1 files changed, 117 insertions, 0 deletions

diff --git a/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened b/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened
new file mode 100644
index 0000000..4123b95
--- /dev/null
+++ b/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened
@@ -0,0 +1,117 @@
+# Copyright 2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened,v 1.5 2007/10/30 17:16:15 solar Exp $
+
+#
+# Syslog-ng configuration file, compatible with default hardened installations.
+#
+
+options {
+	chain_hostnames(off);
+	sync(0);
+	stats(43200);
+};
+
+#options {
+#	chain_hostnames(off);
+#	sync(0);
+#	stats(43200);
+#	long_hostnames(off);        
+#	use_dns(no);
+#	create_dirs(yes);
+#};
+
+source src { unix-stream("/dev/log"); internal(); };
+source kernsrc { file("/proc/kmsg"); };
+
+#source net { udp(); };
+#log { source(net); destination(net_logs); };
+#destination net_logs { file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); };
+
+destination authlog { file("/var/log/auth.log"); };
+destination syslog { file("/var/log/syslog"); };
+destination cron { file("/var/log/cron.log"); };
+destination daemon { file("/var/log/daemon.log"); };
+destination kern { file("/var/log/kern.log"); file("/dev/tty12"); };
+destination lpr { file("/var/log/lpr.log"); };
+destination user { file("/var/log/user.log"); };
+destination uucp { file("/var/log/uucp.log"); };
+#destination ppp { file("/var/log/ppp.log"); };
+destination mail { file("/var/log/mail.log"); };
+
+destination avc { file("/var/log/avc.log"); };
+destination audit { file("/var/log/audit.log"); };
+destination pax { file("/var/log/pax.log"); };
+destination grsec { file("/var/log/grsec.log"); };
+
+destination mailinfo { file("/var/log/mail.info"); };
+destination mailwarn { file("/var/log/mail.warn"); };
+destination mailerr { file("/var/log/mail.err"); };
+
+destination newscrit { file("/var/log/news/news.crit"); };
+destination newserr { file("/var/log/news/news.err"); };
+destination newsnotice { file("/var/log/news/news.notice"); };
+
+destination debug { file("/var/log/debug"); };
+destination messages { file("/var/log/messages"); };
+destination console { usertty("root"); };
+destination console_all { file("/dev/tty12"); };
+#destination loghost { udp("loghost" port(999)); };
+
+destination xconsole { pipe("/dev/xconsole"); };
+
+filter f_auth { facility(auth); };
+filter f_authpriv { facility(auth, authpriv); };
+filter f_syslog { not facility(authpriv, mail); };
+filter f_cron { facility(cron); };
+filter f_daemon { facility(daemon); };
+filter f_kern { facility(kern); };
+filter f_lpr { facility(lpr); };
+filter f_mail { facility(mail); };
+filter f_user { facility(user); };
+filter f_uucp { facility(uucp); };
+#filter f_ppp { facility(ppp); };
+filter f_news { facility(news); };
+filter f_debug { not facility(auth, authpriv, news, mail); };
+filter f_messages { level(info..warn) 
+	and not facility(auth, authpriv, mail, news); };
+filter f_emergency { level(emerg); };
+
+filter f_info { level(info); };
+
+filter f_notice { level(notice); };
+filter f_warn { level(warn); };
+filter f_crit { level(crit); };
+filter f_err { level(err); };
+
+filter f_avc { match(".*avc: .*"); };
+filter f_audit { match("^audit.*") and not match(".*avc: .*"); };
+filter f_pax { match("^PAX:.*"); };
+filter f_grsec { match("^grsec:.*"); };
+
+log { source(src); filter(f_authpriv); destination(authlog); };
+log { source(src); filter(f_syslog); destination(syslog); };
+log { source(src); filter(f_cron); destination(cron); };
+log { source(src); filter(f_daemon); destination(daemon); };
+log { source(kernsrc); filter(f_kern); destination(kern); };
+log { source(src); filter(f_lpr); destination(lpr); };
+log { source(src); filter(f_mail); destination(mail); };
+log { source(src); filter(f_user); destination(user); };
+log { source(src); filter(f_uucp); destination(uucp); };
+log { source(kernsrc); filter(f_pax); destination(pax); };
+log { source(kernsrc); filter(f_grsec); destination(grsec); };
+log { source(kernsrc); filter(f_audit); destination(audit); };
+log { source(kernsrc); filter(f_avc); destination(avc); };
+log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };
+log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };
+log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };
+log { source(src); filter(f_news); filter(f_crit); destination(newscrit); };
+log { source(src); filter(f_news); filter(f_err); destination(newserr); };
+log { source(src); filter(f_news); filter(f_notice); destination(newsnotice); };
+log { source(src); filter(f_debug); destination(debug); };
+log { source(src); filter(f_messages); destination(messages); };
+log { source(src); filter(f_emergency); destination(console); };
+#log { source(src); filter(f_ppp); destination(ppp); };
+log { source(src); destination(console_all); };
+
+