├── .gitattributes ├── logrotate.share ├── ntpd ├── ethernet ├── meshUDB ├── acsd ├── afpd ├── bsd ├── diversion ├── spdmerlin ├── syslogng ├── hostapd ├── wlceventd ├── logrotate ├── bcm63xx ├── crash ├── ioctl ├── roamast ├── jffs ├── messages ├── firewall ├── netdata ├── openvpn ├── pixelserv ├── suricata └── A00global ├── logrotate.d ├── syslogng ├── wlceventd ├── logrotate ├── messages └── A00global ├── syslog-ng.d ├── blankmsg ├── syslogng ├── logrotate └── wlceventd ├── syslog-ng.share ├── blankmsg ├── bsd ├── acsd ├── jffs ├── syslogng ├── hostapd ├── bcm63xx ├── spdmerlin ├── errormsg ├── diversion ├── roamast ├── ioctl ├── netdata ├── pixelserv ├── suricata ├── afpd ├── meshUDB ├── firewall ├── logrotate ├── wlceventd ├── skynet ├── openvpn ├── ethernet ├── crash ├── ntpd ├── A00remote ├── expandlog ├── README_REMOTE ├── syslog-ng.conf-scribe └── README.1ST ├── .gitignore ├── README.md ├── init.d └── rc.func.syslog-ng └── scribe /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text eol=lf 3 | *.md text=auto 4 | -------------------------------------------------------------------------------- /logrotate.share/ntpd: -------------------------------------------------------------------------------- 1 | /opt/var/log/ntp.log { 2 | postrotate 3 | /usr/bin/killall -HUP syslog-ng 4 | endscript 5 | } 6 | -------------------------------------------------------------------------------- /logrotate.d/syslogng: -------------------------------------------------------------------------------- 1 | /opt/var/log/syslog-ng.log { 2 | postrotate 3 | /usr/bin/killall -HUP syslog-ng 4 | endscript 5 | } 6 | -------------------------------------------------------------------------------- /logrotate.share/ethernet: -------------------------------------------------------------------------------- 1 | /opt/var/log/ethernet.log { 2 | postrotate 3 | /usr/bin/killall -HUP syslog-ng 4 | endscript 5 | } 6 | -------------------------------------------------------------------------------- /logrotate.share/meshUDB: -------------------------------------------------------------------------------- 1 | /opt/var/log/meshUDB.log { 2 | postrotate 3 | /usr/bin/killall -HUP syslog-ng 4 | endscript 5 | } 6 | -------------------------------------------------------------------------------- /logrotate.share/acsd: -------------------------------------------------------------------------------- 1 | /opt/var/log/acsd.log { 2 | rotate 2 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.share/afpd: -------------------------------------------------------------------------------- 1 | /opt/var/log/afpd.log { 2 | rotate 2 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.share/bsd: -------------------------------------------------------------------------------- 1 | /opt/var/log/bsd.log { 2 | rotate 2 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.share/diversion: -------------------------------------------------------------------------------- 1 | /opt/var/log/diversion.log { 2 | postrotate 3 | /usr/bin/killall -HUP syslog-ng 4 | endscript 5 | } 6 | -------------------------------------------------------------------------------- /logrotate.share/spdmerlin: -------------------------------------------------------------------------------- 1 | /opt/var/log/spdmerlin.log { 2 | postrotate 3 | /usr/bin/killall -HUP syslog-ng 4 | endscript 5 | } 6 | -------------------------------------------------------------------------------- /logrotate.share/syslogng: -------------------------------------------------------------------------------- 1 | /opt/var/log/syslog-ng.log { 2 | postrotate 3 | /usr/bin/killall -HUP syslog-ng 4 | endscript 5 | } 6 | -------------------------------------------------------------------------------- /logrotate.d/wlceventd: -------------------------------------------------------------------------------- 1 | /opt/var/log/wlceventd.log { 2 | rotate 4 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.share/hostapd: -------------------------------------------------------------------------------- 1 | /opt/var/log/hostapd.log { 2 | rotate 2 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.d/logrotate: -------------------------------------------------------------------------------- 1 | /opt/var/log/logrotate.log { 2 | minsize 256k 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.share/wlceventd: -------------------------------------------------------------------------------- 1 | /opt/var/log/wlceventd.log { 2 | rotate 4 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.share/logrotate: -------------------------------------------------------------------------------- 1 | /opt/var/log/logrotate.log { 2 | minsize 256k 3 | postrotate 4 | /usr/bin/killall -HUP syslog-ng 5 | endscript 6 | } 7 | -------------------------------------------------------------------------------- /logrotate.share/bcm63xx: -------------------------------------------------------------------------------- 1 | /opt/var/log/bcm63.log { 2 | monthly 3 | rotate 1 4 | postrotate 5 | /usr/bin/killall -HUP syslog-ng 6 | endscript 7 | } 8 | -------------------------------------------------------------------------------- /logrotate.share/crash: -------------------------------------------------------------------------------- 1 | /opt/var/log/crash.log { 2 | minsize 1024k 3 | daily 4 | postrotate 5 | /usr/bin/killall -HUP syslog-ng 6 | endscript 7 | } 8 | -------------------------------------------------------------------------------- /logrotate.share/ioctl: -------------------------------------------------------------------------------- 1 | /opt/var/log/ioctl.log { 2 | monthly 3 | rotate 1 4 | postrotate 5 | /usr/bin/killall -HUP syslog-ng 6 | endscript 7 | } 8 | -------------------------------------------------------------------------------- /logrotate.share/roamast: -------------------------------------------------------------------------------- 1 | /opt/var/log/roamast.log { 2 | daily 3 | rotate 7 4 | postrotate 5 | /usr/bin/killall -HUP syslog-ng 6 | endscript 7 | } 8 | -------------------------------------------------------------------------------- /logrotate.d/messages: -------------------------------------------------------------------------------- 1 | /opt/var/log/messages { 2 | minsize 1024k 3 | daily 4 | rotate 9 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /logrotate.share/jffs: -------------------------------------------------------------------------------- 1 | /opt/var/log/jffs.log { 2 | minsize 1024k 3 | daily 4 | rotate 1 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /logrotate.share/messages: -------------------------------------------------------------------------------- 1 | /opt/var/log/messages { 2 | minsize 1024k 3 | daily 4 | rotate 9 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /logrotate.share/firewall: -------------------------------------------------------------------------------- 1 | /opt/var/log/firewall.log { 2 | minsize 1024k 3 | daily 4 | rotate 9 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /logrotate.share/netdata: -------------------------------------------------------------------------------- 1 | /opt/var/log/netdata.log { 2 | minsize 1024k 3 | daily 4 | rotate 9 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /logrotate.share/openvpn: -------------------------------------------------------------------------------- 1 | /opt/var/log/openvpn.log { 2 | minsize 1024k 3 | daily 4 | rotate 9 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /logrotate.share/pixelserv: -------------------------------------------------------------------------------- 1 | /opt/var/log/pixelserv.log { 2 | minsize 1024K 3 | daily 4 | rotate 9 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /logrotate.share/suricata: -------------------------------------------------------------------------------- 1 | /opt/var/log/suricata.log { 2 | minsize 1024k 3 | daily 4 | rotate 9 5 | postrotate 6 | /usr/bin/killall -HUP syslog-ng 7 | endscript 8 | } 9 | -------------------------------------------------------------------------------- /syslog-ng.d/blankmsg: -------------------------------------------------------------------------------- 1 | # don't log empty messages from kernel 2 | 3 | filter f_blank { 4 | program("kernel") and 5 | message("^ *$"); 6 | }; 7 | 8 | log { 9 | source(src); 10 | filter(f_blank); 11 | flags(final); 12 | }; 13 | 14 | #eof 15 | -------------------------------------------------------------------------------- /syslog-ng.share/blankmsg: -------------------------------------------------------------------------------- 1 | # don't log empty messages from kernel 2 | 3 | filter f_blank { 4 | program("kernel") and 5 | message("^ *$"); 6 | }; 7 | 8 | log { 9 | source(src); 10 | filter(f_blank); 11 | flags(final); 12 | }; 13 | 14 | #eof 15 | -------------------------------------------------------------------------------- /syslog-ng.share/bsd: -------------------------------------------------------------------------------- 1 | # log bsd messages to /opt/var/log/bsd 2 | 3 | destination d_bsdbsd { 4 | file("/opt/var/log/bsd.log"); 5 | }; 6 | 7 | filter f_bsdbsd { 8 | program("bsd"); 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_bsdbsd); 14 | destination(d_bsdbsd); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/acsd: -------------------------------------------------------------------------------- 1 | # log all acsd logs to /opt/var/log/acsd.log and stop processing acsd logs 2 | 3 | destination d_acsd { 4 | file("/opt/var/log/acsd.log"); 5 | }; 6 | 7 | filter f_acsd { 8 | program("acsd"); 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_acsd); 14 | destination(d_acsd); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/jffs: -------------------------------------------------------------------------------- 1 | # log kernel messages about the jffs 2 | 3 | destination d_jffs { 4 | file("/opt/var/log/jffs.log"); 5 | }; 6 | 7 | filter f_jffs { 8 | program("kernel") and 9 | message("jffs2:"); 10 | }; 11 | 12 | log { 13 | source(src); 14 | filter(f_jffs); 15 | destination(d_jffs); 16 | flags(final); 17 | }; 18 | 19 | #eof 20 | -------------------------------------------------------------------------------- /syslog-ng.d/syslogng: -------------------------------------------------------------------------------- 1 | # put syslog-ng's logging stats into /opt/var/log/syslog-ng.log 2 | 3 | destination d_syslogng { 4 | file("/opt/var/log/syslog-ng.log"); 5 | }; 6 | 7 | filter f_syslogng { 8 | program("syslog-ng") 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_syslogng); 14 | destination(d_syslogng); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/syslogng: -------------------------------------------------------------------------------- 1 | # put syslog-ng's logging stats into /opt/var/log/syslog-ng.log 2 | 3 | destination d_syslogng { 4 | file("/opt/var/log/syslog-ng.log"); 5 | }; 6 | 7 | filter f_syslogng { 8 | program("syslog-ng") 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_syslogng); 14 | destination(d_syslogng); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/hostapd: -------------------------------------------------------------------------------- 1 | # log all hostapd logs to /opt/var/log/hostapd.log and stop processing hostapd logs 2 | 3 | destination d_hostapd { 4 | file("/opt/var/log/hostapd.log"); 5 | }; 6 | 7 | filter f_hostapd { 8 | program("hostapd"); 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_hostapd); 14 | destination(d_hostapd); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/bcm63xx: -------------------------------------------------------------------------------- 1 | # put messages with 'bcm63xx' into /opt/var/log/bcm63.log 2 | 3 | destination d_bcm63 { 4 | file("/opt/var/log/bcm63.log"); 5 | }; 6 | 7 | filter f_bcm63 { 8 | program("kernel") and 9 | message("bcm63xx"); 10 | }; 11 | 12 | log { 13 | source(src); 14 | filter(f_bcm63); 15 | destination(d_bcm63); 16 | flags(final); 17 | }; 18 | 19 | #eof 20 | -------------------------------------------------------------------------------- /syslog-ng.share/spdmerlin: -------------------------------------------------------------------------------- 1 | # put spdMerlin's speed test results into /opt/var/log/spdMerlin.log 2 | 3 | destination d_spdmerlin { 4 | file("/opt/var/log/spdmerlin.log"); 5 | }; 6 | 7 | filter f_spdmerlin { 8 | program("spdMerlin"); 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_spdmerlin); 