6-r1" syslog-ng
76
+	newconfd "${FILESDIR}/syslog-ng.confd" syslog-ng
77
+}
78
+
79
+pkg_postinst() {
80
+	echo
81
+	elog "It is highly recommended that app-admin/logrotate be emerged to"
82
+	elog "manage the log files.  ${PN} installs a file in /etc/logrotate.d"
83
+	elog "for logrotate to use."
84
+	echo
85
+}
0 86