Date: Sun, 11 Apr 1999 14:25:55 -0400 (EDT) From: Mikhail Teterin <mi@aldan.algebra.com> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/11085: Per-host configuration for syslog.conf Message-ID: <199904111825.OAA64438@rtfm.newton>
next in thread | raw e-mail | index | archive | help
>Number: 11085
>Category: bin
>Synopsis: Per-host configuration for syslog.conf
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sun Apr 11 15:50:01 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator: Mikhail Teterin
>Release: FreeBSD 3.1-STABLE i386
>Organization:
Virtual Estates, Inc.
>Environment:
>Description:
Currently, there is not easy way to discriminate logging
based on the originating host. Messages are logged based
on "facility", "priority", and, optionally, on the program's
"name".
The patches below allow to log based on the hostname of the
message's origin:
*.err;kern.debug;auth.notice;mail.crit /dev/console
@yuranus*
*.emerg /dev/console
*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/yuranus
!ppp
*.* /var/log/yur-ppp
@localhost
!ppp
*.* /var/log/ppp.log
My main reason for wanting this is to enable the redundant
logging. If I were to do smth like this on two machines
with the current syslog:
#@localhost
....
*.err,*.crit,*.emerg @other-guy
#@other-guy
*.* /var/log/other-guy
I'd get the endless bouncing of the messages (well, may
be, limited by the "Last message repeated..." thing, but
still not too good).
>How-To-Repeat:
>Fix:
You may wish to contact me for the LATEST patches, but the
ones below work for me already... I have NOT tested them
extensively, but changes are modeled closely after the
!prog handling by Peter da Silva.
--- syslogd.c.orig Mon Jan 4 05:20:47 1999
+++ syslogd.c Sun Apr 11 14:06:56 1999
@@ -69,6 +69,7 @@
* by Peter da Silva.
* -u and -v by Harlan Stenn.
* Priority comparison code by Harlan Stenn.
+ * Extension to log by the source hostname by Mikhail Teterin
*/
#define MAXLINE 1024 /* maximum line length */
@@ -105,6 +106,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <fnmatch.h>
#include <sysexits.h>
#include <unistd.h>
#include <utmp.h>
@@ -172,6 +174,7 @@
int f_prevlen; /* length of f_prevline */
int f_prevcount; /* repetition cnt of prevline */
int f_repeatcount; /* number of "repeated" msgs */
+ char *f_hostpattern; /* only log from this hosts */
};
/*
@@ -269,7 +272,7 @@
/* 0=no, 1=numeric, 2=names */
int allowaddr __P((char *));
-void cfline __P((char *, struct filed *, char *));
+void cfline __P((char *, struct filed *, char *, char *));
char *cvthname __P((struct sockaddr_in *));
void deadq_enter __P((pid_t));
int decode __P((const char *, CODE *));
@@ -667,7 +670,7 @@
/* extract program name */
for(i = 0; i < NAME_MAX; i++) {
- if(!isalnum(msg[i]))
+ if(!isprint(msg[i]))
break;
prog[i] = msg[i];
}
@@ -708,6 +711,12 @@
if (f->f_type == F_CONSOLE && (flags & IGN_CONS))
continue;
+ /* skip messages from wrong hosts if this file cares */
+ if(f->f_hostpattern)
+ if(fnmatch(f->f_hostpattern,
+ from, FNM_CASEFOLD) == FNM_NOMATCH)
+ continue;
+
/* don't output marks to recently written files */
if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2)
continue;
@@ -1203,7 +1212,7 @@
struct filed *f, *next, **nextp;
char *p;
char cline[LINE_MAX];
- char prog[NAME_MAX+1];
+ char prog[NAME_MAX+1], host[MAXHOSTNAMELEN+1];
dprintf("init\n");
@@ -1232,6 +1241,7 @@
}
next = f->f_next;
if(f->f_program) free(f->f_program);
+ if(f->f_hostpattern) free(f->f_hostpattern);
free((char *)f);
}
Files = NULL;
@@ -1241,9 +1251,9 @@
if ((cf = fopen(ConfFile, "r")) == NULL) {
dprintf("cannot open %s\n", ConfFile);
*nextp = (struct filed *)calloc(1, sizeof(*f));
- cfline("*.ERR\t/dev/console", *nextp, "*");
+ cfline("*.ERR\t/dev/console", *nextp, "*", "*");
(*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f));
- cfline("*.PANIC\t*", (*nextp)->f_next, "*");
+ cfline("*.PANIC\t*", (*nextp)->f_next, "*", "*");
Initialized = 1;
return;
}
@@ -1265,22 +1275,34 @@
continue;
if(*p == '#') {
p++;
- if(*p!='!')