14 | destination(d_spdmerlin); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/errormsg: -------------------------------------------------------------------------------- 1 | # log errors processing kernel log messages 2 | 3 | destination d_errmsg { 4 | file("/opt/var/log/error.log"); 5 | }; 6 | 7 | filter f_errmsg { 8 | program("kernel") and 9 | message("^Error processing log message:"); 10 | }; 11 | 12 | log { 13 | source(src); 14 | filter(f_errmsg); 15 | destination(d_errmsg); 16 | flags(final); 17 | }; 18 | 19 | #eof 20 | -------------------------------------------------------------------------------- /syslog-ng.share/diversion: -------------------------------------------------------------------------------- 1 | # log all diversion and uiDivStats logs to diversion.log 2 | 3 | destination d_diversion { 4 | file("/opt/var/log/diversion.log"); 5 | }; 6 | 7 | filter f_diversion { 8 | program("uiDivStats") or 9 | program("Diversion"); 10 | }; 11 | 12 | log { 13 | source(src); 14 | filter(f_diversion); 15 | destination(d_diversion); 16 | flags(final); 17 | }; 18 | 19 | #eof 20 | -------------------------------------------------------------------------------- /syslog-ng.share/roamast: -------------------------------------------------------------------------------- 1 | # log all roaming assistant logs to /opt/var/log/roamast.log and stop processing roaming assistant logs 2 | 3 | destination d_roamast { 4 | file("/opt/var/log/roamast.log"); 5 | }; 6 | 7 | filter f_roamast { 8 | program("roamast"); 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_roamast); 14 | destination(d_roamast); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/ioctl: -------------------------------------------------------------------------------- 1 | # put ioctl messages into /opt/var/log/ioctl.log 2 | # s/b mostly 'Recv ioctl req with op 2' 3 | 4 | destination d_ioctl { 5 | file("/opt/var/log/ioctl.log"); 6 | }; 7 | 8 | filter f_ioctl { 9 | program("kernel") and 10 | message("ioctl"); 11 | }; 12 | 13 | log { 14 | source(src); 15 | filter(f_ioctl); 16 | destination(d_ioctl); 17 | flags(final); 18 | }; 19 | 20 | #eof 21 | -------------------------------------------------------------------------------- /syslog-ng.share/netdata: -------------------------------------------------------------------------------- 1 | # Created by SNBForums user @ttgapers 2 | # log all netdata logs to netdata.log 3 | 4 | destination d_netdata { 5 | file("/opt/var/log/netdata.log"); 6 | }; 7 | 8 | filter f_netdata { 9 | program("S60netdata") or 10 | program("netdata"); 11 | }; 12 | 13 | log { 14 | source(src); 15 | filter(f_netdata); 16 | destination(d_netdata); 17 | flags(final); 18 | }; 19 | 20 | #eof 21 | -------------------------------------------------------------------------------- /syslog-ng.share/pixelserv: -------------------------------------------------------------------------------- 1 | # log all pixelserv-tls logs to /opt/var/log/pixelserv.log and stop processing pixelserv-tls logs 2 | 3 | destination d_pixelserv { 4 | file("/opt/var/log/pixelserv.log"); 5 | }; 6 | 7 | filter f_pixelserv { 8 | program("pixelserv-tls"); 9 | }; 10 | 11 | log { 12 | source(src); 13 | filter(f_pixelserv); 14 | destination(d_pixelserv); 15 | flags(final); 16 | }; 17 | 18 | #eof 19 | -------------------------------------------------------------------------------- /syslog-ng.share/suricata: -------------------------------------------------------------------------------- 1 | # Created by SNBForums user @ttgapers 2 | # log all suricata logs to suricata.log 3 | 4 | destination d_suricata { 5 | file("/opt/var/log/suricata.log"); 6 | }; 7 | 8 | filter f_suricata { 9 | program("S82suricata") or 10 | program("suricata"); 11 | }; 12 | 13 | log { 14 | source(src); 15 | filter(f_suricata); 16 | destination(d_suricata); 17 | flags(final); 18 | }; 19 | 20 | #eof 21 | -------------------------------------------------------------------------------- /logrotate.d/A00global: -------------------------------------------------------------------------------- 1 | # global variable overrides from /opt/etc/logrotate.conf 2 | 3 | # if multiple logs run the same postrotate script, only run it once 4 | sharedscripts 5 | 6 | # compress, but not first rotation due to file handling 7 | compress 8 | delaycompress 9 | 10 | # large logs make webui unresponsive with uiScribe 11 | maxsize 4096k 12 | 13 | # no error is log file is missing 14 | missingok 15 | 16 | # don't rotate an empty logfile 17 | notifempty 18 | -------------------------------------------------------------------------------- /logrotate.share/A00global: -------------------------------------------------------------------------------- 1 | # global variable overrides from /opt/etc/logrotate.conf 2 | 3 | # if multiple logs run the same postrotate script, only run it once 4 | sharedscripts 5 | 6 | # compress, but not first rotation due to file handling 7 | compress 8 | delaycompress 9 | 10 | # large logs make webui unresponsive with uiScribe 11 | maxsize 4096k 12 | 13 | # no error is log file is missing 14 | missingok 15 | 16 | # don't rotate an empty logfile 17 | notifempty 18 | -------------------------------------------------------------------------------- /syslog-ng.share/afpd: -------------------------------------------------------------------------------- 1 | # log Apple Time Machine messages to /opt/var/log/afpd.log 2 | # afpd = Apple Filing Protocal daemon 3 | # cnid_dbd = Catalog Node ID database daemon 4 | 5 | destination d_afpd { 6 | file("/opt/var/log/afpd.log"); 7 | }; 8 | 9 | filter f_afpd { 10 | program("afpd") or 11 | program("cnid_dbd"); 12 | }; 13 | 14 | log { 15 | source(src); 16 | filter(f_afpd); 17 | destination(d_afpd); 18 | flags(final); 19 | }; 20 | 21 | #eof 22 | -------------------------------------------------------------------------------- /syslog-ng.share/meshUDB: -------------------------------------------------------------------------------- 1 | # log AiMesh error messages to /opt/var/log/meshUDB 2 | # certain devices don't play nice with mesh routers; log gets spammed 3 | 4 | destination d_meshUDB { 5 | file("/opt/var/log/meshUDB.log"); 6 | }; 7 | 8 | filter f_meshUDB { 9 | message("not mesh client") or 10 | message("exist in UDB"); 11 | }; 12 | 13 | log { 14 | source(src); 15 | filter(f_meshUDB); 16 | destination(d_meshUDB); 17 | flags(final); 18 | }; 19 | 20 | #eof 21 | -------------------------------------------------------------------------------- /syslog-ng.share/firewall: -------------------------------------------------------------------------------- 1 | # this filter is NOT compatible with the Skynet filter! 2 | destination d_firewall { 3 | file("/opt/var/log/firewall.log"); 4 | }; 5 | 6 | # log messages from firewall 7 | filter f_firewall { 8 | message("ACCEPT IN=") or 9 | message("DROP IN="); 10 | }; 11 | 12 | # final flag stops processing of messages matching the f_firewall filter 13 | # only look to kernel for messages 14 | log { 15 | source(src); 16 | filter(f_firewall); 17 | destination(d_firewall); 18 | flags(final); 19 | }; 20 | 21 | #eof 22 | -------------------------------------------------------------------------------- /syslog-ng.d/logrotate: -------------------------------------------------------------------------------- 1 | # gather logrotate logs together for unified log 2 | 3 | destination d_logrotate { 4 | file("/opt/var/log/logrotate.log"); 5 | }; 6 | 7 | source s_lr_status { 8 | file("/var/lib/logrotate.status" program-override("logrotate") flags(no-parse)); 9 | }; 10 | 11 | source s_lr_daily { 12 | file("/opt/tmp/logrotate.daily" program-override("logrotate") flags(no-parse)); 13 | }; 14 | 15 | log { 16 | source(s_lr_status); 17 | source(s_lr_daily); 18 | destination(d_logrotate); 19 | flags(final); 20 | }; 21 | 22 | #eof 23 | -------------------------------------------------------------------------------- /syslog-ng.share/logrotate: -------------------------------------------------------------------------------- 1 | # gather logrotate logs together for unified log 2 | 3 | destination d_logrotate { 4 | file("/opt/var/log/logrotate.log"); 5 | }; 6 | 7 | source s_lr_status { 8 | file("/var/lib/logrotate.status" program-override("logrotate") flags(no-parse)); 9 | }; 10 | 11 | source s_lr_daily { 12 | file("/opt/tmp/logrotate.daily" program-override("logrotate") flags(no-parse)); 13 | }; 14 | 15 | log { 16 | source(s_lr_status); 17 | source(s_lr_daily); 18 | destination(d_logrotate); 19 | flags(final); 20 | }; 21 | 22 | #eof 23 | -------------------------------------------------------------------------------- /syslog-ng.d/wlceventd: -------------------------------------------------------------------------------- 1 | # put wlceventd Assoc/ReAssoc/Disassoc messages into /opt/var/log/wlceventd.log 2 | 3 | destination d_wlceventd { 4 | file("/opt/var/log/wlceventd.log"); 5 | }; 6 | 7 | filter f_wlceventd { 8 | ( ( program("WLCEVENTD") or 9 | program("wlceventd") ) and 10 | ( message("ssoc") or 11 | message("uth") ) ) or 12 | ( program("syslog") and 13 | message("wlceventd") ); 14 | }; 15 | 16 | log { 17 | source(src); 18 | filter(f_wlceventd); 19 | destination(d_wlceventd); 20 | flags(final); 21 | }; 22 | 23 | #eof 24 | -------------------------------------------------------------------------------- /syslog-ng.share/wlceventd: -------------------------------------------------------------------------------- 1 | # put wlceventd Assoc/ReAssoc/Disassoc messages into /opt/var/log/wlceventd.log 2 | 3 | destination d_wlceventd { 4 | file("/opt/var/log/wlceventd.log"); 5 | }; 6 | 7 | filter f_wlceventd { 8 | ( ( program("WLCEVENTD") or 9 | program("wlceventd") ) and 10 | ( message("ssoc") or 11 | message("uth") ) ) or 12 | ( program("syslog") and 13 | message("wlceventd") ); 14 | }; 15 | 16 | log { 17 | source(src); 18 | filter(f_wlceventd); 19 | destination(d_wlceventd); 20 | flags(final); 21 | }; 22 | 23 | #eof 24 | -------------------------------------------------------------------------------- /syslog-ng.share/skynet: -------------------------------------------------------------------------------- 1 | # this MUST BE the file configured in Skynet as the syslog.log location 2 | # DO NOT use /tmp/syslog.log or /opt/var/log/messages here! 3 | destination d_skynet { 4 | file("/opt/var/log/skynet-0.log"); 5 | }; 6 | 7 | # logs everything from Skynet to /opt/var/log/skynet-0.log 8 | filter f_skynet { 9 | program("Skynet") or 10 | message("BLOCKED -") or 11 | message("DROP IN="); 12 | }; 13 | 14 | # final flag stops processing of messages matching the f_skynet filter 15 | log { 16 | source(src); 17 | filter(f_skynet); 18 | destination(d_skynet); 19 | flags(final); 20 | }; 21 | 22 | #eof 23 | -------------------------------------------------------------------------------- /syslog-ng.share/openvpn: -------------------------------------------------------------------------------- 1 | # log all openvpn server and client logs into one file - /opt/var/log/openvpn.log and stop processing openvpn logs 2 | 3 | destination d_openvpn { 4 | file("/opt/var/log/openvpn.log"); 5 | }; 6 | 7 | filter f_openvpn { 8 | program("ovpn-server1") or 9 | program("ovpn-server2") or 10 | program("ovpn-client1") or 11 | program("ovpn-client2") or 12 | program("ovpn-client3") or 13 | program("ovpn-client4") or 14 | program("ovpn-client5") or 15 | program("openvpn-routing"); 16 | }; 17 | 18 | log { 19 | source(src); 20 | filter(f_openvpn); 21 | destination(d_openvpn); 22 | flags(final); 23 | }; 24 | 25 | #eof 26 | -------------------------------------------------------------------------------- /syslog-ng.share/ethernet: -------------------------------------------------------------------------------- 1 | # log ethernet change to /opt/var/log/ethernet.log only 2 | 3 | destination d_ethernet { 4 | file("/opt/var/log/ethernet.log"); 5 | }; 6 | 7 | filter f_kernel { 8 | program("kernel"); 9 | }; 10 | 11 | filter f_ethernet { 12 | message("eth1") or 13 | message("eth2") or 14 | message("eth3") or 15 | message("eth4") or 16 | message("eth5") or 17 | message("eth6") or 18 | message("eth7") or 19 | message("eth8") or 20 | message("br0:") or 21 | message("br1:"); 22 | }; 23 | 24 | log { 25 | source(src); 26 | filter(f_kernel); 27 | filter(f_ethernet); 28 | destination(d_ethernet); 29 | flags(final); 30 | }; 31 | 32 | #eof 33 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Swap 2 | [._]*.s[a-v][a-z] 3 | [._]*.sw[a-p] 4 | [._]s[a-rt-v][a-z] 5 | [._]ss[a-gi-z] 6 | [._]sw[a-p] 7 | 8 | # Session 9 | Session.vim 10 | 11 | # Temporary 12 | .netrwhist 13 | *~ 14 | # Auto-generated tag files 15 | tags 16 | # Persistent undo 17 | [._]*.un~ 18 | 19 | # It's better to unpack these files and commit the raw source because 20 | # git has its own built in compression methods. 