changed omudpspoof default spoof address to simplify typical use case

4 files changed, 28 insertions, 9 deletions

diff --git a/ChangeLog b/ChangeLog
index 099f57da..f27ddd6b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 ---------------------------------------------------------------------------
 Version 5.5.7  [V5-BETA] (rgerhards), 2010-08-??
+- changed omudpspoof default spoof address to simplify typical use case
+  thanks to David Lang for suggesting this
 - doc bugfix: pmlastmsg doc samples had errors
 - bugfix[minor]: pmrfc3164sd had invalid name (resided in rsyslog name 
   space, what should not be the case for a contributed module)
diff --git a/doc/omudpspoof.html b/doc/omudpspoof.html
index 64f83752..16cb9b13 100644
--- a/doc/omudpspoof.html
+++ b/doc/omudpspoof.html
@@ -17,10 +17,15 @@ source ports.
 <p><b>Configuration Directives</b>:</p>
 <ul>
 <li><b>$ActionOMUDPSpoofSourceNameTemplate</b> &lt;templatename&gt;<br>
-This MUST be specified. It is the name of the template that contains a
+This is the name of the template that contains a
 numerical IP address that is to be used as the source system IP address.
 While it may often be a constant value, it can be generated as usual via the
-property replacer, as long as it is a valid IPv4 address.
+property replacer, as long as it is a valid IPv4 address. If not specified, the
+build-in default template RSYSLOG_omudpspoofDfltSourceTpl is used. This template is defined 
+as follows:<br>
+$template RSYSLOG_omudpspoofDfltSourceTpl,"%fromhost-ip%"<br>
+So in essence, the default template spoofs the address of the system the message
+was received from. This is considered the most important use case.
 <li><b>$ActionOMUDPSpoofTargetHost</b> &lt;hostname&gt;<br>
 Host that the messages shall be sent to.
 <li><b>$ActionUDPSpoofTargetPort</b> &lt;port&gt;<br>
@@ -42,8 +47,18 @@ equal to the start value. Default is 42000.
 know via the rsyslog mailing list.
 </ul>
 <p><b>Sample:</b></p>
+<p>The following sample forwards all syslog messages in standard form to the
+remote server server.example.com. The original sender's address is used. We do not
+care about the source port. This example is considered the typical use case for
+omudpspoof.
+</p>
+<textarea rows="5" cols="80">$ModLoad omudpspoof
+$ActionUDPSpoofTargetHost server.example.com
+*.*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :omudpspoof:
+</textarea>
+
 <p>The following sample forwards all syslog messages in unmodified form to the
-remote server server.example.com. The sender address 192.0.2.1 with the fixed
+remote server server.example.com. The sender address 192.0.2.1 with fixed
 source port 514 is used.
 </p>
 <textarea rows="8" cols="80">$ModLoad omudpspoof
@@ -55,7 +70,7 @@ $ActionUDPSpoofSourcePortStart 514
 $ActionUDPSpoofSourcePortEnd 514
 *.*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :omudpspoof:;spooftemplate
 </textarea>
-<p>The following sample is similar to the first, but uses as many defaults as possible.
+<p>The following sample is similar to the previous, but uses as many defaults as possible.
 In that sample, a source port in the range 32000..42000 is used. The message is formatted
 according to rsyslog's canned default forwarding format. Note that if any parameters
 have been changed, the previously set defaults will be used!
diff --git a/plugins/omudpspoof/omudpspoof.c b/plugins/omudpspoof/omudpspoof.c
index 50bc6c9a..3ead5447 100644
--- a/plugins/omudpspoof/omudpspoof.c
+++ b/plugins/omudpspoof/omudpspoof.c
@@ -381,6 +381,7 @@ ENDdoAction
 
 
 BEGINparseSelectorAct
+	uchar *sourceTpl;
 CODESTARTparseSelectorAct
 CODE_STD_STRING_REQUESTparseSelectorAct(2)
 	/* first check if this config line is actually for us */
@@ -392,10 +393,8 @@ CODE_STD_STRING_REQUESTparseSelectorAct(2)
 	p += sizeof(":omudpspoof:") - 1; /* eat indicator sequence  (-1 because of '\0'!) */
 	CHKiRet(createInstance(&pData));
 
-	if(pszSourceNameTemplate == NULL) {
-		errmsg.LogError(0, NO_ERRCODE, "No $ActionOMUDPSpoofSourceNameTemplate given, can not continue with this action.");
-		ABORT_FINALIZE(RS_RET_NO_SRCNAME_TPL);
-	}
+	sourceTpl = (pszSourceNameTemplate == NULL) ? UCHAR_CONSTANT("RSYSLOG_omudpspoofDfltSourceTpl")
+						    : pszSourceNameTemplate;
 
 	if(pszTargetHost == NULL) {
 		errmsg.LogError(0, NO_ERRCODE, "No $ActionOMUDPSpoofTargetHost given, can not continue with this action.");
@@ -408,7 +407,7 @@ CODE_STD_STRING_REQUESTparseSelectorAct(2)
 		pData->port = NULL;
 	else 
 		CHKmalloc(pData->port = ustrdup(pszTargetPort));
-	CHKiRet(OMSRsetEntry(*ppOMSR, 1, ustrdup(pszSourceNameTemplate), OMSR_NO_RQD_TPL_OPTS));
+	CHKiRet(OMSRsetEntry(*ppOMSR, 1, ustrdup(sourceTpl), OMSR_NO_RQD_TPL_OPTS));
 	pData->compressionLevel = iCompressionLevel;
 	pData->sourcePort = pData->sourcePortStart = iSourcePortStart;
 	pData->sourcePortEnd = iSourcePortEnd;
diff --git a/tools/syslogd.c b/tools/syslogd.c
index 9b7b77ab..2c8c3e17 100644
--- a/tools/syslogd.c
+++ b/tools/syslogd.c
@@ -333,6 +333,7 @@ static uchar template_WallFmt[] = "\"\r\n\7Message from syslogd@%HOSTNAME% at %t
 static uchar template_StdUsrMsgFmt[] = "\" %syslogtag%%msg%\n\r\"";
 static uchar template_StdDBFmt[] = "\"insert into SystemEvents (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')\",SQL";
 static uchar template_StdPgSQLFmt[] = "\"insert into SystemEvents (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-pgsql%', '%timegenerated:::date-pgsql%', %iut%, '%syslogtag%')\",STDSQL";
+static uchar template_spoofadr[] = "\"%fromhost-ip%\"";
 /* end templates */
 
 
@@ -2168,6 +2169,8 @@ static rsRetVal mainThread()
 	tplAddLine(" StdDBFmt", &pTmp);
         pTmp = template_StdPgSQLFmt;
         tplLastStaticInit(tplAddLine(" StdPgSQLFmt", &pTmp));
+        pTmp = template_spoofadr;
+        tplLastStaticInit(tplAddLine("RSYSLOG_omudpspoofDfltSourceTpl", &pTmp));
 
 	CHKiRet(init());