Bernd Wurst commited on 2007-10-24 16:30:26
Zeige 13 geänderte Dateien mit 0 Einfügungen und 1179 Löschungen.
... | ... |
@@ -1,48 +0,0 @@ |
1 |
-AUX syslog-ng-anon-2.0.4.diff 16854 RMD160 602aa45f8cd01415b202d2210d6765cc2352e720 SHA1 cd9f009a7f835045692eaf73d69d464a39a0b2b2 SHA256 ecc05be8fdcf1128ee0ccaea7290027609042ae966dd35e86310c29009cbe380 |
|
2 |
-MD5 660726d013b2a3b122e5c9ea66580011 files/syslog-ng-anon-2.0.4.diff 16854 |
|
3 |
-RMD160 602aa45f8cd01415b202d2210d6765cc2352e720 files/syslog-ng-anon-2.0.4.diff 16854 |
|
4 |
-SHA256 ecc05be8fdcf1128ee0ccaea7290027609042ae966dd35e86310c29009cbe380 files/syslog-ng-anon-2.0.4.diff 16854 |
|
5 |
-AUX syslog-ng.conf.debian 5445 RMD160 c3c2f319d437bb2548226f4f78db96cd6210c7cc SHA1 80256f810a5b87adf5b39320eb4b5758ba3003a0 SHA256 74943e12a92b415306e2fca27056a839fa7ce443ccd08fdafcfac9bcba08a1c3 |
|
6 |
-MD5 b9cf104e2020c2d8c5fa164b6f54de5c files/syslog-ng.conf.debian 5445 |
|
7 |
-RMD160 c3c2f319d437bb2548226f4f78db96cd6210c7cc files/syslog-ng.conf.debian 5445 |
|
8 |
-SHA256 74943e12a92b415306e2fca27056a839fa7ce443ccd08fdafcfac9bcba08a1c3 files/syslog-ng.conf.debian 5445 |
|
9 |
-AUX syslog-ng.conf.gentoo 1100 RMD160 02b1b6230d509369a86ac9e26c374f7972fbed9f SHA1 a27db752c611786062ac8e0d2e902c038d6323b2 SHA256 fbe8e8f7143748212d0726ad3ee6eed7479018eef788cdeee6796ae78cbdc96a |
|
10 |
-MD5 9df476673c4f296fed44e21ca3cbd136 files/syslog-ng.conf.gentoo 1100 |
|
11 |
-RMD160 02b1b6230d509369a86ac9e26c374f7972fbed9f files/syslog-ng.conf.gentoo 1100 |
|
12 |
-SHA256 fbe8e8f7143748212d0726ad3ee6eed7479018eef788cdeee6796ae78cbdc96a files/syslog-ng.conf.gentoo 1100 |
|
13 |
-AUX syslog-ng.conf.gentoo.fbsd 702 RMD160 2fb49bab8ccc7ce763156ef14dbff858d7e6b416 SHA1 1a6bd708009fd6d18516d66a34bd9cb9ec7c3eed SHA256 ab54cc3e5595fad1b362039932ee8a7d7e852ebda3f08bb20ecc19c1be830751 |
|
14 |
-MD5 37af1755a1b1003fa49b4fd7197e268e files/syslog-ng.conf.gentoo.fbsd 702 |
|
15 |
-RMD160 2fb49bab8ccc7ce763156ef14dbff858d7e6b416 files/syslog-ng.conf.gentoo.fbsd 702 |
|
16 |
-SHA256 ab54cc3e5595fad1b362039932ee8a7d7e852ebda3f08bb20ecc19c1be830751 files/syslog-ng.conf.gentoo.fbsd 702 |
|
17 |
-AUX syslog-ng.conf.gentoo.hardened 4346 RMD160 18932d56ce748454941859dc04c417791184a84d SHA1 8773391798882c4120af039a073d670be5bb9d86 SHA256 110478ff3805ee917488b874fbdbb4b48f9f2b02840f83a0a1d967925ebe3552 |
|
18 |
-MD5 f33373c704c59b3141123ef16fc3e85d files/syslog-ng.conf.gentoo.hardened 4346 |
|
19 |
-RMD160 18932d56ce748454941859dc04c417791184a84d files/syslog-ng.conf.gentoo.hardened 4346 |
|
20 |
-SHA256 110478ff3805ee917488b874fbdbb4b48f9f2b02840f83a0a1d967925ebe3552 files/syslog-ng.conf.gentoo.hardened 4346 |
|
21 |
-AUX syslog-ng.confd 150 RMD160 b5ab31e1c285fdd2f41324abc2c6b39bce59038d SHA1 c5df6ef1eca2a169fb3073816d4a06b7c85c0b0c SHA256 8319ca8e39a5dab5ddc82eede088e1f58ff25deef330804648000359cb736a3f |
|
22 |
-MD5 252ddaf4e3475b15b715b62f6c149fc1 files/syslog-ng.confd 150 |
|
23 |
-RMD160 b5ab31e1c285fdd2f41324abc2c6b39bce59038d files/syslog-ng.confd 150 |
|
24 |
-SHA256 8319ca8e39a5dab5ddc82eede088e1f58ff25deef330804648000359cb736a3f files/syslog-ng.confd 150 |
|
25 |
-AUX syslog-ng.logrotate 342 RMD160 ef72b796f96af38c421f2acc04ac3bed4c42de0e SHA1 77de0e56d3afb784d92b6e79f94a368952172eff SHA256 5a8a52e3832333eba51969d41cb6ae18e0a80d1e1ada39595dbc5f5075f91375 |
|
26 |
-MD5 fe66a527c7f36a560197b4187ad6d9db files/syslog-ng.logrotate 342 |
|
27 |
-RMD160 ef72b796f96af38c421f2acc04ac3bed4c42de0e files/syslog-ng.logrotate 342 |
|
28 |
-SHA256 5a8a52e3832333eba51969d41cb6ae18e0a80d1e1ada39595dbc5f5075f91375 files/syslog-ng.logrotate 342 |
|
29 |
-AUX syslog-ng.logrotate.hardened 1696 RMD160 9f22685778cf6d9c54ab899e586650e356a66498 SHA1 2c40af7591dac343047ac7a517c4ee8a5cb5f0a7 SHA256 e4530dab9b9d3c1a78bc1349e4ae647a6747b0aba7b3d5192f029281d71c89bf |
|
30 |
-MD5 2adc9517b1dc66ebb76a40848178b937 files/syslog-ng.logrotate.hardened 1696 |
|
31 |
-RMD160 9f22685778cf6d9c54ab899e586650e356a66498 files/syslog-ng.logrotate.hardened 1696 |
|
32 |
-SHA256 e4530dab9b9d3c1a78bc1349e4ae647a6747b0aba7b3d5192f029281d71c89bf files/syslog-ng.logrotate.hardened 1696 |
|
33 |
-AUX syslog-ng.rc6 1615 RMD160 8cb414bc09c48fdb591320203947035f9c32e968 SHA1 3752874ee7d35cfb9ca92664f19caf5f187d6d5d SHA256 d4e574597148ae1b7009a9bc14df97c0b7b05e54f61619607e532984b5903b73 |
|
34 |
-MD5 b74c976f08eb333cd29db85f69ba5c36 files/syslog-ng.rc6 1615 |
|
35 |
-RMD160 8cb414bc09c48fdb591320203947035f9c32e968 files/syslog-ng.rc6 1615 |
|
36 |
-SHA256 d4e574597148ae1b7009a9bc14df97c0b7b05e54f61619607e532984b5903b73 files/syslog-ng.rc6 1615 |
|
37 |
-AUX syslog-ng.rc6-r1 1879 RMD160 846e8019a15887f3b95939cae25a04139a9697cf SHA1 a8c2c35ac85c65586d3d647698b4a24367d0840f SHA256 b894e6c5f860d81942467fa1449a3e9bf70779fe8ac288fa77b0feab811d4343 |
|
38 |
-MD5 3e699d770cbccadf59d1630426be3947 files/syslog-ng.rc6-r1 1879 |
|
39 |
-RMD160 846e8019a15887f3b95939cae25a04139a9697cf files/syslog-ng.rc6-r1 1879 |
|
40 |
-SHA256 b894e6c5f860d81942467fa1449a3e9bf70779fe8ac288fa77b0feab811d4343 files/syslog-ng.rc6-r1 1879 |
|
41 |
-DIST syslog-ng-2.0.5.tar.gz 363064 RMD160 feb568ca325259301ed320e53d09a7be0b6edf41 SHA1 f514e2d2ae7831298e71d6fa9cc1817f7038431c SHA256 34862f87d9d404ad4874d95ee871334f5bc2acad65420f672ad2ee286ab660a1 |
|
42 |
-EBUILD syslog-ng-2.0.5-r1.ebuild 2559 RMD160 54f4fde6a40d048487e3e42595f0c640e2399757 SHA1 e35436d2a3d28f6eeb06287e868291bd2c23f344 SHA256 ee2f06d4beba22ab3f2cc8ea92bb82de89faf99aa34ca6a2d85e77df4636f309 |
|
43 |
-MD5 c46b646a2d9a42a8f2ce25d0401db81f syslog-ng-2.0.5-r1.ebuild 2559 |
|
44 |
-RMD160 54f4fde6a40d048487e3e42595f0c640e2399757 syslog-ng-2.0.5-r1.ebuild 2559 |
|
45 |
-SHA256 ee2f06d4beba22ab3f2cc8ea92bb82de89faf99aa34ca6a2d85e77df4636f309 syslog-ng-2.0.5-r1.ebuild 2559 |
|
46 |
-MD5 cefbf1bbbac4106cecbdd48967e70bd7 files/digest-syslog-ng-2.0.5-r1 247 |
|
47 |
-RMD160 d37b1f38accd90e59e5b5fbee9d74382a4987a97 files/digest-syslog-ng-2.0.5-r1 247 |
|
48 |
-SHA256 4d5aae112aa2c494fa93fc4ea74360d6d072436d394d25bd5ca3d71ccdb88858 files/digest-syslog-ng-2.0.5-r1 247 |
... | ... |
@@ -1,536 +0,0 @@ |
1 |
-diff -urN syslog-ng-2.0.4.orig/doc/examples/syslog-ng-anon.conf syslog-ng-2.0.4/doc/examples/syslog-ng-anon.conf |
|
2 |
---- syslog-ng-2.0.4.orig/doc/examples/syslog-ng-anon.conf 1969-12-31 18:00:00.000000000 -0600 |
|
3 |
-+++ syslog-ng-2.0.4/doc/examples/syslog-ng-anon.conf 2007-07-08 23:32:28.000000000 -0500 |
|
4 |
-@@ -0,0 +1,243 @@ |
|
5 |
-+# |
|
6 |
-+# Configuration file for syslog-ng under Debian. |
|
7 |
-+# Customized for riseup.net using syslog-ng-anon patch |
|
8 |
-+# (http://dev.riseup.net/patches/syslog-ng/) |
|
9 |
-+# |
|
10 |
