$post['objecttype'], "objectname"=>$post['objectname'], "objectparameters"=>$post['objectparameters']); if(empty($objects)) { $objects = $new_object; } else { $objects = syslogng_merge_objects($objects, $new_object); } if($errors = syslogng_test_object_syntax($objects)) $input_errors[] = "Syslog-ng syntax test failed:\n" . $errors; } function syslogng_install_cron($should_install) { global $config, $g; if($g['booting']==true) return; if(!$config['cron']['item']) return; $x=0; $rotate_job_id=-1; $rotate_is_installed = false; foreach($config['cron']['item'] as $item) { if(strstr($item['task_name'], "syslogng_rotate_logs")) { $rotate_job_id = $x; } $x++; } $need_write = false; switch($should_install) { case true: if($rotate_job_id < 0) { $cron_item = array(); $cron_item['task_name'] = "syslogng_rotate_logs"; $cron_item['minute'] = "0"; $cron_item['hour'] = "*"; $cron_item['mday'] = "*"; $cron_item['month'] = "*"; $cron_item['wday'] = "*"; $cron_item['who'] = "root"; $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/logrotate /usr/local/etc/logrotate.conf"; $config['cron']['item'][] = $cron_item; $need_write = true; } if($need_write) { parse_config(true); write_config("Adding syslog-ng Cron Jobs"); } break; case false: if($rotate_job_id >= 0) { unset($config['cron']['item'][$rotate_job_id]); $need_write = true; } if($need_write) { parse_config(true); write_config("Removing syslog-ng Cron Jobs"); } break; } configure_cron(); } function syslogng_build_default_objects($settings) { $default_objects = array(); $interfaces = $settings['interfaces']; $default_protocol = $settings['default_protocol']; $default_port = $settings['default_port']; $default_logdir = $settings['default_logdir']; $default_logfile = $settings['default_logfile']; $default_objects[0] = array("objecttype"=>"source", "objectname"=>"_DEFAULT", "objectparameters"=>"{ internal(); syslog(transport($default_protocol) port($default_port)"); foreach (explode(",", $interfaces) as $interface) { $interface_address = syslogng_get_real_interface_address($interface); if($interface_address[0]) { $default_objects[0]['objectparameters'] .= " ip({$interface_address[0]})"; } } $default_objects[0]['objectparameters'] .= "); };"; $default_objects[0]['objectparameters'] = base64_encode($default_objects[0]['objectparameters']); $default_objects[1] = array("objecttype"=>"destination", "objectname"=>"_DEFAULT", "objectparameters"=>"{ file(\"$default_logdir/$default_logfile\"); };"); $default_objects[1]['objectparameters'] = base64_encode($default_objects[1]['objectparameters']); $default_objects[2] = array("objecttype"=>"log", "objectname"=>"_DEFAULT", "objectparameters"=>"{ source(_DEFAULT); destination(_DEFAULT); };"); $default_objects[2]['objectparameters'] = base64_encode($default_objects[2]['objectparameters']); return $default_objects; } function syslogng_merge_objects($objects1, $objects2) { foreach($objects2 as $object2) { $match = 0; foreach($objects1 as &$object1) { if(($object2['objecttype'] == $object1['objecttype']) && ($object2['objectname'] == $object1['objectname'])) { $object1 = $object2; $match = 1; } } if($match == 0) array_push($objects1, $object2); } return $objects1; } function syslogng_test_object_syntax($objects) { exec("mv /usr/local/etc/syslog-ng.conf /usr/local/etc/syslog-ng.conf.backup"); syslogng_build_conf($objects); $errors = trim(shell_exec('/usr/local/sbin/syslog-ng --syntax-only 2>&1')); exec("mv /usr/local/etc/syslog-ng.conf /usr/local/etc/syslog-ng.conf.tested"); exec("mv /usr/local/etc/syslog-ng.conf.backup /usr/local/etc/syslog-ng.conf"); return $errors; } function syslogng_get_log_files($objects) { $log_files = array(); foreach($objects as $object) { if($object['objecttype'] == 'destination') { preg_match("/\bfile\b\(['\"]([^'\"]*)['\"]/", base64_decode($object['objectparameters']), $match); if($match) { $log_file = $match[1]; array_push($log_files, $log_file); } } } return $log_files; } function syslogng_build_conf($objects) { $conf = "# This file is automatically generated by pfSense\n"; $conf .= "# Do not edit manually !\n"; $conf .= "@version:3.6\n"; foreach($objects as $object) { if($object['objecttype'] == 'log' || $object['objecttype'] == 'options') { $conf .= $object['objecttype'] . " " . base64_decode($object['objectparameters']) . "\n"; } else { $conf .