21 | *.7z 22 | *.jar 23 | *.rar 24 | *.zip 25 | *.gz 26 | *.tgz 27 | *.bzip 28 | *.bz2 29 | *.xz 30 | *.lzma 31 | *.cab 32 | 33 | # Packing-only formats 34 | *.iso 35 | *.tar 36 | 37 | # Package management formats 38 | *.dmg 39 | *.xpi 40 | *.gem 41 | *.egg 42 | *.deb 43 | *.rpm 44 | *.msi 45 | *.msix 46 | *.msm 47 | *.msp 48 | -------------------------------------------------------------------------------- /syslog-ng.share/crash: -------------------------------------------------------------------------------- 1 | # log dcd crash dump to /opt/var/log/crash.log only 2 | 3 | destination d_crash { 4 | file("/opt/var/log/crash.log"); 5 | }; 6 | 7 | filter f_crash { 8 | message("dcd") or 9 | message("v8A") or 10 | message("pgd = ") or 11 | message("\\[00000000\\]") or 12 | message("task: ") or 13 | message("PC is at") or 14 | message("LR is at") or 15 | message("pc :") or 16 | message("sp :") or 17 | message("x12:") or 18 | message("x11:") or 19 | message("x9 :") or 20 | message("x7 :") or 21 | message("x5 :") or 22 | message("x3 :") or 23 | message("x1 :"); 24 | }; 25 | 26 | log { 27 | source(src); 28 | filter(f_crash); 29 | destination(d_crash); 30 | flags(final); 31 | }; 32 | 33 | #eof 34 | -------------------------------------------------------------------------------- /syslog-ng.share/ntpd: -------------------------------------------------------------------------------- 1 | # put Entware's ntpd logging into /opt/var/log/ntp.log 2 | 3 | # Entware normally puts logs in spool subdirectory 4 | source s_ntpd { 5 | file("/opt/var/spool/ntp/ntp.log"); 6 | }; 7 | 8 | template t_ntpd { 9 | template("${DATE} ${HOST} $(substr \"${MESSAGE}\" \"13\")\n"); 10 | }; 11 | 12 | destination dt_ntpd { 13 | file("/opt/var/log/ntp.log" template(t_ntpd) persist-name("dt_ntpd")); 14 | }; 15 | 16 | log { 17 | source(s_ntpd); 18 | destination(dt_ntpd); 19 | flags(final); 20 | }; 21 | 22 | # redirect messages sent through logging facility 23 | # (ntpd startup and/or logfile not set in ntp.conf) 24 | filter f_ntpd { 25 | program("ntpd") or 26 | program("ntpMerlin"); 27 | }; 28 | 29 | destination d_ntpd { 30 | file("/opt/var/log/ntp.log" persist-name("d_ntpd")); 31 | }; 32 | 33 | log { 34 | source(src); 35 | filter(f_ntpd); 36 | destination(d_ntpd); 37 | flags(final); 38 | }; 39 | 40 | #eof 41 | -------------------------------------------------------------------------------- /syslog-ng.share/A00remote: -------------------------------------------------------------------------------- 1 | # send _ALL_ messages to a remote logging facility; it is recommended to set the remote log 2 | # server here instead of in syslog-ng.conf if you are using this method to keep all remote 3 | # information in one file - if you do set the log_server destination in syslog-ng.conf, 4 | # you will need to comment out the three lines here that define it 5 | # 6 | # it is strongly recommended to use IP addresess instead of hostnames for the destination 7 | # server, as logging will stall if the nameserver is unavailable 8 | # 9 | # the following definition will send messages to a remote syslog-ng server in RFC 3164 (BSD / legacy) format 10 | # RFC 3164 will be compatibile with a wider range of syslog servers 11 | 12 | destination log_server { udp("192.168.x.y" port(514)); }; 13 | 14 | # the alternate definition below will send messages to a remote server in RFC 5424 (IETF) format, 15 | # to use this format, comment out the above log_server definition and uncomment the one below 16 | # for this defintion, the default transport protocol is tcp, and the default port is 601 17 | # trasport protocal and port may be changed, and TLS encryption may be used; see the manual 18 | 19 | #destination log_server { syslog("10.1.2.3"); }; 20 | 21 | log { 22 | source(src); 23 | destination(log_server); 24 | }; 25 | 26 | # eof 27 | -------------------------------------------------------------------------------- /syslog-ng.share/expandlog: -------------------------------------------------------------------------------- 1 | # print a huge log telling everything about the incomming log 2 | 3 | template t_expandlog { 4 | template("================================================ 5 | PROGRAM=$PROGRAM# 6 | PID=$PID# 7 | BSDTAG=$BSDTAG# 8 | TAG=$TAG# 9 | TAGS=$TAGS# 10 | FACILITY=$FACILITY# 11 | FACILITY_NUM=$FACILITY_NUM# 12 | LEVEL=$LEVEL# 13 | LEVEL_NUM=$LEVEL_NUM# 14 | PRI=$PRI# 15 | PRIORITY=$PRIORITY# 16 | FULLHOST=$FULLHOST# 17 | FULLHOST_FROM=$FULLHOST_FROM# 18 | HOST=$HOST# 19 | HOST_FROM=$HOST_FROM# 20 | LOGHOST=$LOGHOST# 21 | MSGHDR=$MSGHDR# 22 | MSGID=$MSGID# 23 | MSGONLY=$MSGONLY# 24 | MSG=$MSG# 25 | MESSAGE=$MESSAGE# 26 | SOURCE=$SOURCE# 27 | SOURCEIP=$SOURCEIP# 28 | SOURCE_IP=$SOURCE_IP# 29 | SEQNUM=$SEQNUM# 30 | UNIXTIME=$UNIXTIME# 31 | FULLDATE=$FULLDATE# 32 | ISODATE=$ISODATE# 33 | DATE=$DATE# 34 | STAMP=$STAMP# 35 | TZ=$TZ# 36 | TZOFFSET=$TZOFFSET# 37 | SEC=$SEC# 38 | MIN=$MIN# 39 | HOUR=$HOUR# 40 | HOUR12=$HOUR12# 41 | DAY=$DAY# 42 | WEEK=$WEEK# 43 | WEEK_DAY=$WEEK_DAY# 44 | WEEK_DAY_ABBREV=$WEEK_DAY_ABBREV# 45 | WEEK_DAY_NAME=$WEEK_DAY_NAME# 46 | MONTH=$MONTH# 47 | MONTH_ABBREV=$MONTH_ABBREV# 48 | MONTH_NAME=$MONTH_NAME# 49 | MONTH_WEEK=$MONTH_WEEK# 50 | YEAR=$YEAR# 51 | YEAR_DAY=$YEAR_DAY#\n\n"); 52 | template_escape(no); 53 | }; 54 | 55 | destination d_expandlog { 56 | file("/opt/var/log/expanded-syslog.log" template(t_expandlog)); 57 | }; 58 | 59 | log { 60 | source(src); 61 | destination(d_expandlog); 62 | }; 63 | 64 | #eof 65 | -------------------------------------------------------------------------------- /syslog-ng.share/README_REMOTE: -------------------------------------------------------------------------------- 1 | Readme for remote logging 2 | 3 | This file contains basic instructions for setting up remote logging with 4 | syslog-ng. Exhaustive instructions on setting up remote logging are beyond 5 | the scope of this README, however this README presents two options for 6 | remote logging; namely, either logging _ALL_ messages to the remote logging 7 | facility, or only some. 8 | 9 | 10 | Logging all messages remotely: 11 | 12 | Copy the A00remote file from /opt/share/syslog-ng/examples to 13 | /opt/etc/syslog-ng.d. You will need to edit the A00remote file 14 | to point to the IP of your remote log server. Do not rename 15 | this file or some messages may not be sent to the remote server. 16 | 17 | 18 | Logging only some messages remotely: 19 | 20 | Do not copy the A00remote file, instead uncomment the log_server 21 | destination section (3 lines) from /opt/etc/syslog-ng.conf. 22 | Uncomment the 'destination(log_server);' line in that file to 23 | send all messages that would end up in the messages file to 24 | the remote server. Copy the 'destination(log_server);' line 25 | to the log section of any filer in /opt/etc/syslog-ng.d that 26 | you wish to send those messages to the remote server. It is 27 | recommended to insert the line either just before or just after 28 | the existing 'destination(d_xxxxx);' line in that file. 29 | 30 | 31 | Please see the documentation for your remote log server for setup details 32 | for your remote log server. Again, it is beyond the scope (or ability) 33 | of this documentation to provide instructions on setting up your remote 34 | log server. 35 | -------------------------------------------------------------------------------- /syslog-ng.share/syslog-ng.conf-scribe: -------------------------------------------------------------------------------- 1 | ############################################################################# 2 | # syslog-ng.conf customized for scribe on Asuswrt-Merlin firmware 3 | # compare to /opt/share/syslog-ng/examples/syslog-ng.conf-opkg for differences from Entware distribution 4 | # 5 | # syslog-ng documentation: https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition 6 | # 7 | # Release notes: https://github.com/syslog-ng/syslog-ng/releases 8 | 9 | @version: 4.1 10 | #@include "scl.conf" # uncomment this line to for additional functionality, see syslog-ng documentation 11 | @include "/opt/etc/syslog-ng.d/" # Put any customization files in this directory 12 | 13 | options { 14 | chain_hostnames(no); # Enable or disable the chained hostname format. 15 | create_dirs(yes); 16 | keep_hostname(yes); # Enable or disable hostname rewriting. 17 | log_fifo_size(256); # The number of messages that the output queue can store. 18 | log_msg_size(16384); # Maximum length of a message in bytes. 19 | stats(freq(21600)); # The period between two STATS messages sent by syslog-ng, containing statistics about dropped logs in seconds; 0 disables. (21,600 seconds = 6 hours) 20 | flush_lines(0); # How many lines are flushed to a destination at a time. 21 | use_fqdn(no); # Add Fully Qualified Domain Name instead of short hostname. 22 | }; 23 | 24 | # syslog-ng gets messages from the system, kernel, and syslog-ng (internal) 25 | # DO NOT use system() source; causes issues on HND routers 26 | # so_rcvbuf = maximum number of messages per second * 1024 27 | source src { 28 | unix-dgram("/dev/log" so_rcvbuf(65536) flags(syslog-protocol)); 29 | file("/proc/kmsg" program_override("kernel") flags(kernel)); 30 | internal(); 31 | # udp(ip(192.168.x.y) port(514)); # uncomment this line to pass all network messages through syslog-ng filters 32 | }; 33 | 34 | # if you only want to pass network messages through some syslog-ng filters, uncomment the source line below 35 | # then add "source(net);" to the log statement in any filter you want to pass network messages through 36 | #source net { udp(ip(192.168.x.y) port(514)); }; 37 | 38 | # set the filename for the default log file - anything not filtered out will end up here 39 | destination messages { file("/opt/var/log/messages"); }; 40 | 41 | # to send log messages to the local network, uncomment the destination line below 42 | # then add "destination(log_server);" to the log statement in any filter you want to pass network messages through 43 | #destination log_server { udp("192.168.x.y" port(514)); }; 44 | 45 | log { 46 | source(src); 47 | # source(net); # uncomment this and "source net" function above to get udp log messages from local network 48 | destination(messages); 49 | # destination(log_server); # uncomment this and "destination log_server" function above to send udp log messages to local network 50 | }; 51 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ~ scribe ~ Entware syslog-ng and logrotate installer for Asuswrt-Merlin 2 | 3 | ## THIS VERSION IS OBSOLETE AND HAS BEEN REPLACED!!!! 4 | ## PLEASE USE THE VERSION AT: https://github.com/AMTM-OSR/scribe 5 | 6 | **scribe** is a **syslog-ng** and **logrotate** installer for ASUS routers running **Asuswrt-Merlin** 7 | 8 | ## v3.2.1 (OBSOLETE!) 9 | ### Updated on 2024-Aug-25 10 | 11 | ## Getting Started 12 | 13 | ### Prerequisites 14 | 15 | 1. [Asuswrt-Merlin](https://asuswrt.lostrealm.ca/ "Pure Freaking Magic") running on a supported ASUS router 16 | 2. **Entware** installed, preferably using [amtm](https://github.com/decoderman/amtm "amtm") 17 | 3. jffs scripts enabled in the firmware; installing **Entware** should have taken care of this part 18 | 19 | * **scribe** includes handlers for the logs created by [skynet](https://github.com/Adamm00/IPSet_ASUS "skynet"); if you wish to use these handlers, it is advised to install **skynet** first. If **skynet** is installed after scribe, you will have to re-run the installation and force installation. 20 | 21 | ### Installing 22 | 23 | Please install from the latest version of AMTM! 24 | 25 | ## *WARNING* 26 | 27 | This software was written by someone who very likely didn't know what they were doing. There is a non-zero chance this software will not function as intended, cause irreparable data loss and/or hardware damage, or accidentally trigger the annihilation of the earth. End user accepts all these potential outcomes as the unavoidable consequences of existing. 28 | 29 | ## ToDo: 30 | 31 | - [ ] Try to keep up with the seemingly ever-changing syslog-ng 32 | 33 | ## Built With 34 | 35 | * [vim](https://www.vim.org/ "definitely NOT emacs") - because vi is always there, so I'm not lost on a clean install. 