-+# see http://www.campin.net/syslog-ng/expanded-syslog-ng.conf |
|
11 |
-+# for examples. |
|
12 |
-+# |
|
13 |
-+# levels: emerg alert crit err warning notice info debug |
|
14 |
-+# |
|
15 |
-+ |
|
16 |
-+############################################################ |
|
17 |
-+## global options |
|
18 |
-+ |
|
19 |
-+options { |
|
20 |
-+ chain_hostnames(0); |
|
21 |
-+ time_reopen(10); |
|
22 |
-+ time_reap(360); |
|
23 |
-+ sync(0); |
|
24 |
-+ log_fifo_size(2048); |
|
25 |
-+ create_dirs(yes); |
|
26 |
-+ group(adm); |
|
27 |
-+ perm(0640); |
|
28 |
-+ dir_perm(0755); |
|
29 |
-+ use_dns(no); |
|
30 |
-+}; |
|
31 |
-+ |
|
32 |
-+############################################################ |
|
33 |
-+## universal source |
|
34 |
-+ |
|
35 |
-+source s_all { |
|
36 |
-+ internal(); |
|
37 |
-+ unix-stream("/dev/log"); |
|
38 |
-+ file("/proc/kmsg" log_prefix("kernel: ")); |
|
39 |
-+}; |
|
40 |
-+ |
|
41 |
-+############################################################ |
|
42 |
-+## generic destinations |
|
43 |
-+ |
|
44 |
-+destination df_facility_dot_info { file("/var/log/$FACILITY.info"); }; |
|
45 |
-+destination df_facility_dot_notice { file("/var/log/$FACILITY.notice"); }; |
|
46 |
-+destination df_facility_dot_warn { file("/var/log/$FACILITY.warn"); }; |
|
47 |
-+destination df_facility_dot_err { file("/var/log/$FACILITY.err"); }; |
|
48 |
-+destination df_facility_dot_crit { file("/var/log/$FACILITY.crit"); }; |
|
49 |
-+ |
|
50 |
-+############################################################ |
|
51 |
-+## generic filters |
|
52 |
-+ |
|
53 |
-+filter f_strip { strip(ips); }; |
|
54 |
-+filter f_at_least_info { level(info..emerg); }; |
|
55 |
-+filter f_at_least_notice { level(notice..emerg); }; |
|
56 |
-+filter f_at_least_warn { level(warn..emerg); }; |
|
57 |
-+filter f_at_least_err { level(err..emerg); }; |
|
58 |
-+filter f_at_least_crit { level(crit..emerg); }; |
|
59 |
-+ |
|
60 |
-+############################################################ |
|
61 |
-+## auth.log |
|
62 |
-+ |
|
63 |
-+filter f_auth { facility(auth, authpriv); }; |
|
64 |
-+destination df_auth { file("/var/log/auth.log"); }; |
|
65 |
-+log { |
|
66 |
-+ source(s_all); |
|
67 |
-+ filter(f_auth); |
|
68 |
-+ destination(df_auth); |
|
69 |
-+}; |
|
70 |
-+ |
|
71 |
-+############################################################ |
|
72 |
-+## daemon.log |
|
73 |
-+ |
|
74 |
-+filter f_daemon { facility(daemon); }; |
|
75 |
-+destination df_daemon { file("/var/log/daemon.log"); }; |
|
76 |
-+log { |
|
77 |
-+ source(s_all); |
|
78 |
-+ filter(f_daemon); |
|
79 |
-+ destination(df_daemon); |
|
80 |
-+}; |
|
81 |
-+ |
|
82 |
-+############################################################ |
|
83 |
-+## kern.log |
|
84 |
-+ |
|
85 |
-+filter f_kern { facility(kern); }; |
|
86 |
-+destination df_kern { file("/var/log/kern.log"); }; |
|
87 |
-+log { |
|
88 |
-+ source(s_all); |
|
89 |
-+ filter(f_kern); |
|
90 |
-+ destination(df_kern); |
|
91 |
-+}; |
|
92 |
-+ |
|
93 |
-+############################################################ |
|
94 |
-+## user.log |
|
95 |
-+ |
|
96 |
-+filter f_user { facility(user); }; |
|
97 |
-+destination df_user { file("/var/log/user.log"); }; |
|
98 |
-+log { |
|
99 |
-+ source(s_all); |
|
100 |
-+ filter(f_user); |
|
101 |
-+ destination(df_user); |
|
102 |
-+}; |
|
103 |
-+ |
|
104 |
-+############################################################ |
|
105 |
-+## sympa.log |
|
106 |
-+ |
|
107 |
-+filter f_sympa { program("^(sympa|bounced|archived|task_manager)"); }; |
|
108 |
-+destination d_sympa { file("/var/log/sympa.log"); }; |
|
109 |
-+log { |
|
110 |
-+ source(s_all); |
|
111 |
-+ filter(f_sympa); |
|
112 |
-+ destination(d_sympa); |
|
113 |
-+ flags(final); |
|
114 |
-+}; |
|
115 |
-+ |
|
116 |
-+############################################################ |
|
117 |
-+## wwsympa.log |
|
118 |
-+ |
|
119 |
-+filter f_wwsympa { program("^wwsympa"); }; |
|
120 |
-+destination d_wwsympa { file("/var/log/wwsympa.log"); }; |
|
121 |
-+log { |
|
122 |
-+ source(s_all); |
|
123 |
-+ filter(f_wwsympa); |
|
124 |
-+ filter(f_strip); |
|
125 |
-+ destination(d_wwsympa); |
|
126 |
-+ flags(final); |
|
127 |
-+}; |
|
128 |
-+ |
|
129 |
-+############################################################ |
|
130 |
-+## ldap.log |
|
131 |
-+ |
|
132 |
-+filter f_ldap { program("slapd"); }; |
|
133 |
-+destination d_ldap { file("/var/log/ldap.log"); }; |
|
134 |
-+log { |
|
135 |
-+ source(s_all); |
|
136 |
-+ filter(f_ldap); |
|
137 |
-+ destination(d_ldap); |
|
138 |
-+ flags(final); |
|
139 |
-+}; |
|
140 |
-+ |
|
141 |
-+############################################################ |
|
142 |
-+## postfix.log |
|
143 |
-+ |
|
144 |
-+# special source because of chroot jail |
|
145 |
-+#source s_postfix { unix-stream("/var/spool/postfix/dev/log" keep-alive(yes)); }; |
|
146 |
-+filter f_postfix { program("^postfix/"); }; |
|
147 |
-+destination d_postfix { file("/var/log/postfix.log"); }; |
|
148 |
-+log { |
|
149 |
-+ source(s_all); |
|
150 |
-+ filter(f_postfix); |
|
151 |
-+ filter(f_strip); |
|
152 |
-+ destination(d_postfix); |
|
153 |
-+ flags(final); |
|
154 |
-+}; |
|
155 |
-+ |
|
156 |
-+############################################################ |
|
157 |
-+## courier.log |
|
158 |
-+ |
|
159 |
-+filter f_courier { program("courier|imap|pop"); }; |
|
160 |
-+destination d_courier { file("/var/log/courier.log"); }; |
|
161 |
-+log { |
|
162 |
-+ source(s_all); |
|
163 |
-+ filter(f_courier); |
|
164 |
-+ filter(f_strip); |
|
165 |
-+ destination(d_courier); |
|
166 |
-+ flags(final); |
|
167 |
-+}; |
|
168 |
-+ |
|
169 |
-+############################################################ |
|
170 |
-+## maildrop.log |
|
171 |
-+ |
|
172 |
-+filter f_maildrop { program("^maildrop"); }; |
|
173 |
-+destination d_maildrop { file("/var/log/maildrop.log"); }; |
|
174 |
-+log { |
|
175 |
-+ source(s_all); |
|
176 |
-+ filter(f_maildrop); |
|
177 |
-+ destination(d_courier); |
|
178 |
-+ flags(final); |
|
179 |
-+}; |
|
180 |
-+ |
|
181 |
-+############################################################ |
|
182 |
-+## mail.log |
|
183 |
-+ |
|
184 |
-+filter f_mail { facility(mail); }; |
|
185 |
-+destination df_mail { file("/var/log/mail.log"); }; |
|
186 |
-+ |
|
187 |
-+log { |
|
188 |
-+ source(s_all); |
|
189 |
-+ filter(f_mail); |
|
190 |
-+ destination(df_mail); |
|
191 |
-+}; |
|
192 |
-+ |
|
193 |
-+############################################################ |
|
194 |
-+## messages.log |
|
195 |
-+ |
|
196 |
-+filter f_messages { |
|
197 |
-+ level(debug,info,notice) |
|
198 |
-+ and not facility(auth,authpriv,daemon,mail,user,kern); |
|
199 |
-+}; |
|
200 |
