From f7e2e7c58da214567c5a457c8017677122ccad2b Mon Sep 17 00:00:00 2001
From: kindle <82163261@qq.com>
Date: Sun, 24 Mar 2013 16:32:03 +0800
Subject: [PATCH] add syslog client

---
 waf.lua | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 53 insertions(+), 2 deletions(-)

diff --git a/waf.lua b/waf.lua
index 3c3125f..7fb0e3e 100644
--- a/waf.lua
+++ b/waf.lua
@@ -1,16 +1,67 @@
+function syslog(msg)
+    ngx.header.content_type = "text/html"
+    kern = 0
+    user = 1
+    mail = 2
+    daemon = 3
+    auth = 4
+    syslog = 5
+    lpr = 6
+    news = 7
+    uucp = 8
+    cron = 9
+    authpriv = 10
+    ftp = 11
+    local0 = 16
+    local1 = 17
+    local2 = 18
+    local3 = 19
+    local4 = 20
+    local5 = 21
+    local6 = 22
+    local7 = 23
+
+    emerg = 0
+    alert = 1
+    crit = 2
+    err = 3
+    warning = 4
+    notice = 5
+    info = 6
+    debug = 7
+
+
+local sock = ngx.socket.udp()
+local ok, err = sock:setpeername('127.0.0.1', 514)
+if not ok then
+    ngx.say("failed to connect to syslog server: ", err)
+    return
+end
+level=info
+facility=daemon
+sign=level+facility*8
+ok, err = sock:send('<'..sign..'>'..msg)
+sock:close()
+end
+
 function log(method,url,data)
+
 file=assert(io.open("/data/logs/hack/"..ngx.var.server_name.."_sec.log","a"))
     if data then
       if ngx.var.http_user_agent  then
             file:write(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \""..data.."\" \""..ngx.status.."\" \""..ngx.var.http_user_agent.."\"\n")
+			syslog(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \""..data.."\" \""..ngx.status.."\" \""..ngx.var.http_user_agent.."\"\n")
       else
-            file:write(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \""..data.."\" \"-\"\n")
+            file:write(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \""..data.."\" \""..ngx.status.."\" \""..ngx.var.http_user_agent.."\"\n")
+			syslog(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \""..data.."\" \""..ngx.status.."\" \""..ngx.var.http_user_agent.."\"\n")
       end
     else
         if ngx.var.http_user_agent  then
             file:write(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \"-\" \""..ngx.var.http_user_agent.."\"\n")
+            syslog(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \"-\" \""..ngx.var.http_user_agent.."\"\n")
         else
             file:write(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \"-\" \"".."-\"\n")
+			syslog(ngx.var.remote_addr.." ".." ["..ngx.localtime().."] \""..method.." "..url.."\" \"-\" \"".."-\"\n")
         end
     end
 file:close()
@@ -21,7 +72,7 @@ function check()
     ngx.exit(200)
 end
 function read_rule(var)
-    file = io.open("/usr/local/nginx/conf/wafconf/"..var,"r")
+    file = io.open("/usr/local/openresty/nginx/conf/wafconf/"..var,"r")
     t = {}
     for line in file:lines() do
         table.insert(t,line)