+ if(*p!='!' && *p!='@')
continue;
}
- if(*p=='!') {
+ if(*p=='!' || *p=='@') {
+ char *dp; /* destination pointer */
+ unsigned limit;
p++;
while(isspace(*p)) p++;
- if((!*p) || (*p == '*')) {
+ if(*p=='!') {
+ dp = prog;
+ limit = NAME_MAX;
+ } else {
+ dp = host;
+ limit = MAXHOSTNAMELEN;
+ /* reset the program pattern */;
strcpy(prog, "*");
+ }
+ /* Allow empty ! or @ lines: */
+ if(!*p) {
+ strcpy(dp, "*");
continue;
}
- for(i = 0; i < NAME_MAX; i++) {
- if(!isalnum(p[i]))
+ for(i = 0; i < limit; i++) {
+ if(!isprint(p[i]))
break;
- prog[i] = p[i];
+ dp[i] = p[i];
}
- prog[i] = 0;
+ dp[i] = 0;
continue;
}
for (p = strchr(cline, '\0'); isspace(*--p);)
@@ -1289,7 +1311,7 @@
f = (struct filed *)calloc(1, sizeof(*f));
*nextp = f;
nextp = &f->f_next;
- cfline(cline, f, prog);
+ cfline(cline, f, prog, host);
}
/* close the configuration file */
@@ -1331,6 +1353,9 @@
if(f->f_program) {
printf(" (%s)", f->f_program);
}
+ if(f->f_hostpattern) {
+ printf(" (@%s)", f->f_hostpattern);
+ }
printf("\n");
}
}
@@ -1343,32 +1368,44 @@
* Crack a configuration file line
*/
void
-cfline(line, f, prog)
+cfline(line, f, prog, host)
char *line;
struct filed *f;
- char *prog;
+ char *prog, *host;
{
struct hostent *hp;
int i, pri;
char *bp, *p, *q;
char buf[MAXLINE], ebuf[100];
- dprintf("cfline(\"%s\", f, \"%s\")\n", line, prog);
+ dprintf("cfline(\"%s\", f, \"%s\", \"%s\")\n", line, prog, host);
errno = 0; /* keep strerror() stuff out of logerror messages */
/* clear out file entry */
- memset(f, 0, sizeof(*f));
+ bzero(f, sizeof(*f));
for (i = 0; i <= LOG_NFACILITIES; i++)
f->f_pmask[i] = INTERNAL_NOPRI;
/* save program name if any */
- if(prog && *prog=='*') prog = NULL;
- if(prog) {
+ if(prog && *prog!='*') {
f->f_program = calloc(1, strlen(prog)+1);
- if(f->f_program) {
+ if(f->f_program)
strcpy(f->f_program, prog);
- }
+ else
+ logerror("Can not allocate memory for program name");
+ }
+
+ /* save the hostpattern if any */
+ if(host) {
+ /* special case: */
+ if(strcmp(host, "localhost") == 0)
+ host = LocalHostName;
+ f->f_hostpattern = calloc(1, strlen(host)+1);
+ if(f->f_hostpattern)
+ strcpy(f->f_hostpattern, host);
+ else
+ logerror("Can not allocate memory for host pattern");
}
/* scan through the list of selectors */
--- syslog.conf.5.orig Sat Dec 5 05:18:52 1998
+++ syslog.conf.5 Sun Apr 11 14:01:02 1999
@@ -137,6 +137,24 @@
.Pp
Each block of lines is separated from the previous block by a tag. The tag
is a line beginning with
+.Em #@hostpattern
+or
+.Em @hostpattern
+(the former is for compatibility with the previous syslogd, if one is sharing
+syslog.conf files, for example)
+and each block will be associated with calls to syslog from the hosts that
+match that (glob-style -- see fnmatch(3)) pattern. This is done to make
+it easier to log messages from different hosts to different destinations
+on the logserver host(s).
+.Pp
+The
+.Em hostpattern
+is usually absolute, but may also be "localhost", in which case the block
+will refer to the machine running this instance of syslogd, whatever its
+absolute hostname is.
+.Pp
+Each block of lines can be further split into subblocks by a tag of the
+following shape:
.Em #!prog
or
.Em !prog
@@ -146,6 +164,9 @@
program. A tag for ``foo'' will also match any message logged by the kernel
with the prefix ``foo: ''.
.Pp
+You have to repeat the program-specific subblocks for consequtive blocks,
+since starting a new hostpattern-specific block resets the program name
+to *.
See
.Xr syslog 3
for a further descriptions of both the
@@ -168,6 +189,8 @@
.Em (or a higher level) ,
and the first word in the message after the date matches the
.Em program ,
+and the message comes from the host that matches the
+.Em hostpattern ,
the action specified in the
.Em action
field will be taken.
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904111825.OAA64438>