-+destination df_messages { file("/var/log/messages.log"); }; |
|
201 |
-+log { |
|
202 |
-+ source(s_all); |
|
203 |
-+ filter(f_messages); |
|
204 |
-+ destination(df_messages); |
|
205 |
-+}; |
|
206 |
-+ |
|
207 |
-+############################################################ |
|
208 |
-+## errors.log |
|
209 |
-+ |
|
210 |
-+filter f_errors { |
|
211 |
-+ level(warn,err,crit,alert,emerg) |
|
212 |
-+ and not facility(auth,authpriv,daemon,mail,user,kern); |
|
213 |
-+}; |
|
214 |
-+destination df_errors { file("/var/log/errors.log"); }; |
|
215 |
-+log { |
|
216 |
-+ source(s_all); |
|
217 |
-+ filter(f_errors); |
|
218 |
-+ destination(df_errors); |
|
219 |
-+}; |
|
220 |
-+ |
|
221 |
-+############################################################ |
|
222 |
-+## emergencies |
|
223 |
-+ |
|
224 |
-+filter f_emerg { level(emerg); }; |
|
225 |
-+destination du_all { usertty("*"); }; |
|
226 |
-+log { |
|
227 |
-+ source(s_all); |
|
228 |
-+ filter(f_emerg); |
|
229 |
-+ destination(du_all); |
|
230 |
-+}; |
|
231 |
-+ |
|
232 |
-+############################################################ |
|
233 |
-+## console messages |
|
234 |
-+ |
|
235 |
-+filter f_xconsole { |
|
236 |
-+ facility(daemon,mail) |
|
237 |
-+ or level(debug,info,notice,warn) |
|
238 |
-+ or (facility(news) |
|
239 |
-+ and level(crit,err,notice)); |
|
240 |
-+}; |
|
241 |
-+destination dp_xconsole { pipe("/dev/xconsole"); }; |
|
242 |
-+log { |
|
243 |
-+ source(s_all); |
|
244 |
-+ filter(f_xconsole); |
|
245 |
-+ destination(dp_xconsole); |
|
246 |
-+}; |
|
247 |
-+ |
|
248 |
-diff -urN syslog-ng-2.0.4.orig/doc/Makefile.am syslog-ng-2.0.4/doc/Makefile.am |
|
249 |
---- syslog-ng-2.0.4.orig/doc/Makefile.am 2007-04-19 14:37:16.000000000 -0500 |
|
250 |
-+++ syslog-ng-2.0.4/doc/Makefile.am 2007-07-08 23:34:14.000000000 -0500 |
|
251 |
-@@ -6,8 +6,10 @@ |
|
252 |
- reference/syslog-ng.xml \ |
|
253 |
- reference/syslog-ng.txt \ |
|
254 |
- reference/syslog-ng.xsl \ |
|
255 |
-+ reference/README.syslog-ng-anon \ |
|
256 |
- examples/syslog-ng.conf.sample \ |
|
257 |
-- examples/syslog-ng.conf.solaris |
|
258 |
-+ examples/syslog-ng.conf.solaris \ |
|
259 |
-+ examples/syslog-ng-anon.conf |
|
260 |
- |
|
261 |
- man_MANS = man/syslog-ng.8 man/syslog-ng.conf.5 |
|
262 |
- |
|
263 |
-diff -urN syslog-ng-2.0.4.orig/doc/Makefile.in syslog-ng-2.0.4/doc/Makefile.in |
|
264 |
---- syslog-ng-2.0.4.orig/doc/Makefile.in 2007-05-15 09:40:53.000000000 -0500 |
|
265 |
-+++ syslog-ng-2.0.4/doc/Makefile.in 2007-07-08 23:35:39.000000000 -0500 |
|
266 |
-@@ -135,8 +135,10 @@ |
|
267 |
- reference/syslog-ng.xml \ |
|
268 |
- reference/syslog-ng.txt \ |
|
269 |
- reference/syslog-ng.xsl \ |
|
270 |
-+ reference/README.syslog-ng-anon \ |
|
271 |
- examples/syslog-ng.conf.sample \ |
|
272 |
-- examples/syslog-ng.conf.solaris |
|
273 |
-+ examples/syslog-ng.conf.solaris \ |
|
274 |
-+ examples/syslog-ng-anon.conf |
|
275 |
- |
|
276 |
- |
|
277 |
- man_MANS = man/syslog-ng.8 man/syslog-ng.conf.5 |
|
278 |
-diff -urN syslog-ng-2.0.4.orig/doc/reference/README.syslog-ng-anon syslog-ng-2.0.4/doc/reference/README.syslog-ng-anon |
|
279 |
---- syslog-ng-2.0.4.orig/doc/reference/README.syslog-ng-anon 1969-12-31 18:00:00.000000000 -0600 |
|
280 |
-+++ syslog-ng-2.0.4/doc/reference/README.syslog-ng-anon 2007-07-08 23:32:09.000000000 -0500 |
|
281 |
-@@ -0,0 +1,93 @@ |
|
282 |
-+syslog-ng-anon |
|
283 |
-+ |
|
284 |
-+ This patch adds the capability to syslog-ng that allows you to strip |
|
285 |
-+ out any given regexp or all IP addresses from log messages before |
|
286 |
-+ they are written to disk. The goal is to give the system administrator |
|
287 |
-+ the means to implement site logging policies, by allowing them easy |
|
288 |
-+ control over exactly what data they retain in their logfiles, |
|
289 |
-+ regardless of what a particular daemon might think is best. |
|
290 |
-+ |
|
291 |
-+Background: |
|
292 |
-+ |
|
293 |
-+ Data retention has become a hot legal topic for ISPs and other Online |
|
294 |
-+ Service Providers (OSPs). There are many instances where it is preferable |
|
295 |
-+ to keep less information on users than is collected by default on many |
|
296 |
-+ systems. In the United States it is not currently required to retain |
|
297 |
-+ data on users of a server, but you may be required to provide all data |
|
298 |
-+ on a user which you have retained. OSPs can protect themselves from legal |
|
299 |
-+ hassles and added work by choosing what data they wish to retain. |
|
300 |
-+ |
|
301 |
-+ From "Best Practices for Online Service Providers" |
|
302 |
-+ (http://www.eff.org/osp): |
|
303 |
-+ |
|
304 |
-+ As an intermediary, the OSP [Online Service Provider] finds itself in |
|
305 |
-+ a position to collect and store detailed information about its users |
|
306 |
-+ and their online activities that may be of great interest to third |
|
307 |
-+ parties. The USA PATRIOT Act also provides the government with |
|
308 |
-+ expanded powers to request this information. As a result, OSP owners |
|
309 |
-+ must deal with requests from law enforcement and lawyers to hand over |
|
310 |
-+ private user information and logs. Yet, compliance with these demands |
|
311 |
-+ takes away from an OSP's goal of providing users with reliable, |
|
312 |
-+ secure network services. In this paper, EFF offers some suggestions, |
|
313 |
-+ both legal and technical, for best practices that balance the needs |
|
314 |
-+ of OSPs and their users' privacy and civil liberties. |
|
315 |
-+ |
|
316 |
-+ Rather than scrubbing the information you don't want in logs, this patch |
|
317 |
-+ ensures that the information is never written to disk. Also, for those |
|
318 |
-+ daemons which log through syslog facilities, this patch provides a |
|
319 |
-+ convenient single configuration to limit what you wish to log. |
|
320 |
-+ |
|
321 |
-+ Here are some related links: |
|
322 |
-+ |
|
323 |
-+ Best Practices for Online Service Providers |
|
324 |
-+ http://www.eff.org/osp |
|
325 |
-+ http://www.eff.org/osp/20040819_OSPBestPractices.pdf |
|
326 |
-+ |
|
327 |
-+ EPIC International Data Retention Page |
|
328 |
-+ http://www.epic.org/privacy/intl/data_retention.html |
|
329 |
-+ |
|
330 |
-+ Working Paper on Usage Log Data Management (from Computer, Freedom, and |
|
331 |
-+ Privacy conference) http://cryptome.org/usage-logs.htm |
|
332 |
-+ |
|
333 |
-+ |
|
334 |
-+Installing syslog-ng-anon |
|
335 |
-+ |
|
336 |
-+ Applying the patch |
|
337 |
-+ |
|
338 |
-+ This patch has been tested against the following versions of syslog-ng: |
|
339 |
-+ . version 1.6.7 |
|
340 |
-+ . Debian package syslog-ng_1.6.7-2 |
|
341 |
-+ |
|
342 |
-+ |
|
343 |
