conf: Add logger example config

4 files changed, 66 insertions, 50 deletions

diff --git a/conf/Makefile.am b/conf/Makefile.am
index bc7017b1b..32a6a1da3 100644
--- a/conf/Makefile.am
+++ b/conf/Makefile.am
@@ -4,7 +4,8 @@ strongswanddir = $(strongswanconfdir)/strongswan.d
 charonconfdir = $(strongswanddir)/charon
 
 options = \
-	options/charon.opt
+	options/charon.opt \
+	options/charon-logging.opt
 
 plugins = \
 	plugins/test.opt
diff --git a/conf/options/charon-logging.opt b/conf/options/charon-logging.opt
new file mode 100644
index 000000000..b437a9cc3
--- /dev/null
+++ b/conf/options/charon-logging.opt
@@ -0,0 +1,57 @@
+charon.filelog {}
+	Section to define file loggers, see LOGGER CONFIGURATION in
+	**strongswan.conf**(5).
+
+charon.filelog.<filename> { # }
+	<filename> is the full path to the log file.
+
+charon.filelog.<filename>.default = 1
+	Default loglevel.
+
+	Specifies the default loglevel to be used for subsystems for which no
+	specific loglevel is defined.
+
+charon.filelog.<filename>.<subsystem> = <default>
+	Loglevel for a specific subsystem.
+
+charon.filelog.<filename>.append = yes
+	If this option is enabled log entries are appended to the existing file.
+
+charon.filelog.<filename>.flush_line = no
+	Enabling this option disables block buffering and enables line buffering.
+
+charon.filelog.<filename>.ike_name = no
+	Prefix each log entry with the connection name and a unique numerical
+	identifier for each IKE_SA.
+
+charon.filelog.<filename>.time_format
+	Prefix each log entry with a timestamp. The option accepts a format string
+	as passed to **strftime**(3).
+
+charon.syslog {}
+	Section to define syslog loggers, see LOGGER CONFIGURATION in
+	**strongswan.conf**(5).
+
+charon.syslog.identifier
+	Identifier for use with openlog(3).
+
+	Global identifier used for an **openlog**(3) call, prepended to each log
+	message by syslog.  If not configured, **openlog**(3) is not called, so the
+	value will depend on system defaults (often the program name).
+
+charon.syslog.<facility> { # }
+	<facility> is one of the supported syslog facilities, see LOGGER
+	CONFIGURATION in **strongswan.conf**(5).
+
+charon.syslog.<facility>.default = 1
+	Default loglevel.
+
+	Specifies the default loglevel to be used for subsystems for which no
+	specific loglevel is defined.
+
+charon.syslog.<facility>.<subsystem> = <default>
+	Loglevel for a specific subsystem.
+
+charon.syslog.<facility>.ike_name = no
+	Prefix each log entry with the connection name and a unique numerical
+	identifier for each IKE_SA.
diff --git a/conf/options/charon.opt b/conf/options/charon.opt
index c2d6e317f..c6f4f1e9e 100644
--- a/conf/options/charon.opt
+++ b/conf/options/charon.opt
@@ -62,9 +62,6 @@ charon.dos_protection = yes
 charon.ecp_x_coordinate_only = yes
 	Compliance with the errata for RFC 4753.
 
-charon.filelog
-	Section to define file loggers, see LOGGER CONFIGURATION
-
 charon.flush_auth_cfg = no
 	Free objects during authentication (might conflict with plugins).
 
@@ -259,10 +256,6 @@ charon.send_delay_type = 0
 charon.send_vendor_id = no
 	Send strongSwan vendor ID payload
 
-charon.syslog
-	Section to define syslog loggers
-	Section to define syslog loggers, see LOGGER CONFIGURATION
-
 charon.threads = 16
 	Number of worker threads in charon.
 
diff --git a/conf/strongswan.conf.5.tail.in b/conf/strongswan.conf.5.tail.in
index 29b842c3f..8470120bc 100644
--- a/conf/strongswan.conf.5.tail.in
+++ b/conf/strongswan.conf.5.tail.in
@@ -1,16 +1,18 @@
 .SH LOGGER CONFIGURATION
-The options described below provide a much more flexible way to configure
-loggers for the IKEv2 daemon charon than using the
+Options in
+.BR strongswan.conf (5)
+provide a much more flexible way to configure loggers for the IKE daemon charon
+than using the
 .B charondebug
 option in
 .BR ipsec.conf (5).
 .PP
-.B Please note
-that if any loggers are specified in strongswan.conf,
+.BR Note :
+If any loggers are specified in strongswan.conf,
 .B charondebug
 does not have any effect.
 .PP
-There are currently two types of loggers defined:
+There are currently two types of loggers:
 .TP
 .B File loggers
 Log directly to a file and are defined by specifying the full path to the
@@ -29,43 +31,6 @@ section. The following facilities are currently supported:
 .PP
 Multiple loggers can be defined for each type with different log verbosity for
 the different subsystems of the daemon.
-.SS Options
-.TP
-.BR charon.filelog.<filename>.default " [1]"
-.TQ
-.BR charon.syslog.<facility>.default
-Specifies the default loglevel to be used for subsystems for which no specific
-loglevel is defined.
-.TP
-.BR charon.filelog.<filename>.<subsystem> " [<default>]"
-.TQ
-.BR charon.syslog.<facility>.<subsystem>
-Specifies the loglevel for the given subsystem.
-.TP
-.BR charon.filelog.<filename>.append " [yes]"
-If this option is enabled log entries are appended to the existing file.
-.TP
-.BR charon.filelog.<filename>.flush_line " [no]"
-Enabling this option disables block buffering and enables line buffering.
-.TP
-.BR charon.filelog.<filename>.ike_name " [no]"
-.TQ
-.BR charon.syslog.<facility>.ike_name
-Prefix each log entry with the connection name and a unique numerical
-identifier for each IKE_SA.
-.TP
-.BR charon.filelog.<filename>.time_format
-Prefix each log entry with a timestamp. The option accepts a format string as
-passed to
-.BR strftime (3).
-.TP
-.BR charon.syslog.identifier
-Global identifier used for an
-.BR openlog (3)
-call, prepended to each log message by syslog.  If not configured,
-.BR openlog (3)
-is not called, so the value will depend on system defaults (often the program
-name).
 
 .SS Subsystems
 .TP