From owner-freebsd-bugs  Sun Apr 11 16: 5:22 1999
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 46A5517A9D
	for <freebsd-bugs@FreeBSD.org>; Sun, 11 Apr 1999 15:52:17 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.2/8.9.2) id PAA23447;
	Sun, 11 Apr 1999 15:50:01 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from kot.ne.mediaone.net (kot.ne.mediaone.net [24.218.12.203])
	by hub.freebsd.org (Postfix) with ESMTP id 93D6516C07
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 11 Apr 1999 15:45:32 -0700 (PDT)
	(envelope-from mi@aldan.algebra.com)
Received: from rtfm.newton (rtfm [10.10.0.1])
	by kot.ne.mediaone.net (8.9.1a/8.9.1) with ESMTP id OAA00782
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 11 Apr 1999 14:25:42 -0400 (EDT)
Received: (from mi@localhost)
	by rtfm.newton (8.9.2/8.9.1) id OAA64438;
	Sun, 11 Apr 1999 14:25:55 -0400 (EDT)
Message-Id: <199904111825.OAA64438@rtfm.newton>
Date: Sun, 11 Apr 1999 14:25:55 -0400 (EDT)
From: Mikhail Teterin <mi@aldan.algebra.com>
Reply-To: mi@aldan.algebra.com
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.2
Subject: bin/11085: Per-host configuration for syslog.conf
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         11085
>Category:       bin
>Synopsis:       Per-host configuration for syslog.conf
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 11 15:50:01 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator:     Mikhail Teterin
>Release:        FreeBSD 3.1-STABLE i386
>Organization:
Virtual Estates, Inc.
>Environment:

>Description:

	Currently, there is not easy way to discriminate logging
	based on the originating host. Messages are logged based
	on "facility", "priority", and, optionally, on the program's
	"name".

	The patches below allow to log based on the hostname of the
	message's origin:

	*.err;kern.debug;auth.notice;mail.crit          /dev/console
	@yuranus*
	*.emerg						/dev/console
	*.notice;kern.debug;lpr.info;mail.crit;news.err	/var/log/yuranus
	!ppp
	*.*						/var/log/yur-ppp
	@localhost
	!ppp
	*.*						/var/log/ppp.log

	My main reason for wanting this is to enable the redundant
	logging.  If I were to do smth like this on two machines
	with the current syslog:

	#@localhost
	....
	*.err,*.crit,*.emerg		@other-guy
	#@other-guy
	*.*				/var/log/other-guy

	I'd get the endless bouncing of the messages (well, may
	be, limited by the "Last message repeated..." thing, but
	still not too good).

>How-To-Repeat:

>Fix:
	You may wish to contact me for the LATEST patches, but the
	ones below work for me already... I have NOT tested them
	extensively, but changes are modeled closely after the
	!prog handling by Peter da Silva.

--- syslogd.c.orig	Mon Jan  4 05:20:47 1999
+++ syslogd.c	Sun Apr 11 14:06:56 1999
@@ -69,6 +69,7 @@
  *   by Peter da Silva.
  * -u and -v by Harlan Stenn.
  * Priority comparison code by Harlan Stenn.
+ * Extension to log by the source hostname by Mikhail Teterin
  */
 
 #define	MAXLINE		1024		/* maximum line length */
@@ -105,6 +106,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <fnmatch.h>
 #include <sysexits.h>
 #include <unistd.h>
 #include <utmp.h>
@@ -172,6 +174,7 @@
 	int	f_prevlen;			/* length of f_prevline */
 	int	f_prevcount;			/* repetition cnt of prevline */
 	int	f_repeatcount;			/* number of "repeated" msgs */
+	char	*f_hostpattern;			/* only log from this hosts */
 };
 
 /*
@@ -269,7 +272,7 @@
 				/* 0=no, 1=numeric, 2=names */
 
 int	allowaddr __P((char *));
-void	cfline __P((char *, struct filed *, char *));
+void	cfline __P((char *, struct filed *, char *, char *));
 char   *cvthname __P((struct sockaddr_in *));
 void	deadq_enter __P((pid_t));
 int	decode __P((const char *, CODE *));
@@ -667,7 +670,7 @@
 
 	/* extract program name */
 	for(i = 0; i < NAME_MAX; i++) {
-		if(!isalnum(msg[i]))
+		if(!isprint(msg[i]))
 			break;
 		prog[i] = msg[i];
 	}
@@ -708,6 +711,12 @@
 		if (f->f_type == F_CONSOLE && (flags & IGN_CONS))
 			continue;
 
+		/* skip messages from wrong hosts if this file cares */
+		if(f->f_hostpattern)
+			if(fnmatch(f->f_hostpattern,
+				from, FNM_CASEFOLD) == FNM_NOMATCH)
+				continue;
+
 		/* don't output marks to recently written files */
 		if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2)
 			continue;
@@ -1203,7 +1212,7 @@
 	struct filed *f, *next, **nextp;
 	char *p;
 	char cline[LINE_MAX];
- 	char prog[NAME_MAX+1];
+ 	char prog[NAME_MAX+1], host[MAXHOSTNAMELEN+1];
 
 	dprintf("init\n");
 