-+ To use this patch, obtain the source for syslog-ng |
|
344 |
-+ (http://www.balabit.com/downloads/syslog-ng/1.6/src/) and the latest |
|
345 |
-+ syslog-ng-anon patch (http://dev.riseup.net/patches/syslog-ng/). |
|
346 |
-+ Uncompress the syslog-ng source and then apply the patch: |
|
347 |
-+ |
|
348 |
-+ % tar -zxvf syslog-ng.tar.gz |
|
349 |
-+ % cd syslog-ng |
|
350 |
-+ % patch -p1 < syslog-ng-anon.diff |
|
351 |
-+ |
|
352 |
-+ Then compile and install syslog-ng as normal. |
|
353 |
-+ |
|
354 |
-+ Debian package |
|
355 |
-+ |
|
356 |
-+ Alternately, you can install syslog-ng-anon from this repository: |
|
357 |
-+ deb http://deb.riseup.net/debian unstable main |
|
358 |
-+ |
|
359 |
-+ How to use it |
|
360 |
-+ |
|
361 |
-+ This patch adds the filter "strip". For example: |
|
362 |
-+ |
|
363 |
-+ filter f_strip {strip(<regexp>);}; |
|
364 |
-+ |
|
365 |
-+ This will strip out all matches of the regular expression on logs to |
|
366 |
-+ which the filter is applied and replaces all matches with the fixed length |
|
367 |
-+ four dashes ("----"). |
|
368 |
-+ |
|
369 |
-+ In place of a regular expression, you can put "ips", which will replace all |
|
370 |
-+ internet addresses with 0.0.0.0. For example: |
|
371 |
-+ |
|
372 |
-+ filter f_strip {strip(ips);}; |
|
373 |
-+ |
|
374 |
-+ You can alter what the replacement strings are by using replace: |
|
375 |
-diff -urN syslog-ng-2.0.4.orig/src/cfg-grammar.y syslog-ng-2.0.4/src/cfg-grammar.y |
|
376 |
---- syslog-ng-2.0.4.orig/src/cfg-grammar.y 2007-04-20 15:24:08.000000000 -0500 |
|
377 |
-+++ syslog-ng-2.0.4/src/cfg-grammar.y 2007-07-08 23:38:07.000000000 -0500 |
|
378 |
-@@ -107,7 +107,7 @@ |
|
379 |
- %token KW_USE_TIME_RECVD |
|
380 |
- |
|
381 |
- /* filter items*/ |
|
382 |
--%token KW_FACILITY KW_LEVEL KW_HOST KW_MATCH KW_NETMASK |
|
383 |
-+%token KW_FACILITY KW_LEVEL KW_HOST KW_MATCH KW_NETMASK KW_STRIP KW_REPLACE |
|
384 |
- |
|
385 |
- /* yes/no switches */ |
|
386 |
- %token KW_YES KW_NO |
|
387 |
-@@ -803,6 +803,8 @@ |
|
388 |
- | KW_PROGRAM '(' string ')' { $$ = filter_prog_new($3); free($3); } |
|
389 |
- | KW_HOST '(' string ')' { $$ = filter_host_new($3); free($3); } |
|
390 |
- | KW_MATCH '(' string ')' { $$ = filter_match_new($3); free($3); } |
|
391 |
-+ | KW_STRIP '(' string ')' { $$ = filter_strip_new($3); free($3); } |
|
392 |
-+ | KW_REPLACE '(' string string ')' { $$ = filter_replace_new($3, $4); free($3); free($4); } |
|
393 |
- | KW_FILTER '(' string ')' { $$ = filter_call_new($3, configuration); free($3); } |
|
394 |
- | KW_NETMASK '(' string ')' { $$ = filter_netmask_new($3); free($3); } |
|
395 |
- ; |
|
396 |
-@@ -908,4 +910,4 @@ |
|
397 |
- last_reader_options = NULL; |
|
398 |
- last_writer_options = NULL; |
|
399 |
- last_template = NULL; |
|
400 |
--} |
|
401 |
-\ No newline at end of file |
|
402 |
-+} |
|
403 |
-diff -urN syslog-ng-2.0.4.orig/src/cfg-lex.l syslog-ng-2.0.4/src/cfg-lex.l |
|
404 |
---- syslog-ng-2.0.4.orig/src/cfg-lex.l 2007-04-19 14:37:16.000000000 -0500 |
|
405 |
-+++ syslog-ng-2.0.4/src/cfg-lex.l 2007-07-08 23:38:51.000000000 -0500 |
|
406 |
-@@ -165,6 +165,8 @@ |
|
407 |
- { "host", KW_HOST }, |
|
408 |
- { "match", KW_MATCH }, |
|
409 |
- { "netmask", KW_NETMASK }, |
|
410 |
-+ { "strip", KW_STRIP }, |
|
411 |
-+ { "replace", KW_REPLACE }, |
|
412 |
- |
|
413 |
- /* on/off switches */ |
|
414 |
- { "yes", KW_YES }, |
|
415 |
-diff -urN syslog-ng-2.0.4.orig/src/filter.c syslog-ng-2.0.4/src/filter.c |
|
416 |
---- syslog-ng-2.0.4.orig/src/filter.c 2007-04-29 11:59:54.000000000 -0500 |
|
417 |
-+++ syslog-ng-2.0.4/src/filter.c 2007-07-09 00:29:40.000000000 -0500 |
|
418 |
-@@ -226,6 +226,7 @@ |
|
419 |
- typedef struct _FilterRE |
|
420 |
- { |
|
421 |
- FilterExprNode super; |
|
422 |
-+ GString *replace; |
|
423 |
- regex_t regex; |
|
424 |
- } FilterRE; |
|
425 |
- |
|
426 |
-@@ -310,6 +311,9 @@ |
|
427 |
- filter_re_free(FilterExprNode *s) |
|
428 |
- { |
|
429 |
- FilterRE *self = (FilterRE *) s; |
|
430 |
-+ |
|
431 |
-+ if (self->replace != NULL) |
|
432 |
-+ g_string_free(self->replace, TRUE); |
|
433 |
- |
|
434 |
- regfree(&self->regex); |
|
435 |
- g_free(s); |
|
436 |
-@@ -494,3 +498,88 @@ |
|
437 |
- self->super.eval = filter_netmask_eval; |
|
438 |
- return &self->super; |
|
439 |
- } |
|
440 |
-+ |
|
441 |
-+FilterExprNode * |
|
442 |
-+filter_strip_new(const gchar *re) |
|
443 |
-+{ |
|
444 |
-+ if (g_ascii_strcasecmp(re, "ips") == 0) |
|
445 |
-+ return filter_replace_new(re, "0.0.0.0"); |
|
446 |
-+ |
|
447 |
-+ return filter_replace_new(re, "----"); |
|
448 |
-+} |
|
449 |
-+ |
|
450 |
-+#define FMIN(a, b) (a) < (b) ? (a) : (b) |
|
451 |
-+#define NEW_MSG_SIZE 2048 |
|
452 |
-+ |
|
453 |
-+static gboolean |
|
454 |
-+filter_replace_eval(FilterExprNode *s, LogMessage *log) |
|
455 |
-+{ |
|
456 |
-+ FilterRE *self = (FilterRE *) s; |
|
457 |
-+ gchar *buffer = log->msg.str; |
|
458 |
-+ gint snippet_size; |
|
459 |
-+ regmatch_t pmatch; |
|
460 |
-+ gchar new_msg[NEW_MSG_SIZE]; |
|
461 |
-+ gchar *new_msg_max = new_msg + NEW_MSG_SIZE; |
|
462 |
-+ gchar *new_msg_ptr = new_msg; |
|
463 |
-+ gint replace_length = self->replace->len; |
|
464 |
-+ gint error; |
|
465 |
-+ |
|
466 |
-+ error = regexec(&self->regex, buffer, 1, &pmatch, 0); |
|
467 |
-+ if (error) |
|
468 |
-+ return TRUE; |
|
469 |
-+ while (!error) |
|
470 |
-+ { |
|
471 |
-+ /* copy string snippet which preceeds matched text */ |
|
472 |
-+ snippet_size = FMIN(pmatch.rm_so, new_msg_max - new_msg_ptr); |
|
473 |
-+ memcpy(new_msg_ptr, buffer, snippet_size); |
|
474 |
-+ new_msg_ptr += snippet_size; |
|
475 |
-+ |
|
476 |
-+ /* copy replacement */ |
|
477 |
-+ snippet_size = FMIN(replace_length, new_msg_max - new_msg_ptr); |
|
478 |
-+ memcpy(new_msg_ptr, self->replace->str, snippet_size); |
|
479 |
-+ new_msg_ptr += snippet_size; |
|
480 |
-+ |
|
481 |
-+ /* search for next match */ |
|
482 |
-+ buffer += pmatch.rm_eo; |
|
483 |
-+ error = regexec(&self->regex, buffer, 1, &pmatch, REG_NOTBOL); |
|
484 |
-+ } |
|
485 |
-+ |
|
486 |
-+ /* copy the rest of the old message */ |
|
487 |
-+ snippet_size = FMIN(log->msg.len, new_msg_max - new_msg_ptr); |
|
488 |
-+ memcpy(new_msg_ptr, buffer, snippet_size); |
|
489 |
-+ new_msg_ptr += snippet_size; |
|
490 |
-+ |
|
491 |
-+ g_string_erase(&log->msg, 0, -1); |
|
492 |
-+ g_string_append(&log->msg, new_msg); |
|
493 |
-+ |
|
494 |
-+ return TRUE; |
|
495 |
-+} |
|
496 |
-+ |
|
497 |
-+FilterExprNode * |
|
498 |
-+filter_replace_new(const gchar *re, const gchar *replacement) |
|
499 |
-+{ |
|
500 |
-+ FilterRE *self = g_new0(FilterRE, 1); |
|
501 |
-+ gint regerr; |
|
502 |
-+ |
|
503 |
-+ if (!g_ascii_strcasecmp(re, "ips")) |
