Updates and enhancements to logging functions. Now log_msg writes only to stderr when running in foreground. Default log facility is LOG_DAEMON. Config file options of ENABLE_PACP_PROMISC, HOSTNAME, SYSLOG_IDENTITY, and SYSLOG_FACILITY are processed.

git-svn-id: file:///home/mbr/svn/fwknop/trunk@150 510a4753-2344-4c79-9c09-4d669213fbeb

server/config_init.c

@@ -111,18 +111,18 @@ parse_config_file(fko_srv_options_t *opts, char *config_file)
     */
     if(stat(config_file, &st) != 0)
     {
-        fprintf(stderr,
-            "** WARNING - Config file: '%s' was not found.\n",
-            config_file
-        );
+        fprintf(stderr, "[*] Config file: '%s' was not found.\n",
+            config_file);
 
-        return;
+        exit(EXIT_FAILURE);
     }
 
     if ((cfile_ptr = fopen(config_file, "r")) == NULL)
     {
         fprintf(stderr, "[*] Could not open config file: %s\n",
-                config_file);
+            config_file);
+        perror(NULL);
+
         exit(EXIT_FAILURE);
     }
 
@@ -197,6 +197,12 @@ parse_config_file(fko_srv_options_t *opts, char *config_file)
 static void
 validate_options(fko_srv_options_t *opts)
 {
+    /* If a HOSTNAME was specified in the config file, set the opts->hostname
+     * value to it.
+    */
+    if(opts->config[CONF_HOSTNAME] != NULL && opts->config[CONF_HOSTNAME][0] != '\0')
+        strlcpy(opts->hostname, opts->config[CONF_HOSTNAME], MAX_HOSTNAME_LEN);
+
     /* Some options just trigger some output of information, or trigger an
      * external function, but do not actually start fwknopd.  If any of those
      * are set, we can return here an skip the validation routines as all
@@ -237,6 +243,15 @@ config_init(fko_srv_options_t *opts, int argc, char **argv)
     */
     memset(opts, 0x00, sizeof(fko_srv_options_t));
 
+    /* First, set any default or otherwise static settings here.  Some may
+     * end up being overwritten vail config file or command-line.
+    */
+    /* Default Hostname (or unknown if gethostname cannot tell us).
+    */
+    if(gethostname(opts->hostname, MAX_HOSTNAME_LEN-1) < 0)
+        strcpy(opts->hostname, "UNKNOWN");
+
+
     /* First, scan the command-line args for an alternate configuration
      * file.  If we find it, use it, otherwise use the default.
      * We also grab any override config files as well.
@@ -414,6 +429,12 @@ dump_config(fko_srv_options_t *opts)
             config_map[i],
             (opts->config[i] == NULL) ? "<not set>" : opts->config[i]
         );
+
+    fprintf(stderr, "\n");
+
+    fprintf(stderr, "Hostname is set to '%s'.\n", opts->hostname);
+
+    fprintf(stderr, "\n");
 }
 
 /* Print usage message...

server/fwknopd.c

@@ -110,9 +110,32 @@ main(int argc, char **argv)
     }
 
     /* If foreground mode is not set, the fork off and become a daemon.
+     * Otherwise, attempt to get the pid fiel lock and go on.
     */
     if(opts.foreground == 0)
+    {
         daemonize_process(&opts);
+    }
+    else
+    {
+        old_pid = write_pid_file(&opts);
+        if(old_pid > 0)
+        {
+            fprintf(stderr,
+                "* An instance of fwknopd is already running: (PID=%i).\n", old_pid
+            );
+
+            exit(EXIT_FAILURE);
+        }
+        else if(old_pid < 0)
+        {
+            fprintf(stderr, "* PID file error. The lock may not be effective.\n");
+        }
+    }
+
+    /* Initialize logging.
+    */
+    init_logging(&opts);
 
     log_msg(LOG_INFO, "Starting %s", MY_NAME);
 

server/fwknopd.conf

@@ -20,9 +20,10 @@
 #
 EMAIL_ADDRESSES             root@localhost;
 
-# Machine hostname.
+# Machine hostname. If not set, fwknopd will use gethostname() to try
+# to get the local hostname.
 #
-HOSTNAME                    _CHANGEME_;
+#HOSTNAME                    _CHANGEME_;
 
 # Define the firewall type.  The default is "iptables" for Linux systems,
 # but this can be set to "ipfw" for *BSD systems.  Also supported is
@@ -46,9 +47,10 @@ AUTH_MODE                   PCAP;
 #
 PCAP_INTF                   eth0;
 
-# Define whether put the pcap interface in promiscuous mode.
+# By default fwknopd puts the pcap interface into promiscuous mode. Set
+# this to 'N' to disable that behavior (non-promiscuous).
 #
-ENABLE_PCAP_PROMISC         Y;
+#ENABLE_PCAP_PROMISC         N;
 