36 | * amix's [vimrc](https://github.com/amix/vimrc) - basic version. 37 | 38 | ## Contributing 39 | 40 | #### Code: 41 | This has been a learning project for me, so I'm probably more married to my way of doing things than I should be. Not to say suggestions aren't appreciated - they are and will be considered; but they are likely to be altered to my way of thinking about things if I add them, even if your way is clearly better. 42 | 43 | #### Money: 44 | Even if you think this is the best thing since sliced bread, please do not enquire about sending me money. If I accepted money, I'll feel obligated to keep improving this, and I've got more than enough obligations in life at this point. 45 | 46 | ## Authors 47 | 48 | "Success has many fathers, but failure is a bastard child." 49 | 50 | This isn't high school, it's all open book and copying from your neighbor is encouraged. All the good bits I stole from someone else, all the crap bits and errors are mine. 51 | 52 | ## Acknowledgments 53 | 54 | * RMerlin, for enduring an endless stream of people who will not read the release notes (out of his control), yet is still dedicated to producing the awesomeness that is AsusWRT-Merlin in what used to be known as his "free time". 55 | * The great coders of SNB Forums, in alphabetical order, for lack of a better system: 56 | * Adamm 57 | * dave14305 58 | * Jack Yaz 59 | * kvic 60 | * Martineau 61 | * Odkrys 62 | * thelonelycoder 63 | * Xentrk 64 | 65 | * Alpha and Beta testing endured by Butterfly Bones, elorimer, and skeal. 66 | 67 | * I'm sure I missed someone, if it's you, I'm sorry, it wasn't intentional. 68 | 69 | * Template used for thie README shamelessly stolen from [PurpleBooth](https://gist.github.com/PurpleBooth/109311bb0361f32d87a2 "don't reinvent the wheel") 70 | 71 | #### Seriously? 72 | Are you really still reading this? I'd have probably lost interest about halfway through. 73 | -------------------------------------------------------------------------------- /init.d/rc.func.syslog-ng: -------------------------------------------------------------------------------- 1 | #!/bin/sh - 2 | # 3 | # NB: rc.func only runs PRECMD on "start" 4 | 5 | kill_logger(){ 6 | # these will be set if coming from scribe; on bootup, these will not be set 7 | [ -z "$script_conf" ] && script_conf="/jffs/addons/scribe.d/config" 8 | [ -z "$optmsg" ] && optmsg="/opt/var/log/messages" 9 | [ -z "$jffslog" ] && jffslog="/jffs/syslog.log" 10 | [ -z "$tmplog" ] && tmplog="/tmp/syslog.log" 11 | isjffs=false 12 | 13 | # figure out where syslogd expects log file to live 14 | if [ -z "$syslog_loc" ] # don't look for config file if $syslog_loc is defined 15 | then 16 | # $syslog_loc not set, look for config file 17 | if [ -f "$script_conf" ] 18 | then 19 | syslog_loc="$( /bin/grep "SYSLOG_LOC" "$script_conf" | /usr/bin/cut -f2 -d"=" )" 20 | # no config file and $syslog_loc is not set; check if syslogd is running 21 | elif [ -n "$( /bin/pidof syslogd )" ] 22 | then # awk to the rescue 23 | sld_ps="$( /bin/ps ww | /bin/grep "/sbin/syslogd" )" 24 | syslog_loc="$( /usr/bin/awk -v psww="$sld_ps" 'BEGIN { 25 | n=split (psww, psary) 26 | for (i = 1; i <= n; i++) 27 | if ( psary[i] ~ "-O" ) break 28 | print psary[i+1] }' 29 | )" 30 | else # no config file, $syslog_loc not set, & syslogd not running!!! 31 | syslog_loc="$tmplog" # no-man's land, so make a guess 32 | fi 33 | fi 34 | 35 | [ "$syslog_loc" = "$jffslog" ] && isjffs=true 36 | 37 | # kill any/all running klogd and/or syslogd 38 | count=30 39 | klgk=false 40 | sldk=false 41 | while [ $count -gt 0 ] 42 | do 43 | [ -n "$( /bin/pidof klogd )" ] && killall klogd 44 | [ -n "$( /bin/pidof syslogd )" ] && killall syslogd 45 | sleep 1 # give them a moment to shut down / unknown process to restart them 46 | [ -z "$( /bin/pidof klogd )" ] && klgk=true 47 | [ -z "$( /bin/pidof syslogd )" ] && sldk=true 48 | if $klgk && $sldk; then count=-1; fi 49 | count=$(( count - 1 )) 50 | done 51 | [ $count -eq 0 ] && exit 1 52 | 53 | # if syslog-ng was stopped by scribe, /opt/var/log/messages will symlink to $syslog_loc 54 | [ -L "$optmsg" ] && /bin/rm -f "$optmsg" 55 | 56 | # if syslogd was running, $syslog_loc will exist and be a regular file (not a link) 57 | # this might be bootup, or starting scribe 58 | if [ ! -L "$syslog_loc" ] 59 | then 60 | /bin/cat "$syslog_loc" >> "$optmsg" 61 | /bin/rm -f "$syslog_loc" "$syslog_loc-1" 62 | /bin/ln -s "$optmsg" "$syslog_loc" 63 | echo "### Top of Log File ###" >> "$syslog_loc-1" 64 | fi 65 | 66 | # make /jffs/syslog.log and log-1 directories if default syslog location is not at /jffs 67 | # prevents system log saver from writing to jffs (not strictly neecessary on newer routers) 68 | if ! $isjffs && [ ! -d "$jffslog" ] 69 | then 70 | /bin/rm -rf "$jffslog" "$jffslog-1" 71 | /bin/mkdir "$jffslog" "$jffslog-1" 72 | elif $isjffs 73 | then 74 | # if syslogd is writing to /jffs, then ensure logfiles in /tmp 75 | # are properly linked in case something goes looking there 76 | [ ! -L "$tmplog" ] && /bin/ln -s "$optmsg" "$tmplog" 77 | [ ! -L "$tmplog-1" ] && /bin/ln -s "$syslog_loc-1" "$tmplog-1" 78 | fi 79 | 80 | # create /opt/var/run/syslog-ng/ directory if it doesn't exist 81 | # not needed for older versions of syslog-ng, but doesn't hurt anything 82 | [ ! -d "/opt/var/run/syslog-ng" ] && mkdir "/opt/var/run/syslog-ng" 83 | 84 | # touch logroatate.status if it doesn't exist so syslog-ng doesn't whine 85 | [ ! -f "/var/lib/logrotate.status" ] && touch "/var/lib/logrotate.status" 86 | 87 | # export timezone if not already set 88 | [ -z "$TZ" ] && export export TZ="$( /bin/cat "/etc/TZ" )" 89 | } 90 | 91 | PRECMD="kill_logger" 92 | # enabling the below can be useful when having problems, 93 | # but fills up the logfile fast 94 | #ARGS="-v" 95 | 96 | #eof 97 | -------------------------------------------------------------------------------- /syslog-ng.share/README.1ST: -------------------------------------------------------------------------------- 1 | ### README.1ST --- 22 June 2020 2 | 3 | Please READ before copying any of these files to /opt/etc/syslog-ng.d/ 4 | 5 | **** If you simply copy all of the files in this directory to **** 6 | **** /opt/etc/syslog-ng.d/ the next time you try to restart **** 7 | **** syslog-ng it will not start. **** 8 | 9 | Some of the files in this directory may be copied to /opt/etc/syslog-ng.d/ 10 | to filter common messages from the default messages file to their own 11 | log files. Note that when copying the files, they must be writable by the 12 | user only, i.e. chmod 600. If the group or others can write to them, they 13 | will not be loaded by syslog-ng. 14 | 15 | It is highly recommended to copy the corresponding file of the same name 16 | in /opt/share/logrotate/examples/ to /opt/etc/logroate.d/ to ensure the 17 | log files do not grow too large. If there is not corresponding file in 18 | /opt/share/logrotate/examples, then either the file is not intended to be 19 | used permanently (e.g. expandlog); or should generate no or very few log 20 | entries (e.g. blankmsg, errormsg); or its logs are handled by other 21 | programs (e.g. skynet). 22 | 23 | Notes: 1) All ".log" files will be in /opt/var/log/. 24 | 2) Unless otherwise noted, all filters are "final", meaning 25 | messages matched by the filter will not be logged in the 26 | default messages file. 27 | 28 | The files in this directory are: 29 | A00remote Sends _ALL_ messages to a remote logging facility before 30 | processing by any of the filters below. This is not a 31 | blocking filter, all messages will still be processed by 32 | the other filters to be logged to local log files. See the 33 | README_REMOTE file for further information on setting up 34 | remote logging and other options for sending only certain 35 | messages to a remote logging facility. 36 | 37 | acsd Filters out messages from Broadcomm's Automatic Channel 38 | Selector Daemon. 39 | 40 | afpd Filters out messages related to daemons supporting Apple 41 | Time Machine, Apple Filing Protocal daemon (afpd) and 42 | Catalog Node I/D databae (cnid_dbd). 43 | 44 | bcm63xx Filters out messages containing "bcm63xx" to bcm63.log. 45 | These appear to be mostly nusiance messages. 46 | 47 | blankmsg Drops any blank messages. Automatically placed 48 | in /opt/etc/syslog-ng.d/ on installation. 49 | 50 | bsd Filters out "bsd" messages, which have nothing to do with 51 | the Berkley [ Software | Standard ] Distribution flavor 52 | of unix. These messages are related to smartconnect. 53 | 54 | crash Filters out most lines from the dcd_tainted crash messages 55 | as well as most lines of other crash messages. dcd_tainted 56 | crash occurs when users enable pixelserv-tls or exclude 57 | devices from ad-blocking within Diversion. 58 | 59 | diversion If you are using the popular Diversion script by 60 | thelonelycoder, this will filter out messages from Diversion 61 | and Jack Yaz's uiDivStats script to diversion.log. 62 | 63 | errormsg Filters out messages from the kernel that it encoutered an 64 | error processing a log message. Normally this shouldn't 65 | happen, so there may not be a log file even if this is 66 | copied to /opt/etc/syslog-ng.d/. 67 | 68 | ethernet Filters out messages containing "eth1" thru "eth8", "bro:", 69 | and "br1:" to ethernet.log. 70 | 71 | expandlog This should be used for testing purposes only. This breaks 72 | out every log message into multiple lines, with each part of 73 | the message on its own line, into expanded-syslog.log. This 74 | file will get very large very quickly. There is no 75 | corresponding logrotate file in /opt/etc/logrotate.d/ since 76 | this is not intended to be used except for testing. This is 77 | not a "final" filter. 78 | 79 | firewall If you are not using Skynet, this will be automatically 80 | copied to /opt/etc/syslog-ng.d/ upon installation of scribe. 81 | This filters messages from the firmware firewall containing 82 | "ACCEPT IN=" or "DROP IN=" to firewall.log. Do not use this 83 | filter if you are using Skynet. 84 | 85 | ioctl Filters out I/O control messages. These are mostly nuicesnce 86 | messages. 87 | 88 | jffs Filters out messages about the jffs directory. Useful when 89 | certain errors with the jffs fiilesystem are encountered as 90 | they quickly fill up the logfile. Normally this shouldn't 91 | happen, so there may not be a log file even if this is 92 | copied to /opt/etc/syslog-ng.d/. 93 | 94 | logrotate Gathers logrotate's messages from var/lib/logrotate.status 95 | and /opt/tmp/logrotate.daily into a single log file in 96 | /opt/var/log/logrotate.log.i Automatically placed in 97 | /opt/etc/syslog-ng.d/ on installation. 98 | 99 | meshUDB Filters "nuisance" messages when you have devices on your 100 | wifi network that are non-cooperative with mesh. Such 101 | messages contain "not mesh client" or "exist in UDB". These 102 | messages may coincide with connectivity issues with said 103 | devices. No idea why some devices do not work well with 104 | mesh networks. 105 | 106 | netdata Filters messages from Netdata (available in Entware). User- 107 | contributed by @ttgapers 108 | 109 | ntpd Entware ntpd sends log messages to /opt/var/spool/ntp/ntp.log 110 | instead of the system logging facility. This gathers those 111 | log messages, formats them in the standard syslog-ng format, 112 | and puts them in /opt/var/log/ntp.log. Messages from Jack 113 | Yaz's ntpmerlin will also be copied to this log file. 114 | Note that the busybox firmware ntpd does not appear to send 115 | log messages anywhere at all, not even through the system 116 | logging facility. 117 | 118 | openvpn Filters out messages from "ovpn-server#" or "ovpn-client#" to 119 | openvpn.log, where "#" is the server or client number. Also 120 | filters out messages from "openvp-routing" to the same file. 121 | 122 | pixelserv Filters out messages from pixelserv-tls to pixelserv.log. 123 | 124 | roamast Filters out messages from the roaming assistant daemon. These 125 | are generally associated with an AiMesh setup 126 | 127 | skynet If you are using the popular Skynet script by Adamm, this 128 | will be automatically copied to /opt/etc/syslog-ng.d/ upon 129 | installation of scribe. This filters any messages from 130 | Skynet and messages that contain "BLOCKED -" or "DROP IN=" to 131 | skynet-0.log. On installing scribe, scribe tells Skynet to 132 | get its data from skynet-0.log. This file should normally 133 | not ever be copied manually to opt/etc/syslog-ng.d/ 134 | 135 | spdmerlin Filters out spdMerlin's twice-hourly connection speed test 136 | results to /opt/var/log/spdmerlin.log 137 | 138 | suricata Filters messages from the Suricata IDS / IPS/ NSM engine 139 | (available in Entware). User-contributed by @ttgapers 140 | 141 | syslog-ng.conf-opkg DO NOT COPY THIS FILE TO /opt/etc/syslog-ng.d/!!! 