|
504 |
-+ re = "25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])([\\.\\-](25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])){3}"; |
|
505 |
-+ |
|
506 |
-+ regerr = regcomp(&self->regex, re, REG_ICASE | REG_EXTENDED); |
|
507 |
-+ if (regerr) |
|
508 |
-+ { |
|
509 |
-+ gchar errorbuf[256]; |
|
510 |
-+ regerror(regerr, &self->regex, errorbuf, sizeof(errorbuf)); |
|
511 |
-+ msg_error("Error compiling regular expression:", |
|
512 |
-+ evt_tag_str("re", re), |
|
513 |
-+ evt_tag_str("error", errorbuf), |
|
514 |
-+ NULL); |
|
515 |
-+ g_free(self); |
|
516 |
-+ return NULL; |
|
517 |
-+ } |
|
518 |
-+ |
|
519 |
-+ self->replace = g_string_new(replacement); |
|
520 |
-+ self->super.eval = filter_replace_eval; |
|
521 |
-+ self->super.free_fn = filter_re_free; |
|
522 |
-+ |
|
523 |
-+ return &self->super; |
|
524 |
-+} |
|
525 |
-diff -urN syslog-ng-2.0.4.orig/src/filter.h syslog-ng-2.0.4/src/filter.h |
|
526 |
---- syslog-ng-2.0.4.orig/src/filter.h 2007-04-19 14:37:16.000000000 -0500 |
|
527 |
-+++ syslog-ng-2.0.4/src/filter.h 2007-07-09 00:10:57.000000000 -0500 |
|
528 |
-@@ -54,6 +54,8 @@ |
|
529 |
- FilterExprNode *filter_match_new(gchar *re); |
|
530 |
- FilterExprNode *filter_call_new(gchar *rule, struct _GlobalConfig *cfg); |
|
531 |
- FilterExprNode *filter_netmask_new(gchar *cidr); |
|
532 |
-+FilterExprNode *filter_strip_new(const gchar *re); |
|
533 |
-+FilterExprNode *filter_replace_new(const gchar *re, const gchar *replacement); |
|
534 |
- |
|
535 |
- typedef struct _LogFilterRule |
|
536 |
- { |
... | ... |
@@ -1,149 +0,0 @@ |
1 |
-# |
|
2 |
-# Syslog-ng configuration file, compatible with default Debian syslogd |
|
3 |
-# installation. Originally written by anonymous (I can't find his name) |
|
4 |
-# Revised, and rewrited by me (SZALAY Attila <sasa@debian.org>) |
|
5 |
- |
|
6 |
-# First, set some global options. |
|
7 |
-options { chain_hostnames(off); sync(0); use_dns(no); |
|
8 |
- owner("root"); group("adm"); perm(0640); |
|
9 |
-}; |
|
10 |
- |
|
11 |
-######################## |
|
12 |
-# Sources |
|
13 |
-######################## |
|
14 |
-# This is the default behavior of sysklogd package |
|
15 |
-# Logs may come from unix stream, but not from another machine. |
|
16 |
-# |
|
17 |
-source src { unix-dgram("/dev/log"); internal(); |
|
18 |
- file("/proc/kmsg" log_prefix("kernel: ")); |
|
19 |
-}; |
|
20 |
- |
|
21 |
-# If you wish to get logs from remote machine you should uncomment |
|
22 |
-# this and comment the above source line. |
|
23 |
-# |
|
24 |
-#source net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); }; |
|
25 |
- |
|
26 |
-######################## |
|
27 |
-# Destinations |
|
28 |
-######################## |
|
29 |
-# First some standard logfile |
|
30 |
-# |
|
31 |
-destination auth { file("/var/log/auth.log"); }; |
|
32 |
-destination cron { file("/var/log/cron.log"); }; |
|
33 |
-destination daemon { file("/var/log/daemon.log"); }; |
|
34 |
-destination kern { file("/var/log/kern.log"); }; |
|
35 |
-destination lpr { file("/var/log/lpr.log"); }; |
|
36 |
-destination mail { file("/var/log/mail.log"); }; |
|
37 |
-destination syslog { file("/var/log/syslog.log"); }; |
|
38 |
-destination user { file("/var/log/user.log"); }; |
|
39 |
-destination uucp { file("/var/log/uucp.log"); }; |
|
40 |
- |
|
41 |
-# This files are the log come from the mail subsystem. |
|
42 |
-# |
|
43 |
-destination mailinfo { file("/var/log/mail/mail.info"); }; |
|
44 |
-destination mailwarn { file("/var/log/mail/mail.warn"); }; |
|
45 |
-destination mailerr { file("/var/log/mail/mail.err"); }; |
|
46 |
- |
|
47 |
-# Logging for INN news system |
|
48 |
-# |
|
49 |
-destination newscrit { file("/var/log/news/news.crit"); }; |
|
50 |
-destination newserr { file("/var/log/news/news.err"); }; |
|
51 |
-destination newsnotice { file("/var/log/news/news.notice"); }; |
|
52 |
- |
|
53 |
-# Some `catch-all' logfiles. |
|
54 |
-# |
|
55 |
-destination debug { file("/var/log/debug"); }; |
|
56 |
-destination error { file("/var/log/error"); }; |
|
57 |
- |
|
58 |
-# The root's console. |
|
59 |
-# |
|
60 |
-destination console { usertty("root"); }; |
|
61 |
- |
|
62 |
-# Virtual console. |
|
63 |
-# |
|
64 |
-destination console_all { file("/dev/vc/10"); }; |
|
65 |
- |
|
66 |
-# The named pipe /dev/xconsole is for the nsole' utility. To use it, |
|
67 |
-# you must invoke nsole' with the -file' option: |
|
68 |
-# |
|
69 |
-# $ xconsole -file /dev/xconsole [...] |
|
70 |
-# |
|
71 |
-destination xconsole { pipe("/dev/xconsole"); }; |
|
72 |
- |
|
73 |
-# Send the messages to an other host |
|
74 |
-# |
|
75 |
-#destination net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); }; |
|
76 |
- |
|
77 |
-# Debian only |
|
78 |
-destination ppp { file("/var/log/ppp.log"); }; |
|
79 |
- |
|
80 |
-######################## |
|
81 |
-# Filters |
|
82 |
-######################## |
|
83 |
-# Here's come the filter options. With this rules, we can set which |
|
84 |
-# message go where. |
|
85 |
- |
|
86 |
-filter dbg { level(debug); }; |
|
87 |
-filter info { level(info); }; |
|
88 |
-filter notice { level(notice); }; |
|
89 |
-filter warn { level(warn); }; |
|
90 |
-filter err { level(err); }; |
|
91 |
-filter crit { level(crit .. emerg); }; |
|
92 |
- |
|
93 |
-filter debug { level(debug) and not facility(auth, authpriv, news, mail); }; |
|
94 |
-filter error { level(err .. emerg) ; }; |
|
95 |
- |
|
96 |
-filter auth { facility(auth, authpriv) and not filter(debug); }; |
|
97 |
-filter cron { facility(cron) and not filter(debug); }; |
|
98 |
-filter daemon { facility(daemon) and not filter(debug); }; |
|
99 |
-filter kern { facility(kern) and not filter(debug); }; |
|
100 |
-filter lpr { facility(lpr) and not filter(debug); }; |
|
101 |
-filter local { facility(local0, local1, local3, local4, local5, |
|
102 |
- local6, local7) and not filter(debug); }; |
|
103 |
-filter mail { facility(mail) and not filter(debug); }; |
|
104 |
-filter news { facility(news) and not filter(debug); }; |
|
105 |
-filter syslog { facility(syslog) and not filter(debug); }; |
|
106 |
-filter user { facility(user) and not filter(debug); }; |
|
107 |
-filter uucp { facility(uucp) and not filter(debug); }; |
|
108 |
- |
|
109 |
-filter cnews { level(notice, err, crit) and facility(news); }; |
|
110 |
-filter cother { level(debug, info, notice, warn) or facility(daemon, mail); }; |
|
111 |
- |
|
112 |
-filter ppp { facility(local2) and not filter(debug); }; |
|
113 |
-filter console { level(warn .. emerg); }; |
|
114 |
- |
|
115 |
-######################## |
|
116 |
-# Log paths |
|
117 |
-######################## |
|
118 |
-log { source(src); filter(auth); destination(auth); }; |
