Project

General

Profile

Bug #5340

IPsec logging - silent can't be configured, issues with defaults

Added by Chris Buechler about 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Category:
IPsec
Target version:
Start date:
10/24/2015
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.2.x
Affected Architecture:

Description

Silent logging can't actually be configured on vpn_ipsec_settings.php, because 0 isn't stored in the config (PHP considers "0" to be empty). That quirk of PHP is also relied upon to set a "default" value.

Need to have a way of actually saving and applying "silent", and show correct defaults where log levels don't exist in the config.

Associated revisions

Revision 5d6dde8a (diff)
Added by Chris Buechler about 4 years ago

Use 1-6 rather than 0-5 for IPsec logging levels, to stay away from complications of 0 due to PHP stupidity. Upgrade config to add 1 to any configured log levels. Default to 1 as log level where none is configured by the user. Ticket #5340

Revision 42ef62a4 (diff)
Added by Chris Buechler about 4 years ago

terminate argument parsing before giving the log level. Ticket #5340

Revision d25eda8d (diff)
Added by Chris Buechler about 4 years ago

Logging fixes. Ticket #5340

Revision 52005a06 (diff)
Added by Chris Buechler about 4 years ago

fix logging config upgrade. Ticket #5340

Revision f418fde4 (diff)
Added by Chris Buechler about 4 years ago

Correct available log levels. Ticket #5340

Revision b4140b14 (diff)
Added by Chris Buechler about 4 years ago

Default log level where none is selected should be 3 here. Ticket #5340

Revision 5eac8374 (diff)
Added by Chris Buechler about 4 years ago

Fix up descriptive text for logging levels. Ticket #5340

History

#1 Updated by Jim Thompson about 4 years ago

  • Assignee set to Matthew Smith

let's see if we can't find a work-around, or just push this to 2.3.

PHP is fucking stupid.

#2 Updated by Chris Buechler about 4 years ago

  • Status changed from Confirmed to Feedback

should work in 2.2.5 now. Needs review, and merging to 2.3.

#3 Updated by Chris Buechler about 4 years ago

  • Status changed from Feedback to Confirmed
  • Assignee changed from Matthew Smith to Chris Buechler

better, couple remaining things I'm fixing now

#4 Updated by Matthew Smith about 4 years ago

If you are shifting the scale to the range 1..6, the statement where you set the default value to 2 is incorrect. When I copy it to a test box, it ends up setting the default to Audit, when the strongswan default is equivalent to control. The strongswan default on the range from -1 to 4 is 1 (the third value). Your new default should be 3.

The statements in the input validation section at the top will all need to have their ranges adjusted as well. You could probably replace those 16 if statements that check each individual log setting with a loop to do the same thing:

        foreach ($ipsec_loglevels as $lkey => $ldescr) {

                if (isset($pconfig["ipsec_{$lkey}"]) && !in_array(intval($pconfig["ipsec_{$lkey}"]), range(-1, 4))) {
                        $input_errors[] = "A valid value must be specified for {$ldescr} debug.";
                }
        }

#5 Updated by Chris Buechler about 4 years ago

  • Status changed from Confirmed to Feedback

Thanks Matt, got both those too.

This seems to be ok now.

#6 Updated by Chris Buechler about 4 years ago

  • Status changed from Feedback to Resolved

fixed

Also available in: Atom PDF