142 | This is a copy of the original syslog-ng.conf 143 | file that is provided by the Entware package, for 144 | reference only. 145 | 146 | syslog-ng.conf-scribe DO NOT COPY THIS FILE TO /opt/etc/syslog-ng.d/!!! 147 | This is a copy of the current syslog-ng.conf file 148 | that is provided by scribe, for reference only. 149 | 150 | syslogng Filters out syslog-ng's messages and logging statistics. 151 | Automatically placed in /opt/etc/syslog-ng.d/ on installation. 152 | 153 | wlceventd Filters out messages from the Wireless Lan Controller Daemon. 154 | Automatically placed in /opt/etc/syslog-ng.d/ on installation. 155 | -------------------------------------------------------------------------------- /scribe: -------------------------------------------------------------------------------- 1 | #!/bin/sh - 2 | # 3 | # _ 4 | # _ ( ) 5 | # ___ ___ _ __ (_)| |_ __ 6 | # /',__) /'___)( '__)| || '_`\ /'__`\ 7 | # \__, \( (___ | | | || |_) )( ___/ 8 | # (____/`\____)(_) (_)(_,__/'`\____) 9 | # syslog-ng and logrotate installer for Asuswrt-Merlin 10 | # 11 | # Coded by cmkelley 12 | # 13 | # Original interest in syslog-ng on Asuswrt-Merlin inspired by tomsk & kvic 14 | # Good ideas and code borrowed heavily from Adamm, dave14305, Jack Yaz, thelonelycoder, & Xentrx 15 | # Bugs, bad ideas, and sloppy code are entirely mine 16 | # 17 | # install command: 18 | # curl --retry 3 "https://raw.githubusercontent.com/cynicastic/scribe/master/scribe" -o "/jffs/scripts/scribe" && chmod 0755 /jffs/scripts/scribe && /jffs/scripts/scribe install 19 | # 20 | # shellcheck disable=SC2009 21 | # SC2009 = Consider uing pgrep ~ Note that pgrep doesn't exist in asuswrt (exists in Entware procps-ng) 22 | # shellcheck disable=SC2059 23 | # SC2059 = Don't use variables in the printf format string. Use printf "..%s.." "$foo" ~ I (try to) only embed the ansi color escapes in printf strings 24 | ################################################################## 25 | # Last Modified: 2024-Aug-25 26 | #----------------------------------------------------------------- 27 | 28 | # ensure firmware binaries are used, not Entware 29 | export PATH="/sbin:/bin:/usr/sbin:/usr/bin:$PATH" 30 | 31 | # set TMP if not set 32 | [ -z "$TMP" ] && export TMP=/opt/tmp 33 | 34 | # parse parameters 35 | action="X" 36 | got_zip=false 37 | banner=true 38 | [ "$SCRIBE_LOGO" = "nologo" ] && banner=false 39 | while [ -n "$1" ] 40 | do 41 | case "$1" in 42 | gotzip) 43 | got_zip=true 44 | shift 45 | ;; 46 | nologo) 47 | banner=false 48 | shift 49 | ;; 50 | service_event) 51 | banner=false 52 | action="$1" 53 | break 54 | ;; 55 | *) 56 | action="$1" 57 | shift 58 | ;; 59 | esac 60 | done 61 | [ "$action" = "X" ] && action="menu" 62 | 63 | # scribe constants 64 | readonly script_name="scribe" 65 | scribe_branch="master" 66 | readonly script_branch="$scribe_branch" 67 | scribe_ver="v3.2.1" # version number for amtm compatibility, but keep vX.Y_Z otherwise because I'm stubborn 68 | script_ver="$( echo $scribe_ver | sed 's/\./_/2' )" 69 | readonly script_ver 70 | readonly script_long="$script_ver ($script_branch)" 71 | readonly script_author="cynicastic" 72 | readonly raw_git="https://raw.githubusercontent.com" 73 | readonly script_repo="$raw_git/$script_author/$script_name/$script_branch/$script_name" 74 | readonly unzip_dir="$TMP/$script_name-$script_branch" 75 | readonly script_tmp="$TMP/$script_name.tmp" 76 | readonly script_d="/jffs/scripts" 77 | readonly script_loc="$script_d/$script_name" 78 | readonly conf_d="/jffs/addons/$script_name.d" 79 | readonly script_conf="$conf_d/config" 80 | readonly optmsg="/opt/var/log/messages" 81 | readonly jffslog="/jffs/syslog.log" 82 | readonly tmplog="/tmp/syslog.log" 83 | export script_conf 84 | export optmsg 85 | export jffslog 86 | export tmplog 87 | 88 | ##----------------------------------------## 89 | ## Modified by Martinski W. [2024-Aug-25] ## 90 | ##----------------------------------------## 91 | # router details 92 | readonly merlin="ASUSWRT-Merlin" 93 | readonly fwreqd="3004.380.68" 94 | fwname="$( uname -o )" 95 | readonly fwname 96 | fwvers="$(nvram get firmver | sed 's/\.//g').$( nvram get buildno )" 97 | readonly fwvers 98 | model="$( nvram get odmpid )" 99 | [ -z "$model" ] && model="$( nvram get productid )" 100 | readonly model 101 | arch="$( uname -m )" 102 | readonly arch 103 | 104 | # miscellaneous constants 105 | readonly header="=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=$std\n\n" 106 | readonly sld="syslogd" 107 | readonly sng="syslog-ng" 108 | readonly sng_reqd="3.19" 109 | readonly lr="logrotate" 110 | readonly init_d="/opt/etc/init.d" 111 | readonly S01sng_init="$init_d/S01$sng" 112 | readonly rcfunc_sng="rc.func.$sng" 113 | readonly rcfunc_loc="$init_d/$rcfunc_sng" 114 | readonly sng_loc="/opt/sbin/$sng" 115 | readonly sngctl_loc="$sng_loc-ctl" 116 | readonly lr_loc="/opt/sbin/$lr" 117 | readonly sng_conf="/opt/etc/$sng.conf" 118 | readonly debug_sep="=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=" 119 | readonly script_debug_name=$script_name"_debug.log" 120 | readonly script_debug="$TMP/$script_debug_name" 121 | readonly sngconf_merged="$TMP/$sng-complete.conf" 122 | readonly sngconf_error="$TMP/$sng-error.conf" 123 | readonly lr_conf="/opt/etc/$lr.conf" 124 | readonly lr_daily="/opt/tmp/logrotate.daily" 125 | readonly lr_temp="/opt/tmp/logrotate.temp" 126 | readonly sngd_d="/opt/etc/$sng.d" 127 | readonly lrd_d="/opt/etc/$lr.d" 128 | readonly etc_d="/opt/etc/*.d" 129 | readonly sng_share="/opt/share/$sng" 130 | readonly lr_share="/opt/share/$lr" 131 | readonly share_ex="/opt/share/*/examples" 132 | readonly script_bakname="$TMP/$script_name-backup.tar.gz" 133 | readonly fire_start="$script_d/firewall-start" 134 | readonly srvc_event="$script_d/service-event" 135 | readonly postmount="$script_d/post-mount" 136 | readonly unmount="$script_d/unmount" 137 | readonly skynet="$script_d/firewall" 138 | readonly sky_req="6.9.2" 139 | readonly divers="/opt/bin/diversion" 140 | readonly div_req="4.1" 141 | 142 | #uiScribe constants 143 | readonly uisc_name="uiScribe" 144 | readonly uisc_author="jackyaz" 145 | readonly uisc_branch="master" 146 | readonly uisc_repo="$raw_git/$uisc_author/$uisc_name/$uisc_branch/$uisc_name.sh" 147 | readonly uiscribe="$script_d/$uisc_name" 148 | 149 | # color constants 150 | readonly red="\033[1;31m" 151 | readonly green="\033[1;32m" 152 | readonly yellow="\033[1;33m" 153 | readonly blue="\033[1;34m" 154 | readonly magenta="\033[1;35m" 155 | readonly cyan="\033[1;36m" 156 | readonly white="\033[1;37m" 157 | readonly std="\033[m" 158 | 159 | # check if scribe is already installed by looking for link in /opt/bin 160 | [ -e "/opt/bin/$script_name" ] && is_inst=true || is_inst=false 161 | 162 | # check if uiScribe is installed 163 | [ -e "$uiscribe" ] && uisc_inst=true || uisc_inst=false 164 | 165 | # check if Skynet is installed 166 | if [ -e "$fire_start" ] && grep -q "skynetloc" "$fire_start" 167 | then 168 | skynet_inst=true 169 | else 170 | skynet_inst=false 171 | fi 172 | 173 | #### functions #### 174 | 175 | present(){ printf "$green present. $std\n"; } 176 | 177 | updated(){ printf "$yellow updated. $std\n"; } 178 | 179 | finis(){ printf "$green done. $std\n"; } 180 | 181 | not_installed(){ printf "\n$blue %s$red NOT$white installed! $std\n" "$1"; } 182 | 183 | enter_to(){ printf "$white Press [Enter] to %s: $std" "$1"; read -r; echo; } 184 | 185 | ver_num(){ echo "$1" | sed 's/v//; s/_/./' | awk -F. '{ printf("%d%03d%02d\n", $1, $2, $3); }'; } 186 | 187 | md5_file(){ md5sum "$1" | awk '{ printf( $1 ); }'; } # get md5sum of file 188 | 189 | strip_path(){ basename "$1"; } 190 | 191 | dlt(){ rm -rf "$1"; } 192 | 193 | same_same(){ if [ "$( md5_file "$1" )" = "$( md5_file "$2" )" ]; then true; else false; fi; } 194 | 195 | date_stamp(){ [ -e "$1" ] && mv "$1" "$1-$( date -Iseconds | cut -c 1-19 )"; } 196 | 197 | sng_rng(){ if [ -n "$( pidof $sng )" ]; then true; else false; fi; } 198 | 199 | sld_rng(){ if [ -n "$( pidof $sld )" ]; then true; else false; fi; } 200 | 201 | # NB: ensure system log is backed up before doing this! 202 | clear_loglocs(){ 203 | dlt $tmplog 204 | dlt $tmplog-1 205 | dlt $jffslog 206 | dlt $jffslog-1 207 | } 208 | 209 | start_syslogd(){ 210 | service start_logger 211 | count=30 212 | while ! sld_rng && [ $count -gt 0 ] 213 | do 214 | sleep 1 # give syslogd time to start up 215 | count=$(( count - 1 )) 216 | done 217 | if [ $count -eq 0 ]; then printf "\n$red UNABLE TO START SYSLOGD! ABORTING!\n$std"; exit 1; fi 218 | } 219 | 220 | # Use caution if adding new variables to existing config file 221 | write_conf(){ 222 | [ ! -d $conf_d ] && mkdir $conf_d 223 | [ ! -e $script_conf ] && touch $script_conf 224 | 225 | if grep -q "SYSLOG_LOC" "$script_conf" 226 | then 227 | sed -i "s~SYSLOG_LOC=.*~SYSLOG_LOC=$syslog_loc~" $script_conf 228 | else 229 | echo "SYSLOG_LOC=$syslog_loc" > $script_conf 230 | fi 231 | } 232 | 233 | # random routers point syslogd at /jffs instead of /tmp 234 | # figure out where default syslog.log location is 235 | # function assumes syslogd is running! 236 | where_syslogd(){ 237 | sld_ps="$( ps ww | grep "syslogd" )" 238 | syslog_loc="$( awk -v psww="$sld_ps" 'BEGIN { n=split (psww, psary); for (i = 1; i <= n; i++) if ( psary[i] ~ "-O" ) break; print psary[i+1] }' )" 239 | write_conf 240 | } 241 | 242 | create_conf(){ 243 | printf "\n$white Detecting default syslog location " 244 | if sng_rng 245 | then 246 | slg_was_rng=true 247 | printf "\n Briefly shutting down %s" "$sng" 248 | killall $sng 2>/dev/null 249 | count=10 250 | while sng_rng && [ "$count" -gt 0 ] 251 | do 252 | sleep 1 253 | count=$(( count - 1 )) 254 | done 255 | clear_loglocs 256 | else 257 | slg_was_rng=false 258 | fi 259 | 260 | if ! sld_rng; then start_syslogd; fi 261 | where_syslogd 262 | if $slg_was_rng 263 | then 264 | # if syslog-ng was running, kill syslogd and restart 265 | $S01sng_init start 266 | else 267 | # prepend /opt/var/messages to syslog & create link 268 | cat "$syslog_loc" >> "$optmsg" && mv -f "$optmsg" "$syslog_loc" 269 | ln -s "$syslog_loc" "$optmsg" 270 | fi 271 | # assume uiscribe is still running if it was before stopping syslog-ng 272 | } 273 | 274 | read_conf(){ 275 | if [ -f $script_conf ] 276 | then # assumes if $script_conf exists, it is correctly formatted 277 | syslog_loc="$(grep "SYSLOG_LOC" "$script_conf" | cut -f2 -d"=")" 278 | else # scribe started with no config file 279 | create_conf 280 | fi 281 | export syslog_loc 282 | } 283 | 284 | update_file(){ 285 | [ -n "$3" ] && [ "$3" = "backup" ] && date_stamp "$2" 286 | cp -pf "$1" "$2" 287 | } 288 | 289 | # Check yes or no 290 | yes_no(){ 291 | read -r resp 292 | case "$resp" in 293 | [yY][eE][sS]|[yY]) 294 | true 295 | ;; 296 | *) 297 | false 298 | ;; 299 | esac 300 | } 301 | 302 | logo(){ 303 | if ! $banner; then return; fi 304 | clear 305 | printf "$white _\n" 306 | printf " _ ( ) \n" 307 | printf " ___ ___ _ __ (_)| |_ __ \n" 308 | printf " /',__) /'___)( '__)| || '_\`\\ /'__\`\\ \n" 309 | printf " \\__, \\( (___ | | | || |_) )( ___/ \n" 310 | printf " (____/\`\\____)(_) (_)(_,__/'\`\\____) \n" 311 | printf " %s and %s installation $std\n" "$sng" "$lr" 312 | printf " $green %-17s $blue Coded by cmkelley $std\n\n" "$script_long" 313 | } 314 | 315 | warning_sign(){ 316 | printf "\n\n$white" 317 | printf " *********************\n" 318 | printf " ***$red W*A*R*N*I*N*G$white ***\n" 319 | printf " *********************\n\n" 320 | } 321 | 322 | get_zip(){ 323 | if ! $got_zip 324 | then 325 | dlt "$unzip_dir" 326 | dlt "$TMP/$script_name.zip" 327 | printf "\n$white fetching %s from GitHub %s branch ...$std\n" "$script_name" "$script_branch" 328 | if curl -fL https://github.com/$script_author/$script_name/archive/$script_branch.zip -o "$TMP/$script_name.zip" 329 | then 330 | printf "\n$white unzipping %s ...