|
119 |
-log { source(src); filter(cron); destination(cron); }; |
|
120 |
-log { source(src); filter(daemon); destination(daemon); }; |
|
121 |
-log { source(src); filter(kern); destination(kern); }; |
|
122 |
-log { source(src); filter(lpr); destination(lpr); }; |
|
123 |
-log { source(src); filter(syslog); destination(syslog); }; |
|
124 |
-log { source(src); filter(user); destination(user); }; |
|
125 |
-log { source(src); filter(uucp); destination(uucp); }; |
|
126 |
- |
|
127 |
-log { source(src); filter(mail); destination(mail); }; |
|
128 |
-#log { source(src); filter(mail); filter(info); destination(mailinfo); }; |
|
129 |
-#log { source(src); filter(mail); filter(warn); destination(mailwarn); }; |
|
130 |
-#log { source(src); filter(mail); filter(err); destination(mailerr); }; |
|
131 |
- |
|
132 |
-log { source(src); filter(news); filter(crit); destination(newscrit); }; |
|
133 |
-log { source(src); filter(news); filter(err); destination(newserr); }; |
|
134 |
-log { source(src); filter(news); filter(notice); destination(newsnotice); }; |
|
135 |
-#log { source(src); filter(cnews); destination(console_all); }; |
|
136 |
-#log { source(src); filter(cother); destination(console_all); }; |
|
137 |
- |
|
138 |
-#log { source(src); filter(ppp); destination(ppp); }; |
|
139 |
- |
|
140 |
-log { source(src); filter(debug); destination(debug); }; |
|
141 |
-log { source(src); filter(error); destination(error); }; |
|
142 |
- |
|
143 |
-log { source(src); filter(console); destination(console_all); |
|
144 |
- destination(xconsole); }; |
|
145 |
-log { source(src); filter(crit); destination(console); }; |
|
146 |
- |
|
147 |
-# All messages send to a remote site |
|
148 |
-# |
|
149 |
-#log { source(src); destination(net); }; |
... | ... |
@@ -1,33 +0,0 @@ |
1 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v 1.7 2007/08/02 04:52:18 mr_bones_ Exp $ |
|
2 |
-# |
|
3 |
-# Syslog-ng default configuration file for Gentoo Linux |
|
4 |
-# contributed by Michael Sterrett |
|
5 |
- |
|
6 |
-options { |
|
7 |
- chain_hostnames(off); |
|
8 |
- sync(0); |
|
9 |
- |
|
10 |
- # The default action of syslog-ng 1.6.0 is to log a STATS line |
|
11 |
- # to the file every 10 minutes. That's pretty ugly after a while. |
|
12 |
- # Change it to every 12 hours so you get a nice daily update of |
|
13 |
- # how many messages syslog-ng missed (0). |
|
14 |
- stats(43200); |
|
15 |
-}; |
|
16 |
- |
|
17 |
-source src { |
|
18 |
- unix-stream("/dev/log" max-connections(256)); |
|
19 |
- internal(); |
|
20 |
- file("/proc/kmsg"); |
|
21 |
-}; |
|
22 |
- |
|
23 |
-destination messages { file("/var/log/messages"); }; |
|
24 |
- |
|
25 |
-# By default messages are logged to tty12... |
|
26 |
-destination console_all { file("/dev/tty12"); }; |
|
27 |
-# ...if you intend to use /dev/console for programs like xconsole |
|
28 |
-# you can comment out the destination line above that references /dev/tty12 |
|
29 |
-# and uncomment the line below. |
|
30 |
-#destination console_all { file("/dev/console"); }; |
|
31 |
- |
|
32 |
-log { source(src); destination(messages); }; |
|
33 |
-log { source(src); destination(console_all); }; |
... | ... |
@@ -1,20 +0,0 @@ |
1 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.fbsd,v 1.1 2007/03/27 07:38:41 mr_bones_ Exp $ |
|
2 |
-# |
|
3 |
-# Syslog-ng default configuration file for Gentoo FreeBSD |
|
4 |
-# contributed by Tiziano Mülle |
|
5 |
-options { |
|
6 |
- chain_hostnames(off); |
|
7 |
- sync(0); |
|
8 |
- |
|
9 |
- # The default action of syslog-ng 1.6.0 is to log a STATS line |
|
10 |
- # to the file every 10 minutes. That's pretty ugly after a while. |
|
11 |
- # Change it to every 12 hours so you get a nice daily update of |
|
12 |
- # how many messages syslog-ng missed (0). |
|
13 |
- stats(43200); |
|
14 |
-}; |
|
15 |
- |
|
16 |
-source src { unix-dgram("/var/run/log"); file("/dev/klog"); internal(); }; |
|
17 |
- |
|
18 |
-destination messages { file("/var/log/messages"); }; |
|
19 |
- |
|
20 |
-log { source(src); destination(messages); }; |
... | ... |
@@ -1,102 +0,0 @@ |
1 |
-# Copyright 2005 Gentoo Foundation |
|
2 |
-# Distributed under the terms of the GNU General Public License v2 |
|
3 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened,v 1.4 2006/07/12 23:59:59 solar Exp $ |
|
4 |
- |
|
5 |
-# |
|
6 |
-# Syslog-ng configuration file, compatible with default hardened installations. |
|
7 |
-# |
|
8 |
- |
|
9 |
-options { chain_hostnames(off); sync(0); }; |
|
10 |
- |
|
11 |
-source src { unix-stream("/dev/log"); internal(); }; |
|
12 |
-source kernsrc { file("/proc/kmsg"); }; |
|
13 |
-#source net { udp(); }; |
|
14 |
- |
|
15 |
-destination authlog { file("/var/log/auth.log"); }; |
|
16 |
-destination syslog { file("/var/log/syslog"); }; |
|
17 |
-destination cron { file("/var/log/cron.log"); }; |
|
18 |
-destination daemon { file("/var/log/daemon.log"); }; |
|
19 |
-destination kern { file("/var/log/kern.log"); file("/dev/tty12"); }; |
|
20 |
-destination lpr { file("/var/log/lpr.log"); }; |
|
21 |
-destination user { file("/var/log/user.log"); }; |
|
22 |
-destination uucp { file("/var/log/uucp.log"); }; |
|
23 |
-#destination ppp { file("/var/log/ppp.log"); }; |
|
24 |
-destination mail { file("/var/log/mail.log"); }; |
|
25 |
- |
|
26 |
-destination avc { file("/var/log/avc.log"); }; |
|
27 |
-destination audit { file("/var/log/audit.log"); }; |
|
28 |
-destination pax { file("/var/log/pax.log"); }; |
|
29 |
-destination grsec { file("/var/log/grsec.log"); }; |
|
30 |
- |
|
31 |
-destination mailinfo { file("/var/log/mail.info"); }; |
|
32 |
-destination mailwarn { file("/var/log/mail.warn"); }; |
|
33 |
-destination mailerr { file("/var/log/mail.err"); }; |
|
34 |
- |
|
35 |
-destination newscrit { file("/var/log/news/news.crit"); }; |
|
36 |
-destination newserr { file("/var/log/news/news.err"); }; |
|
37 |
-destination newsnotice { file("/var/log/news/news.notice"); }; |
|
38 |
- |
|
39 |
-destination debug { file("/var/log/debug"); }; |
|
40 |
-destination messages { file("/var/log/messages"); }; |
|
41 |
-destination console { usertty("root"); }; |
|
42 |
-destination console_all { file("/dev/tty12"); }; |
|
43 |
-#destination loghost { udp("loghost" port(999)); }; |
|
44 |
- |
|
45 |
-destination xconsole { pipe("/dev/xconsole"); }; |
|
46 |
- |
|
47 |
-filter f_auth { facility(auth); }; |
|
48 |
-filter f_authpriv { facility(auth, authpriv); }; |
|
49 |
-filter f_syslog { not facility(authpriv, mail); }; |
|
50 |
-filter f_cron { facility(cron); }; |
|
51 |
-filter f_daemon { facility(daemon); }; |
|
52 |
-filter f_kern { facility(kern); }; |
|
53 |
-filter f_lpr { facility(lpr); }; |