= $object['objecttype'] . " " . $object['objectname'] . " " . base64_decode($object['objectparameters']) . "\n"; } } file_put_contents('/usr/local/etc/syslog-ng.conf', $conf); } function syslogng_build_logrotate_conf($settings, $objects) { $conf = "# This file is automatically generated by pfSense\n"; $conf .= "# Do not edit manually !\n"; $compress_archives = $settings['compress_archives']; $compress_type = $settings['compress_type']; $archive_frequency = $settings['archive_frequency']; $max_archives = $settings['max_archives']; $log_files = syslogng_get_log_files($objects); foreach($log_files as $log_file) { $conf .= "$log_file "; } $conf .= "{\n"; $conf .= "\trotate $max_archives\n"; $conf .= "\t$archive_frequency\n"; if($compress_archives == 'on') { $conf .= "\tcompress\n"; if($compress_type == 'bz2') { $conf .= "\tcompresscmd bzip2\n"; } } $conf .= "\tpostrotate\n"; $conf .= "\t\tkill -s HUP `cat /var/run/syslog-ng.pid`\n"; $conf .= "\tendscript\n"; $conf .= "}\n"; file_put_contents('/usr/local/etc/logrotate.conf', $conf); } function syslogng_generate_rules($type) { global $config; $settings = $config['installedpackages']['syslogng']['config'][0]; $interfaces = ($settings['interfaces'] ? $settings['interfaces'] : 'lan'); $default_protocol = ($settings['default_protocol'] ? $settings['default_protocol'] : 'udp'); $default_port = ($settings['default_port'] ? $settings['default_port'] : 5140); $rules = ""; switch($type) { case 'rule': foreach ($interfaces as $interface) { $rules .= "pass in quick on $interface proto $default_protocol from any to !($interface) port $default_port no state label\n"; } break; } return $rules; } function syslogng_resync() { global $config; conf_mount_rw(); $settings = $config['installedpackages']['syslogng']['config'][0]; $objects = $config['installedpackages']['syslogngadvanced']['config']; if(!isset($settings['enable'])) $settings['enable'] = 'off'; if(!isset($settings['interfaces'])) $settings['interfaces'] = 'lan'; if(!isset($settings['default_protocol'])) $settings['default_protocol'] = 'udp'; if(!isset($settings['default_port'])) $settings['default_port'] = 5140; if(!isset($settings['default_logdir'])) $settings['default_logdir'] = '/var/syslog-ng'; if(!isset($settings['default_logfile'])) $settings['default_logfile'] = 'default.log'; if(!isset($settings['archive_frequency'])) $settings['archive_frequency'] = 'daily'; if(!isset($settings['compress_archives'])) $settings['compress_archives'] = 'on'; if(!isset($settings['compress_type'])) $settings['compress_type'] = 'gz'; if(!isset($settings['max_archives'])) $settings['max_archives'] = 30; $default_objects = syslogng_build_default_objects($settings); if(empty($objects)) { $objects = $default_objects; } else { $objects = syslogng_merge_objects($objects, $default_objects); } $sort = array(); foreach($objects as $k=>$v) { $sort['objecttype'][$k] = $v['objecttype']; $sort['objectname'][$k] = $v['objectname']; } array_multisort($sort['objecttype'], SORT_ASC, $sort['objectname'], SORT_ASC, $objects); syslogng_build_conf($objects); syslogng_build_logrotate_conf($settings, $objects); $config['installedpackages']['syslogng']['config'][0] = $settings; $config['installedpackages']['syslogngadvanced']['config'] = $objects; if($settings['enable'] == 'on') { if(!file_exists($settings['default_logdir'])) { exec("mkdir -p " . $settings['default_logdir']); } syslogng_write_rcfile(); if(!is_service_running('syslog-ng')) { log_error("Starting syslog-ng"); exec("/usr/local/etc/rc.d/syslog-ng.sh start"); } else { log_error("Reloading syslog-ng for configuration sync"); exec("/usr/local/etc/rc.d/syslog-ng.sh restart"); } // Sleep for a couple seconds to give syslog-ng a chance to fire up fully. for ($i=0; $i < 10; $i++) { if(!is_service_running('syslog-ng')) sleep(1); } } else { if(is_service_running('syslog-ng')) { log_error("Stopping syslog-ng"); exec("/usr/local/etc/rc.d/syslog-ng.sh stop"); unlink_if_exists("/usr/local/etc/rc.d/syslog-ng.sh"); } } write_config(); conf_mount_ro(); filter_configure(); } function syslogng_write_rcfile() { $rc = array(); $pid_file = "/var/run/syslog-ng.pid"; $rc['file'] = 'syslog-ng.sh'; $rc['start'] = <</dev/null fi # Just in case pid file didn't exist or process is still running... sleep 5 killall -9 syslog-ng 2>/dev/null EOD; $rc['restart'] = <</dev/null else killall -9 syslog-ng 2>/dev/null /usr/local/sbin/syslog-ng -p {$pid_file} fi EOD; conf_mount_rw(); write_rcfile($rc); } ?>