Replace the 'syslog' facility (5) by 'user' (1).

'syslog' is meant for the messages generated internally by syslogd,
whereas 'user' is for user-level messages.

1 files changed, 2 insertions, 2 deletions

diff --git a/roles/common/files/usr/local/sbin/update-firewall.sh b/roles/common/files/usr/local/sbin/update-firewall.sh
index 2e16711..84e076a 100755
--- a/roles/common/files/usr/local/sbin/update-firewall.sh
+++ b/roles/common/files/usr/local/sbin/update-firewall.sh
@@ -35,44 +35,44 @@ secproto=esp    # must match /etc/ipsec.conf; ESP is the default (vs AH/IPComp)
 
 fail2ban_re='^(\[[0-9]+:[0-9]+\]\s+)?-A fail2ban-\S'
 IPSec_re=" -m policy --dir (in|out) --pol ipsec --reqid [0-9]+ --proto $secproto -j ACCEPT$"
 declare -A rss=() tables=()
 
 usage() {
     cat >&2 <<- EOF
 		Usage: $0 [OPTIONS]
 
 		Options:
 		    -f force:   no confirmation asked
 		    -c check:   check (dry-run) mode
 		    -v verbose: see the difference between old and new ruleset
 		    -4 IPv4 only
 		    -6 IPv6 only
 	EOF
     exit 1
 }
 
 log() {
-    /usr/bin/logger -st firewall -p syslog.info -- "$@"
+    /usr/bin/logger -st firewall -p user.info -- "$@"
 }
 fatal() {
-    /usr/bin/logger -st firewall -p syslog.err  -- "$@"
+    /usr/bin/logger -st firewall -p user.err  -- "$@"
     exit 1
 }
 
 iptables() {
     # Fake iptables/ip6tables(8); use the more efficient
     # iptables-restore(8) instead.
     echo "$@" >> "$new";
 }
 commit() {
     # End a table
     echo COMMIT >> "$new"
 }
 inet46() {
     case "$1" in
         4) echo "$2";;
         6) echo "$3";;
     esac
 }
 ipt-chains() {
     # Define new (tables and) chains.