|
54 |
-filter f_mail { facility(mail); }; |
|
55 |
-filter f_user { facility(user); }; |
|
56 |
-filter f_uucp { facility(uucp); }; |
|
57 |
-#filter f_ppp { facility(ppp); }; |
|
58 |
-filter f_news { facility(news); }; |
|
59 |
-filter f_debug { not facility(auth, authpriv, news, mail); }; |
|
60 |
-filter f_messages { level(info..warn) |
|
61 |
- and not facility(auth, authpriv, mail, news); }; |
|
62 |
-filter f_emergency { level(emerg); }; |
|
63 |
- |
|
64 |
-filter f_info { level(info); }; |
|
65 |
- |
|
66 |
-filter f_notice { level(notice); }; |
|
67 |
-filter f_warn { level(warn); }; |
|
68 |
-filter f_crit { level(crit); }; |
|
69 |
-filter f_err { level(err); }; |
|
70 |
- |
|
71 |
-filter f_avc { match(".*avc: .*"); }; |
|
72 |
-filter f_audit { match("^audit.*") and not match(".*avc: .*"); }; |
|
73 |
-filter f_pax { match("^PAX:.*"); }; |
|
74 |
-filter f_grsec { match("^grsec:.*"); }; |
|
75 |
- |
|
76 |
-log { source(src); filter(f_authpriv); destination(authlog); }; |
|
77 |
-log { source(src); filter(f_syslog); destination(syslog); }; |
|
78 |
-log { source(src); filter(f_cron); destination(cron); }; |
|
79 |
-log { source(src); filter(f_daemon); destination(daemon); }; |
|
80 |
-log { source(kernsrc); filter(f_kern); destination(kern); }; |
|
81 |
-log { source(src); filter(f_lpr); destination(lpr); }; |
|
82 |
-log { source(src); filter(f_mail); destination(mail); }; |
|
83 |
-log { source(src); filter(f_user); destination(user); }; |
|
84 |
-log { source(src); filter(f_uucp); destination(uucp); }; |
|
85 |
-log { source(kernsrc); filter(f_pax); destination(pax); }; |
|
86 |
-log { source(kernsrc); filter(f_grsec); destination(grsec); }; |
|
87 |
-log { source(kernsrc); filter(f_audit); destination(audit); }; |
|
88 |
-log { source(kernsrc); filter(f_avc); destination(avc); }; |
|
89 |
-log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); }; |
|
90 |
-log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); }; |
|
91 |
-log { source(src); filter(f_mail); filter(f_err); destination(mailerr); }; |
|
92 |
-log { source(src); filter(f_news); filter(f_crit); destination(newscrit); }; |
|
93 |
-log { source(src); filter(f_news); filter(f_err); destination(newserr); }; |
|
94 |
-log { source(src); filter(f_news); filter(f_notice); destination(newsnotice); }; |
|
95 |
-log { source(src); filter(f_debug); destination(debug); }; |
|
96 |
-log { source(src); filter(f_messages); destination(messages); }; |
|
97 |
-log { source(src); filter(f_emergency); destination(console); }; |
|
98 |
-#log { source(src); filter(f_ppp); destination(ppp); }; |
|
99 |
-log { source(src); destination(console_all); }; |
|
100 |
- |
|
101 |
- |
|
102 |
- |
... | ... |
@@ -1,12 +0,0 @@ |
1 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate,v 1.2 2004/07/18 02:25:02 dragonheart Exp $ |
|
2 |
-# |
|
3 |
-# Syslog-ng logrotate snippet for Gentoo Linux |
|
4 |
-# contributed by Michael Sterrett |
|
5 |
-# |
|
6 |
- |
|
7 |
-/var/log/messages { |
|
8 |
- sharedscripts |
|
9 |
- postrotate |
|
10 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
11 |
- endscript |
|
12 |
-} |
... | ... |
@@ -1,73 +0,0 @@ |
1 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate.hardened,v 1.2 2007/07/26 20:58:01 mr_bones_ Exp $ |
|
2 |
-# |
|
3 |
-# Syslog-ng logrotate snippet for Hardened Gentoo Linux |
|
4 |
-# contributed by Maciej Grela |
|
5 |
-# |
|
6 |
- |
|
7 |
-# Generic |
|
8 |
-/var/log/debug /var/log/syslog /var/log/kern.log { |
|
9 |
- sharedscripts |
|
10 |
- postrotate |
|
11 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
12 |
- endscript |
|
13 |
-} |
|
14 |
- |
|
15 |
-# System services |
|
16 |
-/var/log/cron.log /var/log/daemon.log /var/log/lpr.log /var/log/uucp.log { |
|
17 |
- sharedscripts |
|
18 |
- missingok |
|
19 |
- postrotate |
|
20 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
21 |
- endscript |
|
22 |
-} |
|
23 |
- |
|
24 |
-# User log |
|
25 |
-/var/log/user.log { |
|
26 |
- sharedscripts |
|
27 |
- postrotate |
|
28 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
29 |
- endscript |
|
30 |
-} |
|
31 |
- |
|
32 |
-# News system |
|
33 |
-/var/log/news/news.crit /var/log/news/news.err /var/log/news/news.notice { |
|
34 |
- sharedscripts |
|
35 |
- missingok |
|
36 |
- postrotate |
|
37 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
38 |
- endscript |
|
39 |
-} |
|
40 |
- |
|
41 |
-# Mail system |
|
42 |
-/var/log/mail.log /var/log/mail.info /var/log/mail.err /var/log/mail.warn { |
|
43 |
- sharedscripts |
|
44 |
- missingok |
|
45 |
- postrotate |
|
46 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
47 |
- endscript |
|
48 |
-} |
|
49 |
- |
|
50 |
-# Hardened logs |
|
51 |
-/var/log/avc.log /var/log/audit.log /var/log/pax.log /var/log/grsec.log { |
|
52 |
- sharedscripts |
|
53 |
- missingok |
|
54 |
- postrotate |
|
55 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
56 |
- endscript |
|
57 |
-} |
|
58 |
- |
|
59 |
-# Authentication |
|
60 |
-/var/log/auth.log { |
|
61 |
- sharedscripts |
|
62 |
- postrotate |
|
63 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
64 |
- endscript |
|
65 |
-} |
|
66 |
- |
|
67 |
-# the rest |
|
68 |
-/var/log/messages { |
|
69 |
- sharedscripts |
|
70 |
- postrotate |
|
71 |
- /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true |
|
72 |
- endscript |
|
73 |
-} |
... | ... |
@@ -1,53 +0,0 @@ |
1 |
-#!/sbin/runscript |
|
2 |
-# Copyright 1999-2004 Gentoo Foundation |
|
3 |
-# Distributed under the terms of the GNU General Public License v2 |
|
4 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.rc6,v 1.18 2006/11/02 20:51:37 mr_bones_ Exp $ |
|
5 |
- |
|
6 |
-opts="depend checkconfig start stop reload" |
|
7 |
- |
|
8 |
-depend() { |
|
9 |
- # Make networking dependency conditional on configuration |
|
10 |
- case $(sed 's/#.*//' /etc/syslog-ng/syslog-ng.conf) in |
|
11 |
- *source*tcp*|*source*udp*|*destination*tcp*|*destination*udp*) |
|
12 |
- need net ;; |
|
13 |
- esac |
|
14 |
- |
|
15 |
- need clock hostname |
|
16 |
- provide logger |
|
17 |
-} |
|
18 |
- |
|
19 |
-checkconfig() { |
|
20 |
- if [ ! -e /etc/syslog-ng/syslog-ng.conf ] ; then |
|
21 |
- eerror "You need to create /etc/syslog-ng/syslog-ng.conf first." |
|
22 |
- eerror "An example can be found in /etc/syslog-ng/syslog-ng.conf.sample" |
|
23 |
- return 1 |
|
24 |
- fi |
|
25 |
- syslog-ng -s /etc/syslog-ng/syslog-ng.conf |
|
26 |
- eend $? "Configuration error. Please fix your configfile (/etc/syslog-ng/syslog-ng.conf)" |
|
27 |
-} |
|
28 |
- |
|
29 |
-start() { |
|
30 |
- checkconfig || return 1 |
|
31 |
- ebegin "Starting syslog-ng" |
|
32 |