$std\n" "$script_name" 331 | unzip "$TMP/$script_name.zip" -d "$TMP" 332 | /opt/bin/opkg update 333 | got_zip=true 334 | else 335 | printf "\n$white %s GitHub repository$red is unavailable! $std -- Aborting.\n" "$script_name" 336 | exit 1 337 | fi 338 | fi 339 | } 340 | 341 | hup_uisc(){ 342 | if $uisc_inst 343 | then 344 | printf "$white Restarting uiScribe ..." 345 | $uiscribe startup 346 | fi 347 | } 348 | 349 | rld_sngconf(){ 350 | printf "$white reloading %s ... $cyan" "$( strip_path $sng_conf )" 351 | $sngctl_loc reload 352 | printf "\n$std" 353 | hup_uisc 354 | } 355 | 356 | copy_rcfunc(){ 357 | printf "$white copying %s to %s ...$std" "$rcfunc_sng" "$init_d" 358 | cp -pf "$unzip_dir/init.d/$rcfunc_sng" "$init_d/" 359 | chmod 644 "$rcfunc_loc" 360 | finis 361 | } 362 | 363 | check_sng(){ 364 | printf "\n$white %34s" "checking $sng daemon ..." 365 | if sng_rng 366 | then 367 | printf "$green alive. $std\n" 368 | else 369 | printf "$red dead. $std\n" 370 | printf "$white %34s" "the system logger (syslogd) ..." 371 | if sld_rng 372 | then 373 | printf "$green is running. $std\n\n" 374 | printf "$yellow Type$red %s restart$yellow at shell prompt or select$red rs$yellow\n" "$script_name" 375 | printf " from %s main menu to start %s.\n" "$script_name" "$sng" 376 | else 377 | printf "$red is not running! $std\n\n" 378 | printf "$white Type$red %s -Fevd$white at shell prompt or select$red sd$white\n" "$sng" 379 | printf " from %s utilities menu ($red%s$white) to view %s\n" "$script_name" "su" "$sng" 380 | printf " debugging data.\n" 381 | fi 382 | fi 383 | } 384 | 385 | sed_sng(){ 386 | printf "$white %34s" "checking $( strip_path $S01sng_init ) ..." 387 | if ! grep -q $rcfunc_sng $S01sng_init 388 | then 389 | sed -i "\~/opt/etc/init.d/rc.func~i . $rcfunc_loc # added by $script_name\n" $S01sng_init 390 | updated 391 | else 392 | present 393 | fi 394 | } 395 | 396 | rd_warn(){ 397 | printf "$yellow Use utility menu (su) option 'rd' to re-detect! $std\n" 398 | } 399 | 400 | syslogd_check(){ 401 | printf "$white %34s" "syslog.log default location ..." 402 | if [ "$syslog_loc" != "$jffslog" ] && [ "$syslog_loc" != "$tmplog" ] 403 | then 404 | printf "$red NOT SET!\n" 405 | rd_warn 406 | return 1 407 | else 408 | printf "$green %s $std\n" "$syslog_loc" 409 | fi 410 | printf "$white %34s" "... & agrees with config file ..." 411 | checksys_loc="$(grep "SYSLOG_LOC" "$script_conf" | cut -f2 -d"=")" 412 | if [ ! -f $script_conf ] 413 | then # scribe started with no config file 414 | printf "$red NO CONFIG FILE!\n" 415 | rd_warn 416 | # assumes if $script_conf exists, it is correctly formatted 417 | elif [ "$syslog_loc" = "$checksys_loc" ] 418 | then 419 | printf "$green okay! $std\n" 420 | else 421 | printf "$red DOES NOT MATCH!\n" 422 | rd_warn 423 | return 1 424 | fi 425 | } 426 | 427 | sed_srvc(){ 428 | printf "$white %34s" "checking $( strip_path $srvc_event ) ..." 429 | if [ -f $srvc_event ] 430 | then 431 | [ "$( grep -c "#!/bin/sh" $srvc_event )" -ne 1 ] && sed -i "1s~^~#!/bin/sh -\n\n~" $srvc_event 432 | if grep -q "$script_name kill-logger" $srvc_event; then sed -i "/$script_name kill-logger/d" $srvc_event; fi 433 | if grep -q "$script_name kill_logger" $srvc_event; then sed -i "/$script_name kill_logger/d" $srvc_event; fi 434 | if ! grep -q "$script_name service_event" $srvc_event 435 | then 436 | echo "$script_loc service_event \"\$@\" & # added by $script_name" >> $srvc_event 437 | updated 438 | else 439 | present 440 | fi 441 | else 442 | { 443 | echo "#!/bin/sh -" 444 | echo "" 445 | echo "$script_loc service_event \"\$@\" & # added by $script_name" 446 | } > $srvc_event 447 | printf "$green created. $std\n" 448 | fi 449 | [ ! -x $srvc_event ] && chmod 0755 $srvc_event 450 | } 451 | 452 | lr_post(){ 453 | printf "$white %34s" "checking $( strip_path $postmount ) ..." 454 | if [ ! -f $postmount ] 455 | then 456 | printf "$red MISSING! \n" 457 | printf " Entware is not properly set up!\n" 458 | printf " Correct Entware installation before continuing! $std\n\n" 459 | exit 1 460 | fi 461 | if ! grep -q $lr $postmount 462 | then 463 | echo "cru a $lr \"5 0 * * * $lr_loc $lr_conf >> $lr_daily 2>&1\" # added by $script_name" >> $postmount 464 | updated 465 | else 466 | present 467 | fi 468 | } 469 | 470 | sed_umnt(){ 471 | printf "$white %34s" "checking $( strip_path $unmount ) ..." 472 | if [ -f $unmount ] 473 | then 474 | [ "$( grep -c "#!/bin/sh" $unmount )" -ne 1 ] && sed -i "1s~^~#!/bin/sh -\n\n~" $unmount 475 | if ! grep -q "$script_name stop" $unmount 476 | then 477 | echo "[ \"\$(find \$1/entware*/bin/$script_name 2> /dev/null)\" ] && $script_name stop nologo # added by $script_name" >> $unmount 478 | updated 479 | else 480 | present 481 | fi 482 | else 483 | { 484 | echo "#!/bin/sh" 485 | echo "" 486 | echo "[ \"\$(find \$1/entware*/bin/$script_name 2> /dev/null)\" ] && $script_name stop nologo # added by $script_name" 487 | } > $unmount 488 | printf "$green created. $std\n" 489 | fi 490 | [ ! -x $unmount ] && chmod 0755 $unmount 491 | } 492 | 493 | lr_cron(){ 494 | printf "$white %34s" "checking $lr cron job ..." 495 | if ! cru l | grep -q $lr 496 | then 497 | cru a $lr "5 0 * * * $lr_loc $lr_conf >> $lr_daily 2>&1" 498 | updated 499 | else 500 | present 501 | fi 502 | } 503 | 504 | dir_links(){ 505 | printf "$white %34s" "checking directory links ..." 506 | if [ ! -L "$syslog_loc" ] || [ ! -d "/opt/var/run/syslog-ng" ] 507 | then 508 | # load kill_logger() function to reset system path links/hacks 509 | # keep shellcheck from barfing on sourcing $rcfunc_loc 510 | # shellcheck disable=SC1091 511 | # shellcheck source=/opt/etc/init.d/rc.func.syslog-ng 512 | . $rcfunc_loc 513 | kill_logger 514 | updated 515 | else 516 | present 517 | fi 518 | } 519 | 520 | ##----------------------------------------## 521 | ## Modified by Martinski W. [2024-Aug-25] ## 522 | ##----------------------------------------## 523 | sync_conf() 524 | { 525 | printf "$white %34s" "$( strip_path "$sng_conf" ) version check ..." 526 | sng_conf_vtag1="@version:" 527 | sng_conf_vtag2="${sng_conf_vtag1}[[:blank:]]*" 528 | sng_version_str="$( $sng --version | grep -m1 "$sng" | grep -oE '[0-9]{1,2}([_.][0-9]{1,2})' )" 529 | sng_conf_verstr="$( grep -Em1 "$sng_conf_vtag2" "$sng_conf" | grep -oE '[0-9]{1,2}([_.][0-9]{1,2})' )" 530 | 531 | if [ "$sng_version_str" != "$sng_conf_verstr" ] || grep -q 'stats_freq(' "$sng_conf" 532 | then 533 | printf "$red out of sync! (%s) $std\n" "$sng_conf_verstr" 534 | printf "$cyan *** Updating %s and restarting %s *** $std\n" "$( strip_path "$sng_conf" )" "$sng" 535 | $S01sng_init stop 536 | old_doc="doc\/syslog-ng-open" 537 | new_doc="list\/syslog-ng-open-source-edition" 538 | sed -i "s/$old_doc.*/$new_doc/" "$sng_conf" 539 | stats_freq="$( grep -m1 'stats_freq(' $sng_conf | cut -d ';' -f 1 | grep -oE '[0-9]*' )" 540 | [ -n "$stats_freq" ] && sed -i "s/stats_freq($stats_freq)/stats(freq($stats_freq))/g" "$sng_conf" 541 | if [ -n "$sng_version_str" ] && [ -n "$sng_conf_verstr" ] 542 | then 543 | sed -i "s/^${sng_conf_vtag2}${sng_conf_verstr}.*/$sng_conf_vtag1 $sng_version_str/" "$sng_conf" 544 | fi 545 | $S01sng_init start 546 | hup_uisc 547 | printf "$white %34s" "$( strip_path "$sng_conf" ) version ..." 548 | printf "$yellow updated! (%s) $std\n" "$sng_version_str" 549 | logger -t "$script_name" "$( strip_path "$sng_conf" ) version number updated ($sng_version_str)!" 550 | else 551 | printf "$green in sync. (%s) $std\n" "$sng_version_str" 552 | fi 553 | } 554 | 555 | sng_syntax(){ 556 | printf "$white %34s" "$( strip_path "$sng_conf" ) syntax check ..." 557 | if $sng_loc -s >> /dev/null 2>&1; then printf "$green okay! $std\n"; else printf "$red FAILED! $std\n\n"; fi 558 | } 559 | 560 | get_vers(){ 561 | # only get scribe from github once 562 | script_md5="$( md5_file "$script_loc")" 563 | dlt "$script_tmp" 564 | curl -fsL --retry 3 "$script_repo" -o "$script_tmp" 565 | [ ! -e "$script_tmp" ] && printf "\n\n$white %s GitHub repository is unavailable! -- $red ABORTING! $std\n\n" "$script_name" && exit 1 566 | github_ver="$( grep -m1 "scribe_ver=" "$script_tmp" | grep -oE 'v?[0-9]{1,2}([.][0-9]{1,2})([_.][0-9]{1,2})' | sed 's/\./_/2' )" 567 | github_branch="$( grep -m1 "scribe_branch=" "$script_tmp" | awk -F\" '{ printf ( $2 ); }'; )" 568 | github_long="$github_ver ($github_branch)" 569 | github_md5="$( md5_file "$script_tmp")" 570 | new_vers="none" 571 | if [ "$( ver_num "$github_ver" )" -lt "$( ver_num "$script_ver" )" ]; then new_vers="older" 572 | elif [ "$( ver_num "$github_ver" )" -gt "$( ver_num "$script_ver" )" ]; then new_vers="major" 573 | elif [ "$script_md5" != "$github_md5" ]; then new_vers="minor" 574 | fi 575 | dlt "$script_tmp" 576 | } 577 | 578 | prt_vers(){ 579 | printf "\n$white %34s$green %s \n" "$script_name installed version:" "$script_long" 580 | printf "$white %34s$green %s $std\n" "$script_name GitHub version:" "$github_long" 581 | case "$new_vers" in 582 | older) 583 | printf "$red Local %s version greater than GitHub version!" "$script_name" 584 | ;; 585 | major) 586 | printf "$yellow %45s" "New $script_name version available" 587 | ;; 588 | minor) 589 | printf "$blue %45s" "Minor $script_name update available" 590 | ;; 591 | none) 592 | printf "$green %40s" "$script_name is up to date!" 593 | ;; 594 | esac 595 | printf "$std\n\n" 596 | } 597 | 598 | # install default file in /usr/etc/$1.d 599 | setup_ddir(){ 600 | [ "$1" = "$sng" ] && d_dir="$sngd_d" 601 | [ "$1" = "$lr" ] && d_dir="$lrd_d" 602 | 603 | for dfile in "$unzip_dir/$1.d"/* 604 | do 605 | dfbase="$( strip_path "$dfile" )" 606 | ddfile="$d_dir/$dfbase" 607 | { [ ! -e "$ddfile" ] || [ "$2" = "ALL" ]; } && cp -p "$dfile" "$ddfile" 608 | done 609 | chmod 600 "$d_dir"/* 610 | } 611 | 612 | # install example files in /usr/share/$1/examples 613 | setup_exmpls(){ 614 | [ "$1" = "$sng" ] && share="$sng_share" && conf="$sng_conf" 615 | [ "$1" = "$lr" ] && share="$lr_share" && conf="$lr_conf" 616 | opkg="$1.conf-opkg" 617 | conf_opkg="$conf-opkg" 618 | 619 | [ "$2" != "ALL" ] && printf "\n$white" 620 | [ ! -d "$share" ] && mkdir "$share" 621 | [ ! -d "$share/examples" ] && mkdir "$share/examples" 622 | 623 | for exmpl in "$unzip_dir/$1.share"/* 624 | do 625 | shrfile="$share/examples/$( strip_path "$exmpl" )" 626 | if [ ! -e "$shrfile" ] || [ "$2" = "ALL" ] 627 | then 628 | update_file "$exmpl" "$shrfile" 629 | elif ! same_same "$exmpl" "$shrfile" 630 | then 631 | printf " updating %s\n" "$shrfile" 632 | update_file "$exmpl" "$shrfile" 633 | fi 634 | done 635 | 636 | if [ -e "$conf_opkg" ] 637 | then 638 | update_file "$conf_opkg" "$share/examples/$opkg" "backup" 639 | dlt "$conf_opkg" 640 | elif [ ! -e "$share/examples/$opkg" ] 641 | then 642 | cp -pf "$conf" "$share/examples/$opkg" 643 | if [ "$1" = "$sng" ] 644 | then 645 | printf "\n$white NOTE: The %s file provided by the Entware %s package sources a very\n" "$( strip_path "$conf" )" "$sng" 646 | printf " complex set of logging functions most users don't need.$magenta A replacement %s has been\n" "$( strip_path "$conf" )" 647 | printf " installed to %s$white that corrects this issue. The %s file provided\n" "$conf" "$( strip_path "$conf" )" 648 | printf " by the Entware package has been moved to $cyan%s$white.\n" "$share/examples/$opkg" 649 | fi 650 | fi 651 | chmod 600 "$share/examples"/* 652 | printf "$std" 653 | } 654 | 655 | force_install(){ 656 | printf "\n$blue %s$white already installed!\n" "$1" 657 | [ "$1" != "$script_name" ] && printf "$yellow Forcing installation$red WILL OVERWRITE$yellow any modified configuration files!\n" 658 | printf "$white Do you want to force re-installation of %s [y|n]? $std" "$1" 659 | yes_no 660 | return $? 661 | } 662 | 663 | show_config(){ 664 | if [ -e "$sng_loc" ] 665 | then 666 | dlt "$sngconf_merged" 667 | dlt "$sngconf_error" 668 | if $sng_loc --preprocess-into="$sngconf_merged" 2> "$sngconf_error" 669 | then 670 | less "$sngconf_merged" 671 | else 672 | less "$sngconf_error" 673 | fi 674 | true 675 | else 676 | not_installed "$sng" 677 | false 678 | fi 679 | } 680 | 681 | show_loaded(){ 682 | dlt "$sngconf_merged" 683 | $sngctl_loc config --preprocessed > "$sngconf_merged" 684 | less "$sngconf_merged" 685 | } 686 | 687 | run_logrotate(){ 688 | dlt "$lr_daily" 689 | printf "\n$white %34s" "running $lr ..." 690 | $lr_loc $lr_conf >> $lr_daily 2>&1 691 | finis 692 | printf "\n$magenta checking %s log for errors $cyan\n\n" "$lr" 693 | tail -v "$lr_daily" 694 | } 695 | 696 | menu_status(){ 697 | check_sng 698 | syslogd_check 699 | printf "\n$magenta checking system for necessary %s hooks ...