diff options
| author | Daniil Baturin <daniil.baturin@vyatta.com> | 2011-12-08 21:27:51 +0700 |
|---|---|---|
| committer | Daniil Baturin <daniil.baturin@vyatta.com> | 2011-12-08 21:27:51 +0700 |
| commit | abb2ff29469d4b05fde36654ed6d5f584867183f (patch) | |
| tree | 3d4d3627785b7554c27ffb494db23156c212a2d2 | |
| parent | 48368cf6bd0678e25313f7259f80e0a82a688706 (diff) | |
| download | vyatta-nat-abb2ff29469d4b05fde36654ed6d5f584867183f.tar.gz vyatta-nat-abb2ff29469d4b05fde36654ed6d5f584867183f.zip | |
Update log prefixes to match new design spec.
| -rw-r--r-- | lib/Vyatta/DstNatRule.pm | 4 | ||||
| -rw-r--r-- | lib/Vyatta/NatRuleCommon.pm | 6 | ||||
| -rw-r--r-- | lib/Vyatta/SrcNatRule.pm | 5 |
3 files changed, 11 insertions, 4 deletions
diff --git a/lib/Vyatta/DstNatRule.pm b/lib/Vyatta/DstNatRule.pm index c0b9b01..764eed5 100644 --- a/lib/Vyatta/DstNatRule.pm +++ b/lib/Vyatta/DstNatRule.pm @@ -136,6 +136,7 @@ sub rule_str { my $can_use_port = 1; my $jump_target = ''; my $jump_param = ''; + my $log_modifier = ''; my $use_netmap = 0; my $tcp_and_udp = 0; @@ -149,6 +150,7 @@ sub rule_str { if ($self->{_exclude}) { $jump_target = 'RETURN'; + $log_modifier = 'EXCL'; } else { $jump_target = 'DNAT'; } @@ -290,7 +292,7 @@ sub rule_str { $rule_str .= "$src_str $dst_str" . " -m comment --comment " . $comment; if ("$self->{_log}" eq "enable") { my $rule_num = $self->{_rule_number}; - my $log_prefix = get_log_prefix($rule_num, $jump_target, $type); + my $log_prefix = get_log_prefix($rule_num, $type, $log_modifier); if ($tcp_and_udp == 1) { my $tcp_log_rule = $rule_str; $tcp_log_rule .= " -j LOG --log-prefix \"$log_prefix\" "; diff --git a/lib/Vyatta/NatRuleCommon.pm b/lib/Vyatta/NatRuleCommon.pm index a6311d3..afde084 100644 --- a/lib/Vyatta/NatRuleCommon.pm +++ b/lib/Vyatta/NatRuleCommon.pm @@ -57,13 +57,15 @@ sub get_num_ipt_rules { } sub get_log_prefix { - my ($rule_num, $jump_target, $type) = @_; + my ($rule_num, $type, $modifier) = @_; # In iptables it allows a 29 character log_prefix, but we ideally # want to include "[nat-$type-$num-$target] " # 4 4 4 7 = 19 # so no truncation is needed. - my $log_prefix = "[NAT-$type-$rule_num-$jump_target] "; + my $log_prefix = "[NAT-$type-$rule_num"; + $log_prefix .= "-$modifier" if $modifier; + $log_prefix .= "] "; return $log_prefix; } diff --git a/lib/Vyatta/SrcNatRule.pm b/lib/Vyatta/SrcNatRule.pm index 8579eba..bdfe199 100644 --- a/lib/Vyatta/SrcNatRule.pm +++ b/lib/Vyatta/SrcNatRule.pm @@ -142,6 +142,7 @@ sub rule_str { my $can_use_port = 1; my $jump_target = ''; my $jump_param = ''; + my $log_modifier = ''; my $use_netmap = 0; my $tcp_and_udp = 0; @@ -154,8 +155,10 @@ sub rule_str { if ($self->{_exclude}) { $jump_target = 'RETURN'; + $log_modifier = 'EXCL'; } elsif (defined($self->{_is_masq})) { $jump_target = 'MASQUERADE'; + $log_modifier = 'MASQ'; } else { $jump_target = 'SNAT'; } @@ -324,7 +327,7 @@ sub rule_str { $rule_str .= " $src_str $dst_str" . " -m comment --comment " . $comment; if ("$self->{_log}" eq "enable") { my $rule_num = $self->{_rule_number}; - my $log_prefix = get_log_prefix($rule_num, $jump_target, $type); + my $log_prefix = get_log_prefix($rule_num, $type, $log_modifier); if ($tcp_and_udp == 1) { my $tcp_log_rule = $rule_str; $tcp_log_rule .= " -j LOG --log-prefix \"$log_prefix\" "; |