
#-----------------------------------------------------------------------
# CHANGES
#-----------------------------------------------------------------------
#
# 2001-04-13  Dougal Holmes <dholmes@bigpond.net.au>
#             Added chain for syslog source port
# 2001-02-07  Jean-Sebastien Morisset <jsmoriss@mvlan.net>
#             Added check for CLUSTER_NAME and assoc. rules.
# 2000-10-26  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Added the "#m# 1 2 3" module config.
# 2000-10-14  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Initial module written for v5.0.
#
#-----------------------------------------------------------------------
# MODULE CONFIGURATION
#-----------------------------------------------------------------------
#
#m# 23
#a# accept
#i# cluster novirtual
#n# syslog
#t# servers
#
#   |--------------------------------------------------------------------|
#d# In strict mode, messages sent to remote syslog servers are denied.
#d# You can enter the host names of specific servers where you send 
#d# syslog messages. All other destinations will be blocked in strict 
#d# mode.
#   |--------------------------------------------------------------------|
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

for host in `Option_Value accept $INTOPT syslog servers`
do
	echo "Accept $INTOPT $IPADDR -> $host SYSLOG $LOG_MSG"
	if [ "$CLUSTER_NAME" ]
	then
		ipchains -A $INCHAIN  -j ACCEPT -p udp -s $IPADDR $UNPRIVPORTS -d $host syslog $LOG
		ipchains -A $INCHAIN  -j ACCEPT -p udp -s $IPADDR syslog       -d $host syslog $LOG
	else
		ipchains -A $OUTCHAIN -j ACCEPT -p udp -s $IPADDR $UNPRIVPORTS -d $host syslog $LOG
		ipchains -A $OUTCHAIN -j ACCEPT -p udp -s $IPADDR syslog       -d $host syslog $LOG
	fi
done
unset host

