From d6992db2b79b2fd49707e5b0c23eb62421368f52 Mon Sep 17 00:00:00 2001 From: zsdc Date: Mon, 17 Aug 2020 17:51:14 +0300 Subject: Syslog: T2332: Added port to syslog server options Backported changes from equuleus to add port into syslog server options. --- interface-definitions/syslog.xml | 31 +++++++++++----- src/conf_mode/syslog.py | 79 +++++++++++++++++++++++----------------- 2 files changed, 67 insertions(+), 43 deletions(-) diff --git a/interface-definitions/syslog.xml b/interface-definitions/syslog.xml index 1b119bfcc..e462412d9 100644 --- a/interface-definitions/syslog.xml +++ b/interface-definitions/syslog.xml @@ -10,9 +10,9 @@ - Logging to specific user's terminal + Logging to specific terminal of given user - ^[a-z_][a-z0-9_-]{1,31}[$]? + [a-z_][a-z0-9_-]{1,31}[$]? illegal characters in user @@ -184,7 +184,7 @@ - Invalid host FQDN or IP address + Invalid host (FQDN or IP address) ipv4 Remote syslog server IPv4 address @@ -195,6 +195,19 @@ + + + Destination port + + 1-65535 + Destination port + + + + + Invalid destination port value + + Facility for logging @@ -308,7 +321,7 @@ tcp - send log messages to remote syslog server over tdp + send log messages to remote syslog server over tcp udp tcp @@ -385,7 +398,7 @@ Number of saved files (default is 5) - ^[0-9]+ + [0-9]+ illegal characters in number of files @@ -394,7 +407,7 @@ Size of log files (in kbytes, default is 256) - ^[0-9]+ + [0-9]+ illegal characters in size @@ -582,7 +595,7 @@ Logging to a file - ^[a-zA-Z0-9\-_.]{1,255} + [a-zA-Z0-9\-_.]{1,255} illegal characters in filename or filename longer than 255 characters @@ -596,7 +609,7 @@ Number of saved files (default is 5) - ^[0-9]+ + [0-9]+ illegal characters in number of files @@ -605,7 +618,7 @@ Size of log files (in kbytes, default is 256) - ^[0-9]+ + [0-9]+ illegal characters in size diff --git a/src/conf_mode/syslog.py b/src/conf_mode/syslog.py index c4f3d2c9c..b3876164c 100755 --- a/src/conf_mode/syslog.py +++ b/src/conf_mode/syslog.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018 VyOS maintainers and contributors +# Copyright (C) 2018-2020 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -13,13 +13,12 @@ # # You should have received a copy of the GNU General Public License # along with this program. If not, see . -# -# -import sys + import os import re import jinja2 +from sys import exit from vyos.config import Config from vyos import ConfigError @@ -53,10 +52,18 @@ $outchannel {{file}},{{files[file]['log-file']}},{{files[file]['max-size']}},{{f ## remote logging {% for host in hosts %} {% if hosts[host]['proto'] == 'tcp' %} +{% if hosts[host]['port'] %} +{{hosts[host]['selectors']}} @@{{host}}:{{hosts[host]['port']}} +{% else %} {{hosts[host]['selectors']}} @@{{host}} +{% endif %} +{% else %} +{% if hosts[host]['port'] %} +{{hosts[host]['selectors']}} @{{host}}:{{hosts[host]['port']}} {% else %} {{hosts[host]['selectors']}} @{{host}} {% endif %} +{% endif %} {% endfor %} {% endif %} {% if user %} @@ -177,13 +184,14 @@ def get_config(): # set system syslog host if c.exists('host'): - proto = 'udp' rhosts = c.list_nodes('host') for rhost in rhosts: for fac in c.list_nodes('host ' + rhost + ' facility'): if c.exists('host ' + rhost + ' facility ' + fac + ' protocol'): proto = c.return_value( 'host ' + rhost + ' facility ' + fac + ' protocol') + else: + proto = 'udp' config_data['hosts'].update( { @@ -193,6 +201,9 @@ def get_config(): } } ) + if c.exists('host ' + rhost + ' port'): + config_data['hosts'][rhost][ + 'port'] = c.return_value('host ' + rhost + ' port') # set system syslog user if c.exists('user'): @@ -213,32 +224,31 @@ def generate_selectors(c, config_node): # protocols and security are being mapped here # for backward compatibility with old configs # security and protocol mappings can be removed later - if c.is_tag(config_node): - nodes = c.list_nodes(config_node) - selectors = "" - for node in nodes: - lvl = c.return_value(config_node + ' ' + node + ' level') - if lvl == None: - lvl = "err" - if lvl == 'all': - lvl = '*' - if node == 'all' and node != nodes[-1]: - selectors += "*." + lvl + ";" - elif node == 'all': - selectors += "*." + lvl - elif node != nodes[-1]: - if node == 'protocols': - node = 'local7' - if node == 'security': - node = 'auth' - selectors += node + "." + lvl + ";" - else: - if node == 'protocols': - node = 'local7' - if node == 'security': - node = 'auth' - selectors += node + "." + lvl - return selectors + nodes = c.list_nodes(config_node) + selectors = "" + for node in nodes: + lvl = c.return_value(config_node + ' ' + node + ' level') + if lvl == None: + lvl = "err" + if lvl == 'all': + lvl = '*' + if node == 'all' and node != nodes[-1]: + selectors += "*." + lvl + ";" + elif node == 'all': + selectors += "*." + lvl + elif node != nodes[-1]: + if node == 'protocols': + node = 'local7' + if node == 'security': + node = 'auth' + selectors += node + "." + lvl + ";" + else: + if node == 'protocols': + node = 'local7' + if node == 'security': + node = 'auth' + selectors += node + "." + lvl + return selectors def generate(c): @@ -261,7 +271,8 @@ def generate(c): def verify(c): if c == None: return None - # + + # may be obsolete # /etc/rsyslog.conf is generated somewhere and copied over the original (exists in /opt/vyatta/etc/rsyslog.conf) # it interferes with the global logging, to make sure we are using a single base, template is enforced here # @@ -273,6 +284,7 @@ def verify(c): # /var/log/vyos-rsyslog were the old files, we may want to clean those up, but currently there # is a chance that someone still needs it, so I don't automatically remove # them + # if c == None: return None @@ -289,7 +301,6 @@ def verify(c): for s in c[conf][item]['selectors'].split(";"): f = re.sub("\..*$", "", s) if f not in fac: - print (c[conf]) raise ConfigError( 'Invalid facility ' + s + ' set in ' + conf + ' ' + item) l = re.sub("^.+\.", "", s) @@ -317,4 +328,4 @@ if __name__ == '__main__': apply(c) except ConfigError as e: print(e) - sys.exit(1) + exit(1) -- cgit v1.2.3