\n\n" "$script_name" 700 | sed_sng 701 | if sng_rng; then sed_srvc; fi 702 | lr_post 703 | sed_umnt 704 | if sng_rng; then lr_cron; dir_links;fi 705 | printf "\n$magenta checking %s configuration ...\n\n" "$sng" 706 | sync_conf 707 | sng_syntax 708 | get_vers 709 | prt_vers 710 | } 711 | 712 | sng_ver_chk() 713 | { 714 | sng_vers="$( $sng --version | grep -m1 "$sng" | grep -oE '[0-9]{1,2}([_.][0-9]{1,2})([_.][0-9]{1,2})?' )" 715 | if [ "$( ver_num "$sng_vers" )" -lt "$( ver_num "$sng_reqd" )" ] 716 | then 717 | printf "\n$red %s version %s or higher required!\n" "$sng" "$sng_reqd" 718 | printf "Please update your Entware packages and run %s install again.$cyan\n\n" "$script_name" 719 | /opt/bin/opkg remove "$sng" 720 | printf "$std\n\n" 721 | exit 1 722 | fi 723 | } 724 | 725 | setup_sng(){ 726 | printf "\n$magenta setting up %s ...\n$std" "$sng" 727 | copy_rcfunc 728 | sed_sng 729 | sed_srvc 730 | sed_umnt 731 | if [ "$( md5_file "$sng_share/examples/$sng.conf-scribe" )" != "$( md5_file "$sng_conf" )" ] 732 | then 733 | printf "$white %34s" "updating $( strip_path $sng_conf ) ..." 734 | update_file $sng_share/examples/$sng.conf-scribe $sng_conf "backup" 735 | finis 736 | fi 737 | sync_conf 738 | } 739 | 740 | setup_lr(){ 741 | # assumes since entware is required / installed, post-mount exists and is properly executable 742 | printf "\n$magenta setting up %s ...\n" "$lr" 743 | lr_post 744 | lr_cron 745 | } 746 | 747 | install(){ 748 | force="" 749 | [ "X$2" = "XFORCE" ] && force="--force-reinstall" 750 | printf "\n$cyan" 751 | /opt/bin/opkg install $force "$1" 752 | [ "$1" = "$sng" ] && sng_ver_chk 753 | setup_ddir "$1" "ALL" 754 | setup_exmpls "$1" "ALL" 755 | [ "$1" = "$sng" ] && setup_sng 756 | [ "$1" = "$lr" ] && setup_lr 757 | } 758 | 759 | setup_scribe(){ 760 | printf "\n$white setting up %s ..." "$script_name" 761 | cp -pf "$unzip_dir/$script_name" "$script_loc" 762 | chmod 0755 "$script_loc" 763 | [ ! -e "/opt/bin/$script_name" ] && ln -s "$script_loc" /opt/bin 764 | # install correct firewall or skynet file, these are mutually exclusive 765 | if $skynet_inst 766 | then 767 | dlt "$sngd_d/firewall" 768 | dlt "$lrd_d/firewall" 769 | if [ ! -e "$sngd_d/skynet" ] || [ "$1" = "ALL" ] 770 | then 771 | printf "$white installing %s Skynet filter ..." "$sng" 772 | cp -p "$sng_share/examples/skynet" "$sngd_d" 773 | fi 774 | printf "$blue setting Skynet log file location$white ..." 775 | skynetlog="$( grep -m1 'file("' $sngd_d/skynet | awk -F\" '{ printf ( $2 ); }'; )" 776 | sh $skynet settings syslog "$skynetlog" > /dev/null 2>&1 777 | else 778 | dlt "$sngd_d/skynet" 779 | dlt "$lrd_d/skynet" 780 | if [ ! -e "$sngd_d/firewall" ] || [ "$1" = "ALL" ] 781 | then 782 | printf "$white installing %s firewall filter ..." "$sng" 783 | cp -p "$sng_share/examples/firewall" "$sngd_d" 784 | printf "$white installing firewall log rotation ..." 785 | cp -p "$lr_share/examples/firewall" "$lrd_d" 786 | fi 787 | fi 788 | finis 789 | } 790 | 791 | setup_uisc(){ 792 | uisc_ver=$(curl -fsL --retry 3 "$uisc_repo" | grep "SCRIPT_VERSION=" | grep -m1 -oE 'v[0-9]{1,2}([.][0-9]{1,2})([.][0-9]{1,2})') 793 | printf "\n$white Would you like to install$cyan %s %s$white, a script by Jack Yaz\n" "$uisc_name" "$uisc_ver" 794 | printf " that modifies the webui$yellow System Log$white page to show the various logs\n" 795 | printf " generated by %s in individual drop-down windows [y|n]? " "$sng" 796 | if yes_no 797 | then 798 | printf "\n" 799 | curl --retry 3 "$uisc_repo" -o "$uiscribe" && chmod 0755 $uiscribe && $uiscribe install 800 | fi 801 | } 802 | 803 | pre_install(){ 804 | # check for required components 805 | okay=true 806 | 807 | # check if Entware & ASUSWRT-Merlin are installed and Merlin version number 808 | if [ ! -x "/opt/bin/opkg" ] || [ "$fwname" != "$merlin" ] || [ "$( ver_num "$fwvers" )" -lt "$( ver_num "$fwreqd" )" ] 809 | then 810 | printf "\n\n$red %s version %s or later with Entware is required! $std\n" "$merlin" "$fwreqd" 811 | okay=false 812 | fi 813 | 814 | # check if diversion is installed and version number 815 | if [ -x "$divers" ] 816 | then 817 | printf "\n\n$white Diversion detected, checking version ..." 818 | div_ver="$( grep -m1 "VERSION" $divers | grep -oE '[0-9]{1,2}([.][0-9]{1,2})' )" 819 | printf " version %s detected ..." "$div_ver" 820 | if [ "$( ver_num "$div_ver" )" -lt "$( ver_num "$div_req" )" ] 821 | then 822 | printf "$red update required!\n" 823 | printf " Diversion %s or later is required! $std\n" "$div_req" 824 | okay=false 825 | else 826 | printf "$green okay! $std\n" 827 | fi 828 | fi 829 | 830 | # check if Skynet is installed and version number 831 | if $skynet_inst 832 | then 833 | printf "\n\n$white Skynet detected, checking version ..." 834 | sky_ver="$( grep -m1 -oE 'v[0-9]{1,2}([.][0-9]{1,2})([.][0-9]{1,2})' "$skynet" )" 835 | printf " version %s detected ..." "$sky_ver" 836 | if [ "$( ver_num "$sky_ver" )" -lt "$( ver_num "$sky_req" )" ] 837 | then 838 | printf "$red update required!\n" 839 | printf " Skynet %s or later is required! $std\n" "$sky_req" 840 | okay=false 841 | else 842 | printf "$green okay! $std\n" 843 | fi 844 | else 845 | printf "$white\n\n Skynet is$red NOT$white installed on this system!\n\n" 846 | printf " If you plan to install Skynet, it is recommended\n" 847 | printf " to stop %s installation now and install Skynet\n" "$script_name" 848 | printf " using amtm (https://github.com/decoderman/amtm).\n\n" 849 | printf " If Skynet is installed after %s, run \"%s install\"\n" "$script_name" "$script_name" 850 | printf " and force installation to configure %s and Skynet\n" "$script_name" 851 | printf " to work together.\n\n" 852 | if $okay 853 | then 854 | printf " Do you want to continue installation of %s [y|n]? $std" "$script_name" 855 | if ! yes_no 856 | then 857 | okay=false 858 | fi 859 | fi 860 | fi 861 | 862 | # exit if requiements not met 863 | if ! $okay 864 | then 865 | printf "\n\n$magenta exiting %s installation. $std\n\n" "$script_name" 866 | dlt "$script_loc" 867 | exit 1 868 | fi 869 | } 870 | 871 | menu_install(){ 872 | if [ ! -e $sng_loc ] 873 | then 874 | install "$sng" 875 | elif force_install "$sng" 876 | then 877 | $S01sng_init stop 878 | install "$sng" "FORCE" 879 | fi 880 | echo 881 | $S01sng_init start 882 | 883 | if [ ! -e $lr_loc ] 884 | then 885 | install "$lr" 886 | elif force_install "$lr" 887 | then 888 | install "$lr" "FORCE" 889 | fi 890 | run_logrotate 891 | 892 | if ! $is_inst 893 | then 894 | setup_scribe "ALL" 895 | elif force_install "$script_name script" 896 | then 897 | setup_scribe "ALL" 898 | fi 899 | 900 | rld_sngconf 901 | printf "\n$white %s setup complete! " "$script_name" 902 | enter_to "continue" 903 | if ! $uisc_inst; then setup_uisc; fi 904 | } 905 | 906 | menu_restart(){ 907 | if sng_rng 908 | then 909 | printf "\n$yellow Restarting %s... $std\n" "$sng" 910 | $S01sng_init restart 911 | else 912 | printf "\n$white %s$red NOT$white running! $yellow Starting %s ... $std\n" "$sng" 913 | $S01sng_init start 914 | fi 915 | hup_uisc 916 | } 917 | 918 | stop_sng(){ 919 | printf "$white stopping %s ..." "$sng" 920 | $S01sng_init stop 921 | # remove any syslog links 922 | clear_loglocs 923 | mv "$optmsg" "$syslog_loc" 924 | ln -s "$syslog_loc" "$optmsg" 925 | printf "$white starting system klogd and syslogd ..." 926 | start_syslogd 927 | if ! $banner; then return; fi 928 | printf "\n$white %s will be started at next reboot; you\n" "$sng" 929 | printf " may type '%s restart' at shell prompt, or\n" "$script_name" 930 | printf " select rs from %s menu to restart %s $std\n\n" "$script_name" "$sng" 931 | } 932 | 933 | stop_lr(){ if cru l | grep -q $lr; then cru d $lr; fi; } 934 | 935 | menu_stop(){ 936 | stop_sng 937 | stop_lr 938 | } 939 | 940 | uninst_uisc(){ 941 | printf "\n" 942 | if $uisc_inst 943 | then 944 | printf "$white uiScribe detected, uninstalling ...\n\n" 945 | $uiscribe uninstall 946 | fi 947 | } 948 | 949 | uninstall(){ 950 | printf "\n\n" 951 | banner=false # suppress certain messages 952 | if [ -e $sng_loc ] 953 | then 954 | if sng_rng; then stop_sng; fi 955 | sed -i "/$script_name service_event/d" $srvc_event 956 | sed -i "/$script_name stop/d" $unmount 957 | dlt "$S01sng_init" 958 | dlt "$rcfunc_loc" 959 | printf "\n$cyan" 960 | /opt/bin/opkg remove "$sng" 961 | dlt "$sng_conf" 962 | dlt "$sngd_d" 963 | dlt "$sng_share" 964 | 965 | if $skynet_inst && ! $reinst 966 | then 967 | printf "$white restoring Skynet logging to %s ..." "$syslog_loc" 968 | sh $skynet settings syslog "$syslog_loc" > /dev/null 2>&1 969 | fi 970 | else 971 | not_installed "$sng" 972 | fi 973 | 974 | if [ -e $lr_loc ] 975 | then 976 | stop_lr 977 | sed -i "/cru a $lr/d" $postmount 978 | printf "\n$cyan" 979 | /opt/bin/opkg remove "$lr" 980 | dlt "$lr_conf" 981 | dlt "$lrd_d" 982 | dlt "$lr_share" 983 | dlt "$lr_daily" 984 | else 985 | not_installed "$lr" 986 | fi 987 | 988 | dlt "$TMP/$script_name.zip" 989 | dlt "$TMP/$script_name-$script_branch" 990 | dlt "/opt/bin/$script_name" 991 | dlt "$script_loc" 992 | is_inst=false 993 | if ! $reinst 994 | then 995 | printf "\n$white %s, %s, and %s have been removed from the system.\n" "$sng" "$lr" "$script_name" 996 | printf " It is recommended to reboot the router at this time. If you do not\n" 997 | printf " wish to reboot the router, press ctrl-c now to exit.\n\n\n" 998 | enter_to "reboot" 999 | service reboot; exit 0 1000 | fi 1001 | } 1002 | 1003 | menu_uninstall(){ 1004 | andre="remove" 1005 | uni="UN" 1006 | if $reinst 1007 | then 1008 | andre="remove and reinstall" 1009 | uni="RE" 1010 | fi 1011 | warning_sign 1012 | printf " This will completely$magenta %s$yellow %s$white and$yellow %s$white.\n" "$andre" "$sng" "$lr" 1013 | printf " Ensure you have backed up any configuration files you wish to keep.\n" 1014 | printf " All configuration files in$yellow %s$white,$yellow %s$white,\n" "$sngd_d" "$lrd_d" 1015 | printf " $yellow %s$white, and$yellow %s$white will be deleted!\n" "$sng_share" "$lr_share" 1016 | warning_sign 1017 | printf " Type YES to$magenta %s$yellow %s$white: $std" "$andre" "$script_name" 1018 | read -r wipeit 1019 | case "$wipeit" in 1020 | YES) 1021 | if ! $reinst; then uninst_uisc; fi 1022 | uninstall 1023 | ;; 1024 | *) 1025 | do_inst=false 1026 | printf "\n\n$white *** %sINSTALL ABORTED! ***$std\n\n" "$uni" 1027 | ;; 1028 | esac 1029 | } 1030 | 1031 | menu_filters(){ 1032 | printf "\n$white Do you want to update$yellow %s$white and$yellow %s$white filter files?\n" "$sng" "$lr" 1033 | printf "$cyan 1) Adds any new files to$yellow %s$cyan directories\n" "$share_ex" 1034 | printf " and updates any example files that have changed.\n" 1035 | printf " 2) Adds any new files to$yellow %s$cyan directories.\n" "$etc_d" 1036 | printf " 3) Asks to update existing files in$yellow %s$cyan directories\n" "$etc_d" 1037 | printf "$magenta _IF_$cyan a corresponding file exists in$yellow %s$cyan,\n" "$share_ex" 1038 | printf "$magenta _AND_$cyan it is different from the file in$yellow %s$cyan.\n" "$etc_d" 1039 | printf "$white NOTE:$cyan You will be provided an opportunity to review\n" 1040 | printf " the differences between the existing file and the\n" 1041 | printf " proposed update.\n\n" 1042 | printf "$yellow If you are unsure, you should answer 'y' here; any changes to\n" 1043 | printf " the running configuration will require confirmation.\n\n" 1044 | printf "$white Update filter files? [y|n] $std" 1045 | if yes_no 1046 | then 1047 | get_zip 1048 | for pckg in $sng $lr 1049 | do 1050 | setup_ddir "$pckg" "NEW" 1051 | setup_exmpls "$pckg" "NEWER" 1052 | check_dir="$( echo "$etc_d" | sed "s/\*/$pckg/" )" 1053 | comp_dir="$( echo "$share_ex" | sed "s/\*/$pckg/" )" 1054 | for upd_file in "$check_dir"/* 1055 | do 1056 | comp_file="$comp_dir/$( strip_path "$upd_file" )" 1057 | if [ -e "$comp_file" ] && ! same_same "$upd_file" "$comp_file" 1058 | then 1059 | processed=false 1060 | printf "\n$white Update available for$yellow %s$white.\n" "$upd_file" 1061 | while ! $processed 1062 | do 1063 | printf " (a)ccept, (r)eject, or (v)iew diff for this file? " 1064 | read -r dispo 1065 | case "$dispo" in 1066 | a) 1067 | update_file "$comp_file" "$upd_file" 1068 | printf "\n$green %s updated!$std\n" "$upd_file" 1069 | processed=true 1070 | ;; 1071 | r) 1072 | printf "\n$magenta %s not updated!