@@ -1232,6 +1241,7 @@
 		}
 		next = f->f_next;
 		if(f->f_program) free(f->f_program);
+		if(f->f_hostpattern) free(f->f_hostpattern);
 		free((char *)f);
 	}
 	Files = NULL;
@@ -1241,9 +1251,9 @@
 	if ((cf = fopen(ConfFile, "r")) == NULL) {
 		dprintf("cannot open %s\n", ConfFile);
 		*nextp = (struct filed *)calloc(1, sizeof(*f));
-		cfline("*.ERR\t/dev/console", *nextp, "*");
+		cfline("*.ERR\t/dev/console", *nextp, "*", "*");
 		(*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f));
-		cfline("*.PANIC\t*", (*nextp)->f_next, "*");
+		cfline("*.PANIC\t*", (*nextp)->f_next, "*", "*");
 		Initialized = 1;
 		return;
 	}
@@ -1265,22 +1275,34 @@
 			continue;
 		if(*p == '#') {
 			p++;
-			if(*p!='!')
+			if(*p!='!' && *p!='@')
 				continue;
 		}
-		if(*p=='!') {
+		if(*p=='!' || *p=='@') {
+			char *dp; /* destination pointer */
+			unsigned limit;
 			p++;
 			while(isspace(*p)) p++;
-			if((!*p) || (*p == '*')) {
+			if(*p=='!') {
+				dp = prog;
+				limit = NAME_MAX;
+			} else {
+				dp = host;
+				limit = MAXHOSTNAMELEN;
+				/* reset the program pattern */;
 				strcpy(prog, "*");
+			}
+			/* Allow empty ! or @ lines: */
+			if(!*p) {
+				strcpy(dp, "*");
 				continue;
 			}
-			for(i = 0; i < NAME_MAX; i++) {
-				if(!isalnum(p[i]))
+			for(i = 0; i < limit; i++) {
+				if(!isprint(p[i]))
 					break;
-				prog[i] = p[i];
+				dp[i] = p[i];
 			}
-			prog[i] = 0;
+			dp[i] = 0;
 			continue;
 		}
 		for (p = strchr(cline, '\0'); isspace(*--p);)
@@ -1289,7 +1311,7 @@
 		f = (struct filed *)calloc(1, sizeof(*f));
 		*nextp = f;
 		nextp = &f->f_next;
-		cfline(cline, f, prog);
+		cfline(cline, f, prog, host);
 	}
 
 	/* close the configuration file */
@@ -1331,6 +1353,9 @@
 			if(f->f_program) {
 				printf(" (%s)", f->f_program);
 			}
+			if(f->f_hostpattern) {
+				printf(" (@%s)", f->f_hostpattern);
+			}
 			printf("\n");
 		}
 	}
@@ -1343,32 +1368,44 @@
  * Crack a configuration file line
  */
 void
-cfline(line, f, prog)
+cfline(line, f, prog, host)
 	char *line;
 	struct filed *f;
-	char *prog;
+	char *prog, *host;
 {
 	struct hostent *hp;
 	int i, pri;
 	char *bp, *p, *q;
 	char buf[MAXLINE], ebuf[100];
 
-	dprintf("cfline(\"%s\", f, \"%s\")\n", line, prog);
+	dprintf("cfline(\"%s\", f, \"%s\", \"%s\")\n", line, prog, host);
 
 	errno = 0;	/* keep strerror() stuff out of logerror messages */
 
 	/* clear out file entry */
-	memset(f, 0, sizeof(*f));
+	bzero(f, sizeof(*f));
 	for (i = 0; i <= LOG_NFACILITIES; i++)
 		f->f_pmask[i] = INTERNAL_NOPRI;
 
 	/* save program name if any */
-	if(prog && *prog=='*') prog = NULL;
-	if(prog) {
+	if(prog && *prog!='*') {
 		f->f_program = calloc(1, strlen(prog)+1);
-		if(f->f_program) {
+		if(f->f_program)
 			strcpy(f->f_program, prog);
-		}
+		else
+			logerror("Can not allocate memory for program name");
+	}
+
+	/* save the hostpattern if any */
+	if(host) {
+		/* special case: */
+		if(strcmp(host, "localhost") == 0)
+			host = LocalHostName;
+		f->f_hostpattern = calloc(1, strlen(host)+1);
+		if(f->f_hostpattern)
+			strcpy(f->f_hostpattern, host);
+		else
+			logerror("Can not allocate memory for host pattern");
 	}
 
 	/* scan through the list of selectors */
--- syslog.conf.5.orig	Sat Dec  5 05:18:52 1998
+++ syslog.conf.5	Sun Apr 11 14:01:02 1999
@@ -137,6 +137,24 @@
 .Pp
 Each block of lines is separated from the previous block by a tag. The tag
 is a line beginning with
+.Em #@hostpattern
+or
+.Em @hostpattern
+(the former is for compatibility with the previous syslogd, if one is sharing
+syslog.conf files, for example)
+and each block will be associated with calls to syslog from the hosts that
+match that (glob-style -- see fnmatch(3)) pattern. This is done to make
+it easier to log messages from different hosts to different destinations
+on the logserver host(s).
+.Pp
+The
+.Em hostpattern
+is usually absolute, but may also be "localhost", in which case the block
+will refer to the machine running this instance of syslogd, whatever its
+absolute hostname is.
+.Pp
+Each block of lines can be further split into subblocks by a tag of the
+following shape:
 .Em #!prog
 or
 .Em !prog
@@ -146,6 +164,9 @@
 program. A tag for ``foo'' will also match any message logged by the kernel
 with the prefix ``foo: ''.
 .Pp
+You have to repeat the program-specific subblocks for consequtive blocks,
+since starting a new hostpattern-specific block resets the program name
+to *.
 See
 .Xr syslog 3
 for a further descriptions of both the
@@ -168,6 +189,8 @@
 .Em (or a higher level) ,
 and the first word in the message after the date matches the
 .Em program ,
+and the message comes from the host that matches the
+.Em hostpattern ,
 the action specified in the
 .Em action
 field will be taken.

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message