 # Define the filter used for PCAP modes; we default to udp port 62201.
 # However, if an fwknop client uses the --rand-port option to send the
@@ -241,14 +243,12 @@ LOCALE                      C;
 #
 SYSLOG_DAEMON               syslogd;
 
-# syslog facility and priority (the defaults are usually ok)
-# The SYSLOG_FACILITY variable can be set to one of LOG_LOCAL{0-7}, and
-# SYSLOG_PRIORITY can be set to one of LOG_INFO, LOG_DEBUG, LOG_NOTICE,
-# LOG_WARNING, LOG_ERR, LOG_CRIT, LOG_ALERT, or LOG_EMERG
+# syslog identity and facility (the defaults are usually ok)
+# The SYSLOG_FACILITY variable can be set to one of LOG_LOCAL{0-7}
+# or LOG_DAEMON (the default).
 #
-SYSLOG_IDENTITY             fwknopd;
-SYSLOG_FACILITY             LOG_LOCAL7;
-SYSLOG_PRIORITY             LOG_INFO;
+#SYSLOG_IDENTITY             fwknopd;
+#SYSLOG_FACILITY             LOG_DAEMON;
 
 # Allow reporting methods to be enabled/restricted.  This keyword can
 # accept values of "nosyslog" (don't write any messages to syslog),

server/fwknopd_common.h

@@ -54,6 +54,7 @@
 #define MAX_PCAP_FILTER_LEN 1024
 #define MAX_IFNAME_LEN      128
 #define MAX_SPA_PACKET_LEN  1500 /* --DSS check this? */
+#define MAX_HOSTNAME_LEN    64
 
 /* Data collection modes
 */
@@ -111,7 +112,6 @@ enum {
     CONF_SYSLOG_DAEMON,
     CONF_SYSLOG_IDENTITY,
     CONF_SYSLOG_FACILITY,
-    CONF_SYSLOG_PRIORITY,
     CONF_ALERTING_METHODS,
     CONF_IPT_CMD_ALARM,
     CONF_IPT_EXEC_STYLE,
@@ -195,7 +195,6 @@ static char *config_map[NUMBER_OF_CONFIG_ENTRIES] = {
     "SYSLOG_DAEMON",
     "SYSLOG_IDENTITY",
     "SYSLOG_FACILITY",
-    "SYSLOG_PRIORITY",
     "ALERTING_METHODS",
     "IPT_CMD_ALARM",
     "IPT_EXEC_STYLE",
@@ -253,6 +252,10 @@ typedef struct fko_srv_options
     */
     char           *config[NUMBER_OF_CONFIG_ENTRIES];
 
+    /* Misc
+    */
+    char            hostname[MAX_HOSTNAME_LEN];
+
 } fko_srv_options_t;
 
 extern fko_srv_options_t options;

server/log_msg.c

@@ -27,12 +27,110 @@
 #include "fwknopd_common.h"
 #include "log_msg.h"
 
-void log_msg(int level, char* msg, ...)
+/* The default log facility (can be overridden via config file directive).
+*/
+static int  syslog_fac      = LOG_DAEMON;
+
+/* This value is or'ed with the log level on all logging calls. This allows
+ * for force log to stderr instead of syslog simply be setting this to the
+ * appropriate value (which is done at init_logging().
+*/
+static int  static_log_flag = 0;
+
+/* The name to use for ID in log messages.  This defaults to fwknopd.
+*/
+static char *log_name = NULL;
+
+/* Initialize logging sets the name used for syslog.
+*/
+void
+init_logging(fko_srv_options_t *opts) {
+    char                   *my_name = NULL;
+    static unsigned char    linit   = 0;
+
+    /* Do nothing but silently return if we have already been called.
+    */
+    if(linit++)
+        return;
+ 
+    /* Allocate memory for the log_name and set the my_name to point
+     * to the appropriate name. If the name is set in the config file,
+     * use it.  Otherwise, fallback to the default of 'fwknop'.
+    */
+    if(opts->config[CONF_SYSLOG_IDENTITY] != NULL
+      && opts->config[CONF_SYSLOG_IDENTITY][0] != '\0')
+    {
+        my_name  = opts->config[CONF_SYSLOG_IDENTITY];
+        log_name = malloc(strlen(opts->config[CONF_SYSLOG_IDENTITY])+1);
+    }
+    else
+    {
+        my_name  = (char*)&MY_NAME;
+        log_name = malloc(strlen(MY_NAME)+1);
+    }
+
+    if(log_name == NULL)
+    {
+        fprintf(stderr, "Memory allocation error setting log_name!\n");
+        exit(EXIT_FAILURE);
+    }
+
+    /* Set our name.
+    */
+    strcpy(log_name, my_name);
+
+    /* If we are running in the foreground, all logging will go to stderr.
+    */
+    if(opts->foreground != 0)
+        static_log_flag = LOG_STDERR | LOG_STDERR_ONLY;
+
+    /* If a log facility was specified in the config file, parse it and
+     * use it.
+    */
+    if(opts->config[CONF_SYSLOG_FACILITY] != NULL
+      && opts->config[CONF_SYSLOG_FACILITY][0] != '\0')
+    {
+        if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_DAEMON"))
+            syslog_fac = LOG_DAEMON;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL0"))
+            syslog_fac = LOG_LOCAL0;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL1"))
+            syslog_fac = LOG_LOCAL1;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL2"))
+            syslog_fac = LOG_LOCAL2;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL3"))
+            syslog_fac = LOG_LOCAL3;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL4"))
+            syslog_fac = LOG_LOCAL4;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL5"))
+            syslog_fac = LOG_LOCAL5;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL6"))
+            syslog_fac = LOG_LOCAL6;
+        else if(!strcasecmp(opts->config[CONF_SYSLOG_FACILITY], "LOG_LOCAL7"))
+            syslog_fac = LOG_LOCAL7;
+    }
+}
+
+/* Set the log facility value.
+*/
+void
+set_log_facility(int fac)
+{
+    syslog_fac = fac;
+}
+
+/* Syslog message function.  It uses default set at intialization, and also
+ * takes variable args to accomodate printf-like formatting and expansion.
+*/
+void
+log_msg(int level, char* msg, ...)
 {
     va_list ap, apse;
 
