#!/bin/bash CFG=/boot/config/rsyslog.conf ETC=/etc/rsyslog.conf USB=/boot/config/rsyslog.local LOG=/etc/logrotate.d/rsyslog.local # read settings source /boot/config/rsyslog.cfg # read $var source /var/local/emhttp/var.ini [[ $fsState == Started ]] || h='#' # create local ruleset if ! grep -q '^\$RuleSet local$' $ETC; then sed -ri '/^# Include all config files in/a$RuleSet local' $ETC sed -ri '/^#?\*\.\* @@?.*:[0-9]+$/a$DefaultRuleset local' $ETC fi # local syslog server if [[ -n $local_server ]]; then if ! grep -q '^\$RuleSet remote$' $ETC; then sed -ri '$a\$RuleSet remote\n\$FileOwner nobody\n\$FileGroup users\n$FileCreateMode 0666\n\$IncludeConfig /etc/rsyslog.d/*.conf # remote\n*.* ?remote' $ETC fi # enable/disable local logging sed -ri "s/^#?(\*\.\* \?remote)$/$h\1/" $ETC if [[ $server_protocol == tcp || $server_protocol == both ]]; then sed -ri '/^\$InputTCPServerBindRuleset remote$/d;/^\$InputTCPServerRun [0-9]+$/d;s/^#?(\$ModLoad imtcp)/\1/' $ETC sed -ri "\$a\\\$InputTCPServerBindRuleset remote\n\\\$InputTCPServerRun ${server_port:-514}" $ETC [[ $server_protocol == tcp ]] && sed -ri 's/^(\$ModLoad imudp)/#\1/;/^\$InputUDPServerBindRuleset remote$/d;/^\$UDPServerRun [0-9]+$/d' $ETC fi if [[ $server_protocol == udp || $server_protocol == both ]]; then sed -ri '/^\$InputUDPServerBindRuleset remote$/d;/^\$UDPServerRun [0-9]+$/d;s/^#?(\$ModLoad imudp)/\1/' $ETC sed -ri "\$a\\\$InputUDPServerBindRuleset remote\n\\\$UDPServerRun ${server_port:-514}" $ETC [[ $server_protocol == udp ]] && sed -ri 's/^(\$ModLoad imtcp)/#\1/;/^\$InputTCPServerBindRuleset remote$/d;/^\$InputTCPServerRun [0-9]+$/d' $ETC fi sed -ri "/^\\\$template remote,.*$/d;/^#\\\$UDPServerRun [0-9]+.*$/a\\\$template remote,\"${server_folder:-/mnt/user/system}/syslog-%FROMHOST-IP%.log\"" $ETC else sed -ri '/^\$RuleSet remote$/d;/^\$FileOwner nobody$/d;/^\$FileGroup users$/d;/^\$FileCreateMode 06[46][46]$/d;/^\$IncludeConfig \/etc\/rsyslog\.d\/\*\.conf # remote$/d;/^\*\.\* \?remote$/d;/^\$template remote,".*"$/d;/^\$Input(TCP|UDP)ServerBindRuleset remote$/d;/^\$(InputTCP|UDP)ServerRun [0-9]+$/d;s/^#?\$(ModLoad imtcp|ModLoad imudp)/#\$\1/' $ETC fi # remote syslog server if [[ -n $remote_server ]]; then [[ $remote_protocol == udp ]] && com='@' || com='@@' sed -ri "s/^#?(\*\.\*) @@?.*:[0-9]+$/\1 $com$remote_server:${remote_port:-514}/" $ETC else sed -ri 's/^#?(\*\.\* @@?.*:[0-9]+)$/#\1/' $ETC fi # mirror syslog to flash if [[ -n $syslog_flash ]]; then if ! grep -q '^\$template flash,' $ETC; then sed -ri '/^#\$UDPServerRun [0-9]+.*$/a$template flash,"/boot/logs/syslog"' $ETC sed -ri '/^\*\.debug .*syslog$/a*.debug ?flash' $ETC fi else sed -ri '/^\$template flash,"\/boot\/logs\/syslog"$/d;/^\*\.debug \?flash/d' $ETC fi # copy conf to flash (read settings on reboot) todos <$ETC >$CFG # keep local logging disabled at startup # disk mount and disk unmount events are used to start/stop logging sed -ri 's/^(\*\.\* \?remote)/#\1/' $CFG # update syslog rotation if [[ -n $local_server ]]; then if [[ -n $log_rotation ]]; then cat <<- EOF > $LOG $server_folder/*.log { su nobody users missingok create 0666 nobody users size $log_size rotate $log_files sharedscripts postrotate /bin/kill -HUP \$(cat /var/run/rsyslogd.pid 2>/dev/null) 2>/dev/null || true endscript } EOF chmod 644 $LOG # keep copy on flash cp -f $LOG $USB else # clean up rm -f $LOG $USB fi fi # update syslog daemon /etc/rc.d/rc.rsyslogd restart &> /dev/null