Bug 1147153 - firewalld specifying prefix results in firewall log with wrong layout
firewalld specifying prefix results in firewall log with wrong layout
Status: NEW
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Network
Current
x86-64 openSUSE Factory
: P5 - None : Normal (vote)
: ---
Assigned To: Michał Rostecki
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-08-23 17:26 UTC by Freek de Kruijf
Modified: 2019-08-27 02:30 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Freek de Kruijf 2019-08-23 17:26:12 UTC
I use rich rule with prefix definition in firewalld. This results in wrong layout in firewall log.
rich rule contains:
rule service name="ssh" log prefix="PREFIX-SSH-PORT " level="info"
which results in log line like:
2019-08-23T18:28:34.111823+02:00 eiktum kernel: [15742.399558] 'PREFIX-SSH-PORT 'IN=enp1s0 OUT= MAC=e0:cb:4e:cd:d7:b6:9c:c7:a6:0a:1f:48:08:00 SRC=213.73.155.186 DST=192.168.178.6 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=30018 DF PROTO=TCP SPT=41746 DPT=22 WINDOW=64240 RES=0x00 SYN URGP=0

The text " 'PREFIX-SSH-PORT '" should be " PREFIX-SSH-PORT ".
iptables-save shows: --log-prefix "\'PREFIX-SSH-PORT \'"
Comment 1 Freek de Kruijf 2019-08-24 12:48:29 UTC
A temporary fix is the following patch in :

/usr/lib/python3.7/site-packages/firewall/core/ipXtables.py

@@ -763,7 +763,7 @@
         rule = [ add_del, "%s_log" % (target), "-t", table]
         rule += rule_fragment + [ "-j", "LOG" ]
         if rich_rule.log.prefix:
-            rule += [ "--log-prefix", "%s" % rich_rule.log.prefix ]
+            rule += [ "--log-prefix", "'%s'" % rich_rule.log.prefix ]
         if rich_rule.log.level:
             rule += [ "--log-level", "%s" % rich_rule.log.level ]
         rule += self._rule_limit(rich_rule.log.limit)