#! /bin/sh #------------------------------------------------------------------------------ # /etc/rc.d/rc325.metalog - configure and start metalog __FLI4LVER__ # # Creation: 2006-04-29 abe # Last Update: $Id$ #------------------------------------------------------------------------------ case $OPT_METALOG in yes) begin_script METALOG "starting metalog ..." # touch files for compatibility reason: # imond, telmond and ip-up are looking for them > /etc/rc.d/rc325.syslogd > /etc/rc.d/rc330.klogd > /etc/syslog.conf cat <<-EOF >> /etc/services syslog 514/udp EOF metalog_conf="/etc/metalog.conf" metalog_dir=`echo $METALOG_DIR | sed -e 's#/$##'` [ ! -d $metalog_dir ] && mkdir -p $metalog_dir echo $metalog_dir > /var/run/metalog.dir if [ ! -f $metalog_conf ] # already existing? then # yes, don't overwrite cat <<-EOF > $metalog_conf #--------------------------------------------------------------------- # /etc/metalog.conf # Automatically created by rc325.metalog #--------------------------------------------------------------------- maxsize = $METALOG_MAXSIZE maxtime = $METALOG_MAXTIME maxfiles = $METALOG_MAXFILES Everything important : facility = "*" minimum = 6 logdir = "$metalog_dir/everything" Everything very important : facility = "*" minimum = 1 logdir = "$metalog_dir/critical" Password failures : regex = "(password|login|authentication)\s+(fail|invalid)" regex = "(failed|invalid)\s+(password|login|authentication)" regex = "ILLEGAL ROOT LOGIN" logdir = "$metalog_dir/pwdfail" # command = "/usr/local/sbin/mail_pwd_failures.sh" Pipe caller numbers to telmond via script: regex = "isdn_net" command = "/usr/sbin/pipe2telmond.sh" Kernel messages : facility = "kern" logdir = "$metalog_dir/kernel" break = 1 Crond : facility = "cron" logdir = "$metalog_dir/cron" break = 1 SSH Server : program = "dropbear" logdir = "$metalog_dir/sshd" break = 1 Ppp : program_regex = "^ppp" logdir = "$metalog_dir/ppp" break = 1 OPENVPN Connects : program_regex = "^openvpn" logdir = "$metalog_dir/openvpn" break = 1 PPTP Connects: program = "pptpd" logdir = "$metalog_dir/pptp" break = 1 DHCP Server: program_regex = "dnsmasq|dhcp" regex = "DHCP" logdir = "$metalog_dir/dhcp" break = 1 DNS Server: program = "dnsmasq" logdir = "$metalog_dir/dns" break = 1 Imond: program = "imond" logdir = "$metalog_dir/imond" break = 1 NTP Server: program_regex = "chrony|ntpd" logdir = "$metalog_dir/ntp" break = 1 Ident: program = "oidentd" logdir = "$metalog_dir/oidentd" break = 1 IP-Up events: program = "ip-up" logdir = "$metalog_dir/ip-up" break = 1 IP-Down events: program = "ip-down" logdir = "$metalog_dir/ip-down" break = 1 CPMVRMlog: program = "cpmvrmlog" logdir = "$metalog_dir/cpmvrmlog" break = 1 EOF fi metalog --sync --daemonize --configfile $metalog_conf sleep 1 # add menu entry for web-gui [ -f /srv/www/admin/log_metalog.cgi ] && httpd-menu.sh add -p 110 log_metalog.cgi '$_MP_syslog' '$_MT_log' logs end_script ;; esac