     va_start(ap, msg);
 
+    level |= static_log_flag;
+
     /* Print msg to stderr if the level was or'ed with LOG_STDERR
     */
     if(LOG_STDERR & level)
@@ -57,7 +155,7 @@ void log_msg(int level, char* msg, ...)
 
     /* Send the message to syslog.
     */
-    openlog(MY_NAME, LOG_PID, LOG_DAEMON);
+    openlog(log_name, LOG_PID, syslog_fac);
 
     vsyslog(level, msg, ap);
 

server/log_msg.h

@@ -38,6 +38,8 @@
 #define LOG_STDERR_ONLY 0x3000
 #define LOG_STDERR_MASK 0x0FFF
 
+void init_logging(fko_srv_options_t *opts);
+void set_log_facility(int fac);
 void log_msg(int, char*, ...);
 
 #endif /* LOG_MSG_H */

server/pcap_capture.c

@@ -41,12 +41,21 @@ pcap_capture(fko_srv_options_t *opts)
     char                errstr[PCAP_ERRBUF_SIZE] = {0};
     struct bpf_program  fp;
 
-    int                 res, pcap_errcnt = 0;;
+    int                 res, pcap_errcnt = 0;
+
+    int                 promisc = 1;
+
+    /* Set non-promiscuous mode only of the ENABLE_PCAP_POROMISC is
+     * explicitly set to 'N'.
+    */
+    if(opts->config[CONF_ENABLE_PCAP_PROMISC] != NULL
+      && opts->config[CONF_ENABLE_PCAP_PROMISC][0] == 'N')
+        promisc = 0;
 
     pcap = pcap_open_live(
         opts->config[CONF_PCAP_INTF],
         atoi(opts->config[CONF_MAX_SNIFF_BYTES]),
-        1, 500, errstr
+        promisc, 500, errstr
     );
 
     if(pcap == NULL)
@@ -68,7 +77,8 @@ pcap_capture(fko_srv_options_t *opts)
 
     /* Set pcap filters, if any. 
     */
-    if (opts->config[CONF_PCAP_FILTER][0] != '\0')
+    if (opts->config[CONF_PCAP_FILTER] != NULL
+      && opts->config[CONF_PCAP_FILTER][0] != '\0')
     {
         if(pcap_compile(pcap, &fp, opts->config[CONF_PCAP_FILTER], 1, 0) == -1)
         {
@@ -138,7 +148,7 @@ pcap_capture(fko_srv_options_t *opts)
                 pcap_geterr(pcap)
             );
 
-            if(pcap_errcnt++ > 100) /* --DSS XXX: Shoudl do this better */
+            if(pcap_errcnt++ > MAX_PCAP_ERRORS_BEFORE_BAIL)
             {
                 fprintf(stderr, "[*] %i consecutive pcap errors.  Giving up\n",
                     pcap_errcnt

server/pcap_capture.h

@@ -26,6 +26,11 @@
 #ifndef PCAP_CAPTURE_H
 #define PCAP_CAPTURE_H
 
+/* How many consecutive pcap capture errors will we allow
+ * before giving up and bailing out.
+*/
+#define MAX_PCAP_ERRORS_BEFORE_BAIL 100
+
 /* Prototypes
 */
 int pcap_capture(fko_srv_options_t *opts);