- [[ -n ${SYSLOG_NG_OPTS} ]] && SYSLOG_NG_OPTS="-- ${SYSLOG_NG_OPTS}" |
|
33 |
- start-stop-daemon --start --quiet --exec /usr/sbin/syslog-ng ${SYSLOG_NG_OPTS} |
|
34 |
- eend $? "Failed to start syslog-ng" |
|
35 |
-} |
|
36 |
- |
|
37 |
-stop() { |
|
38 |
- ebegin "Stopping syslog-ng" |
|
39 |
- start-stop-daemon --stop --quiet --pidfile /var/run/syslog-ng.pid |
|
40 |
- eend $? "Failed to stop syslog-ng" |
|
41 |
- sleep 1 # needed for syslog-ng to stop in case we're restarting |
|
42 |
-} |
|
43 |
- |
|
44 |
-reload() { |
|
45 |
- if [ ! -f /var/run/syslog-ng.pid ]; then |
|
46 |
- eerror "syslog-ng isn't running" |
|
47 |
- return 1 |
|
48 |
- fi |
|
49 |
- checkconfig || return 1 |
|
50 |
- ebegin "Reloading configuration and re-opening log files" |
|
51 |
- kill -HUP `cat /var/run/syslog-ng.pid` &>/dev/null |
|
52 |
- eend $? |
|
53 |
-} |
... | ... |
@@ -1,59 +0,0 @@ |
1 |
-#!/sbin/runscript |
|
2 |
-# Copyright 1999-2004 Gentoo Foundation |
|
3 |
-# Distributed under the terms of the GNU General Public License v2 |
|
4 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.rc6-r1,v 1.6 2007/10/02 23:01:00 mr_bones_ Exp $ |
|
5 |
- |
|
6 |
-opts="checkconfig reload" |
|
7 |
- |
|
8 |
-depend() { |
|
9 |
- # Make networking dependency conditional on configuration |
|
10 |
- case $(sed 's/#.*//' /etc/syslog-ng/syslog-ng.conf) in |
|
11 |
- *source*tcp*|*source*udp*|*destination*tcp*|*destination*udp*) |
|
12 |
- need net ;; |
|
13 |
- esac |
|
14 |
- |
|
15 |
- # kludge for baselayout-1 compatibility |
|
16 |
- [ -z "${svclib}" ] && config /etc/syslog-ng/syslog-ng.conf |
|
17 |
- need clock hostname localmount |
|
18 |
- provide logger |
|
19 |
-} |
|
20 |
- |
|
21 |
-checkconfig() { |
|
22 |
- if [ ! -e /etc/syslog-ng/syslog-ng.conf ] ; then |
|
23 |
- eerror "You need to create /etc/syslog-ng/syslog-ng.conf first." |
|
24 |
- eerror "An example can be found in /etc/syslog-ng/syslog-ng.conf.sample" |
|
25 |
- return 1 |
|
26 |
- fi |
|
27 |
- syslog-ng -s /etc/syslog-ng/syslog-ng.conf |
|
28 |
- |
|
29 |
- # the start and reload functions have their own eends so |
|
30 |
- # avoid calling this twice when there are no problems |
|
31 |
- [ $? -eq 0 ] || eend $? "Configuration error. Please fix your configfile (/etc/syslog-ng/syslog-ng.conf)" |
|
32 |
-} |
|
33 |
- |
|
34 |
-start() { |
|
35 |
- checkconfig || return 1 |
|
36 |
- ebegin "Starting syslog-ng" |
|
37 |
- [ -n "${SYSLOG_NG_OPTS}" ] && SYSLOG_NG_OPTS="-- ${SYSLOG_NG_OPTS}" |
|
38 |
- start-stop-daemon --start --quiet --exec /usr/sbin/syslog-ng ${SYSLOG_NG_OPTS} |
|
39 |
- eend $? "Failed to start syslog-ng" |
|
40 |
-} |
|
41 |
- |
|
42 |
-stop() { |
|
43 |
- ebegin "Stopping syslog-ng" |
|
44 |
- start-stop-daemon --stop --quiet --pidfile /var/run/syslog-ng.pid |
|
45 |
- eend $? "Failed to stop syslog-ng" |
|
46 |
- sleep 1 # needed for syslog-ng to stop in case we're restarting |
|
47 |
-} |
|
48 |
- |
|
49 |
-reload() { |
|
50 |
- if [ ! -f /var/run/syslog-ng.pid ]; then |
|
51 |
- eerror "syslog-ng isn't running" |
|
52 |
- return 1 |
|
53 |
- fi |
|
54 |
- checkconfig || return 1 |
|
55 |
- ebegin "Reloading configuration and re-opening log files" |
|
56 |
- start-stop-daemon --stop --oknodo --signal HUP \ |
|
57 |
- --pidfile /var/run/syslog-ng.pid |
|
58 |
- eend $? |
|
59 |
-} |
... | ... |
@@ -1,85 +0,0 @@ |
1 |
-# Copyright 1999-2007 Gentoo Foundation |
|
2 |
-# Distributed under the terms of the GNU General Public License v2 |
|
3 |
-# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/syslog-ng-2.0.5.ebuild,v 1.1 2007/07/25 03:58:38 mr_bones_ Exp $ |
|
4 |
- |
|
5 |
-inherit fixheadtails |
|
6 |
- |
|
7 |
-MY_PV=${PV/_/} |
|
8 |
-DESCRIPTION="syslog replacement with advanced filtering features" |
|
9 |
-HOMEPAGE="http://www.balabit.com/products/syslog_ng/" |
|
10 |
-SRC_URI="http://www.balabit.com/downloads/files/syslog-ng/sources/2.0/src/${P}.tar.gz" |
|
11 |
- |
|
12 |
-LICENSE="GPL-2" |
|
13 |
-SLOT="0" |
|
14 |
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" |
|
15 |
-IUSE="hardened ipv6 selinux spoof-source static tcpd" |
|
16 |
- |
|
17 |
-RDEPEND=">=dev-libs/eventlog-0.2 |
|
18 |
- spoof-source? ( net-libs/libnet ) |
|
19 |
- tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) |
|
20 |
- >=dev-libs/glib-2.2" |
|
21 |
-DEPEND="${RDEPEND} |
|
22 |
- sys-devel/flex" |
|
23 |
-PROVIDE="virtual/logger" |
|
24 |
- |
|
25 |
-src_unpack() { |
|
26 |
- unpack ${A} |
|
27 |
- cd "${S}" |
|
28 |
- epatch "${FILESDIR}/syslog-ng-anon-2.0.4.diff" |
|
29 |
- ht_fix_file configure |
|
30 |
- cd "${S}/doc/reference" |
|
31 |
- tar xzf syslog-ng.html.tar.gz || die "tar failed" |
|
32 |
-} |
|
33 |
- |
|
34 |
-src_compile() { |
|
35 |
- econf \ |
|
36 |
- --sysconfdir=/etc/syslog-ng \ |
|
37 |
- --disable-dependency-tracking \ |
|
38 |
- $(use_enable ipv6) \ |
|
39 |
- $(use_enable !static dynamic-linking) \ |
|
40 |
- $(use_enable static static-linking) \ |
|
41 |
- $(use_enable spoof-source) \ |
|
42 |
- $(use_enable tcpd tcp-wrapper) \ |
|
43 |
- || die |
|
44 |
- emake || die "emake failed" |
|
45 |
-} |
|
46 |
- |
|
47 |
-src_install() { |
|
48 |
- emake DESTDIR="${D}" install || die "emake install failed" |
|
49 |
- |
|
50 |
- dodoc AUTHORS ChangeLog NEWS README \ |
|
51 |
- doc/examples/{syslog-ng.conf.sample,syslog-ng.conf.solaris} \ |
|
52 |
- contrib/syslog-ng.conf* \ |
|
53 |
- doc/reference/syslog-ng.txt \ |
|
54 |
- contrib/syslog2ng "${FILESDIR}/syslog-ng.conf."* |
|
55 |
- dohtml doc/reference/syslog-ng.html/* |
|
56 |
- |
|
57 |
- # Install default configuration |
|
58 |
- insinto /etc/syslog-ng |
|
59 |
- if use hardened || use selinux ; then |
|
60 |
- newins "${FILESDIR}/syslog-ng.conf.gentoo.hardened" syslog-ng.conf |
|
61 |
- elif use userland_BSD ; then |
|
62 |
- newins "${FILESDIR}/syslog-ng.conf.gentoo.fbsd" syslog-ng.conf |
|
63 |
- else |
|
64 |
- newins "${FILESDIR}/syslog-ng.conf.gentoo" syslog-ng.conf |
|
65 |
- fi |
|
66 |
- |
|
67 |
- insinto /etc/logrotate.d |
|
68 |
- # Install snippet for logrotate, which may or may not be installed |
|
69 |
- if use hardened || use selinux ; then |
|
70 |
- newins "${FILESDIR}/syslog-ng.logrotate.hardened" syslog-ng |
|
71 |
- else |
|
72 |
- newins "${FILESDIR}/syslog-ng.logrotate" syslog-ng |
|
73 |
- fi |
|
74 |
- |
|
75 |
- newinitd "${FILESDIR}/syslog-ng.rc6-r1" syslog-ng |
|
76 |
- newconfd "${FILESDIR}/syslog-ng.confd" syslog-ng |
|
77 |
-} |
|
78 |
- |
|
79 |
-pkg_postinst() { |
|
80 |
- echo |
|
81 |
- elog "It is highly recommended that app-admin/logrotate be emerged to" |
|
82 |
- elog "manage the log files. ${PN} installs a file in /etc/logrotate.d" |
|
83 |
- elog "for logrotate to use." |
|
84 |
- echo |
|
85 |
-} |
|
86 | 0 |