$std\n" "$upd_file" 1073 | processed=true 1074 | ;; 1075 | v) 1076 | echo 1077 | diff "$upd_file" "$comp_file" | more 1078 | echo 1079 | ;; 1080 | *) 1081 | echo 1082 | ;; 1083 | esac 1084 | done 1085 | fi 1086 | done 1087 | done 1088 | printf "\n$white %s and %s example files updated!$std\n" "$sng" "$lr" 1089 | rld_sngconf 1090 | else 1091 | printf "\n$white %s and %s example files$red not$white updated!$std\n" "$sng" "$lr" 1092 | fi 1093 | } 1094 | 1095 | menu_update(){ 1096 | if [ "$new_vers" = "major" ] || [ "$new_vers" = "minor" ] 1097 | then 1098 | [ "$new_vers" = "major" ] && printf "\n$green New version" || printf "$cyan Minor update" 1099 | printf "$white available!\n" 1100 | printf " Do you wish to upgrade? [y|n] $std" 1101 | else 1102 | printf "\n$white No new version available. (GitHub version" 1103 | [ "$new_vers" = "none" ] && printf " equal to " || printf "$red LESS THAN $white" 1104 | printf "local version)\n" 1105 | printf " Do you wish to force re-installation of %s script? [y|n] $std" "$script_name" 1106 | fi 1107 | if yes_no 1108 | then 1109 | get_zip 1110 | setup_scribe "NEWER" 1111 | copy_rcfunc 1112 | printf "\n$white %s updated!$std\n" "$script_name" 1113 | sh "$script_loc" filters gotzip nologo 1114 | sh "$script_loc" status nologo 1115 | run_scribe=true 1116 | else 1117 | printf "\n$white *** %s$red not$white updated! *** $std\n\n" "$script_name" 1118 | fi 1119 | } 1120 | 1121 | menu_forgrnd(){ 1122 | restrt=false 1123 | if sng_rng 1124 | then 1125 | warning_sign 1126 | printf " %s is currently running; starting the debugging\n" "$sng" 1127 | printf " mode is usually not necessary if %s is running.\n" "$sng" 1128 | printf " Debugging mode is intended for troubleshooting when\n" 1129 | printf " %s will not start.\n\n" "$sng" 1130 | printf " Are you certain you wish to start debugging mode [y|n]? $std" 1131 | if ! yes_no; then return; fi 1132 | restrt=true 1133 | fi 1134 | printf "\n$yellow NOTE: If there are no errors, debugging mode will\n" 1135 | printf " continue indefinitely. If this happens, type\n" 1136 | printf " ctrl-c to halt debugging mode output\n\n" 1137 | enter_to "start" 1138 | if $restrt; then $S01sng_init stop; printf "\n"; fi 1139 | trap '' 2 1140 | $sng_loc -Fevd 1141 | trap - 2 1142 | if $restrt; then printf "\n"; $S01sng_init start; fi 1143 | printf "\n" 1144 | } 1145 | 1146 | gather_debug(){ 1147 | dlt "$script_debug" 1148 | printf "\n$white gathering debugging information ..." 1149 | get_vers 1150 | 1151 | # everything between { } goes to $script_debug 1152 | { 1153 | printf "%s\n" "$debug_sep" 1154 | printf "### %s Version: %s\n" "$script_name" "$script_long" 1155 | printf "### Local %s md5: %s\n" "$script_name" "$script_md5" 1156 | printf "### GitHub Version: %s\n" "$github_long" 1157 | printf "### GitHub %s md5: %s\n" "$script_name" "$github_md5" 1158 | printf "### Router: %s (%s)\n" "$model" "$arch" 1159 | printf "### Firmware Version: %s %s\n" "$fwname" "$fwvers" 1160 | printf "\n%s\n### check running log processes:\n" "$debug_sep" 1161 | ps | grep "log" 1162 | printf "\n%s\n### check crontab:\n" "$debug_sep" 1163 | cru l | grep $lr 1164 | printf "\n%s\n### directory check:\n" "$debug_sep" 1165 | ls -ld /tmp/syslog* 1166 | ls -ld /jffs/syslog* 1167 | ls -ld $optmsg 1168 | ls -ld $script_conf 1169 | printf "\n%s\n### top output:\n" "$debug_sep" 1170 | top -b -n1 | head 1171 | printf "\n%s\n### *log references in top:\n" "$debug_sep" 1172 | top -b -n1 | grep log 1173 | printf "\n%s\n### init.d directory:\n" "$debug_sep" 1174 | ls -l /opt/etc/init.d 1175 | printf "\n%s\n### contents of S01syslog-ng\n" "$debug_sep" 1176 | cat /opt/etc/init.d/S01syslog-ng 1177 | printf "\n%s\n### /opt/var/log directory:\n" "$debug_sep" 1178 | ls -l /opt/var/log 1179 | printf "\n%s\n### installed packages:\n" "$debug_sep" 1180 | /opt/bin/opkg list-installed 1181 | printf "\n%s\n### %s running configuration:\n" "$debug_sep" "$sng" 1182 | } >> "$script_debug" 1183 | if sng_rng 1184 | then 1185 | $sngctl_loc config --preprocessed >> "$script_debug" 1186 | else 1187 | printf "#### %s not running! ####\n%s\n" "$sng" "$debug_sep" 1188 | fi 1189 | printf "\n%s\n### %s on-disk syntax check:\n" "$debug_sep" "$sng" >> "$script_debug" 1190 | dlt "$sngconf_merged" 1191 | dlt "$sngconf_error" 1192 | $sng_loc --preprocess-into="$sngconf_merged" 2> "$sngconf_error" 1193 | cat "$sngconf_merged" >> "$script_debug" 1194 | if [ -s "$sngconf_error" ] 1195 | then 1196 | { 1197 | printf "#### SYSLOG-NG SYNTAX ON-DISK CHECK FAILED! SEE BELOW ####\n" 1198 | cat "$sngconf_error" 1199 | printf "###### END SYSLOG-NG ON-DISK SYNTAX FAILURE OUTPUT ######\n" 1200 | } >> "$script_debug" 1201 | else 1202 | printf "#### syslog-ng on-disk syntax check okay! ####\n" >> "$script_debug" 1203 | fi 1204 | printf "\n%s\n### logrotate debug output:\n" "$debug_sep" >> "$script_debug" 1205 | $lr_loc -d "$lr_conf" >> "$script_debug" 2>&1 1206 | printf "\n%s\n### Skynet log locations:\n" "$debug_sep" 1207 | if $skynet_inst 1208 | then 1209 | skynetloc="$( grep -ow "skynetloc=.* # Skynet" $fire_start 2>/dev/null | grep -vE "^#" | awk '{print $1}' | cut -c 11- )" 1210 | skynetcfg="${skynetloc}/skynet.cfg" 1211 | grep "syslog" "$skynetcfg" >> "$script_debug" 1212 | else 1213 | printf "#### Skynet not installed! ####\n%s\n" "$debug_sep" >> "$script_debug" 1214 | fi 1215 | printf "\n%s\n### end of output ###\n" "$debug_sep" >> "$script_debug" 1216 | 1217 | printf " redacting username and USB drive names ..." 1218 | redact="$( echo "$USER" | awk '{ print substr($0, 1, 8); }' )" 1219 | sed -i "s/$redact/redacted/g" "$script_debug" 1220 | mntnum=0 1221 | for usbmnt in /tmp/mnt/* 1222 | do 1223 | usbdrv="$( echo "$usbmnt" | awk -F/ '{ printf( $4 ); }' )" 1224 | # note that if the usb drive name has a comma in it, then sed will fail 1225 | if [ "X$( echo "$usbmnt" | grep ',' )" = "X" ] 1226 | then 1227 | sed -i "s,$usbdrv,usb#$mntnum,g" "$script_debug" 1228 | else 1229 | printf "\n\n USB drive $cyan%s$white has a comma in the drive name,$red unable to redact!$white\n\n" "$usbdrv" 1230 | fi 1231 | mntnum=$(( mntnum + 1 )) 1232 | done 1233 | 1234 | printf " taring the output ..." 1235 | tar -zcvf "$script_debug.tar.gz" -C "$TMP" "$script_debug_name" > /dev/null 2>&1 1236 | finis 1237 | printf "\n$std Debug output stored in $cyan%s$std, please review this file\n" "$script_debug" 1238 | printf " to ensure you understand what information is being disclosed.\n\n" 1239 | printf " Tarball of debug output is $cyan%s.tar.gz $std\n" "$script_debug" 1240 | } 1241 | 1242 | menu_backup(){ 1243 | printf "\n$white Backing up %s and %s Configurations ... \n" "$sng" "$lr" 1244 | date_stamp "$script_bakname" 1245 | tar -zcvf "$script_bakname" "$sng_conf" "$sngd_d" "$lr_conf" "$lrd_d" "$conf_d" 1246 | printf "\n$std Backup data is stored in $cyan%s$std.\n\n" "$script_bakname" 1247 | } 1248 | 1249 | menu_restore(){ 1250 | warning_sign 1251 | printf " This will overwrite $yellow%s$white and $yellow%s$white,\n" "$sng_conf" "$lr_conf" 1252 | printf " and replace all files in $yellow%s$white and $yellow%s$white!!\n" "$sngd_d" "$lrd_d" 1253 | printf " The file must be named $cyan%s$white.\n\n" "$script_bakname" 1254 | if [ ! -e "$script_bakname" ] 1255 | then 1256 | printf " Backup file $magenta%s$white missing!!\n\n" "$script_bakname" 1257 | else 1258 | printf " Are you SURE you want to restore from $cyan%s$white (type YES to restore)? $std" "$script_bakname" 1259 | read -r rstit 1260 | case "$rstit" in 1261 | YES) 1262 | printf "\n$white Restoring %s and %s Configurations ... \n" "$sng" "$lr" 1263 | dlt "$sngd_d" 1264 | dlt "$lrd_d" 1265 | tar -zxvf "$script_bakname" -C / 1266 | chmod 600 "$sngd_d"/* 1267 | chmod 600 "$lrd_d"/* 1268 | printf "\n$std Backup data has been restored from $cyan%s$std.\n" "$script_bakname" 1269 | menu_restart 1270 | menu_status 1271 | ;; 1272 | *) 1273 | printf "\n\n$white *** RESTORE ABORTED! ***$std\n\n" 1274 | ;; 1275 | esac 1276 | fi 1277 | } 1278 | 1279 | menu_about(){ 1280 | cat <> $lr_temp 2>&1 1476 | less $lr_temp 1477 | dlt "$lr_temp" 1478 | pause=false 1479 | ;; 1480 | ui) 1481 | if $uisc_inst 1482 | then 1483 | $uiscribe 1484 | pause=false 1485 | else 1486 | setup_uisc 1487 | fi 1488 | ;; 1489 | e) 1490 | if [ "$menu_type" = "main" ] 1491 | then 1492 | printf "\n$white Thanks for using scribe! $std\n\n\n" 1493 | exit 0 1494 | else 1495 | menu_type="main" 1496 | pause=false 1497 | fi 1498 | ;; 1499 | is) 1500 | do_inst=true 1501 | reinst=false 1502 | if $is_inst 1503 | then 1504 | reinst=true 1505 | menu_uninstall 1506 | fi 1507 | if $do_inst 1508 | then 1509 | pre_install 1510 | get_zip 1511 | menu_install 1512 | sh "$script_loc" status nologo 1513 | run_scribe=true 1514 | fi 1515 | ;; 1516 | zs) 1517 | reinst=false 1518 | menu_uninstall 1519 | ;; 1520 | *) 1521 | not_recog=true 1522 | ;; 1523 | esac 1524 | else 1525 | not_recog=true 1526 | fi 1527 | if $not_recog; then printf "\n$red Unrecognized command \"%s\". " "$choice"; fi 1528 | if $pause; then enter_to "continue"; fi 1529 | if $run_scribe; then sh "$script_loc"; exit 0; fi 1530 | done 1531 | } 1532 | 1533 | 1534 | ############## 1535 | #### MAIN #### 1536 | ############## 1537 | 1538 | if ! sld_rng && ! sng_rng 1539 | then 1540 | printf "\n\n$red WARNING: $white No system logger was running!!\n" 1541 | printf "Starting system loggers ..." 1542 | start_syslogd 1543 | fi 1544 | 1545 | # read or create config file 1546 | read_conf 1547 | 1548 | if [ "$action" = "menu" ] 1549 | then 1550 | menu_type="main" 1551 | scribe_menu 1552 | else 1553 | logo 1554 | fi 1555 | 1556 | case "$action" in 1557 | 1558 | # install syslog-ng, logrotate, & scribe script 1559 | about) 1560 | menu_about 1561 | ;; 1562 | help) 1563 | menu_help 1564 | ;; 1565 | install) 1566 | if $is_inst 1567 | then 1568 | printf "\n$white *** %s already installed! *** \n\n" "$script_name" 1569 | printf " Please use menu command 'is' to reinstall. $std\n\n" 1570 | exit 1 1571 | fi 1572 | pre_install 1573 | get_zip 1574 | menu_install 1575 | sh "$script_loc" status nologo 1576 | exit 0 1577 | ;; 1578 | 1579 | # uninstall scribe 1580 | uninstall | remove) 1581 | reinst=false 1582 | menu_uninstall 1583 | ;; 1584 | 1585 | # update scribe 1586 | update) 1587 | if sng_rng 1588 | then 1589 | get_vers 1590 | prt_vers 1591 | menu_update 1592 | fi 1593 | ;; 1594 | 1595 | # show total combined config 1596 | show-config | config) 1597 | if $is_inst 1598 | then 1599 | if show_config; then sng_syntax; fi 1600 | fi 1601 | ;; 1602 | 1603 | # verify syslog-ng is running and logrotate is listed in 'cru l' 1604 | status) 1605 | if $is_inst; then menu_status; fi 1606 | ;; 1607 | 1608 | # reload syslog-ng configuration 1609 | reload) 1610 | if sng_rng; then rld_sngconf; fi 1611 | ;; 1612 | 1613 | # restart (or start if not running) syslog-ng 1614 | restart | start) 1615 | if $is_inst 1616 | then 1617 | menu_restart 1618 | menu_status 1619 | fi 1620 | ;; 1621 | 1622 | # stop syslog-ng & logrotate cron job 1623 | stop) 1624 | if sng_rng; then menu_stop; fi 1625 | ;; 1626 | 1627 | # generate debug tarball 1628 | debug) 1629 | if $is_inst; then gather_debug; fi 1630 | ;; 1631 | 1632 | # update syslog-ng and logrotate filters - only used in update process 1633 | filters) 1634 | if sng_rng; then menu_filters; fi 1635 | ;; 1636 | 1637 | 1638 | # kill syslogd & klogd - only available via cli 1639 | service_event) 1640 | if ! sng_rng || [ "$2" = "stop" ]; then exit 0; fi 1641 | # load kill_logger() function to reset system path links/hacks 1642 | # keep shellcheck from barfing on sourcing $rcfunc_loc 1643 | # shellcheck disable=SC1091 1644 | # shellcheck source=/opt/etc/init.d/rc.func.syslog-ng 1645 | . $rcfunc_loc 1646 | kill_logger 1647 | sync_conf 1648 | ;; 1649 | 1650 | # unrecognized command 1651 | *) 1652 | printf "\n$white Usage: $script_name ( about | uninstall | update | config | status | reload | restart | debug )\n" 1653 | printf " For a brief description of commands, run: $script_name help $std\n\n" 1654 | exit 1 1655 | ;; 1656 | esac 1657 | 1658 | if ! $is_inst 1659 | then 1660 | printf "\n$yellow %s $white not installed, command \"%s\" not valid!$std\n\n" "$script_name" "$action" 1661 | elif ! sng_rng && [ "$action" != "stop" ] 1662 | then 1663 | printf "\n$yellow %s $white not running, command \"%s\" not valid!$std\n\n" "$sng" "$action" 1664 | else 1665 | printf "\n" 1666 | fi 1667 | 1668 | #eof 1669 | --------------------------------------------------------------------------------