From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI Date: Fri, 22 Jan 2016 00:59:26 +0000 Message-ID: <1453424366.585.23.camel@ipfire.org> In-Reply-To: <5692963D.7020607@eitelwein.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3748395403594482427==" List-Id: --===============3748395403594482427== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Hi, did you work out what the issue was with these emails? Best, -Michael On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein wrote: > 3 main changes: > - Fill $iface and $out from PHYSIN and PHYSOUT when looking at > bridged packets, othewerwise fill from IN and OUT > - Recognize ipv4 and ipv6 address style for $srcaddr and $dstaddr > - Match color coding of tables to pie charts > > I am using the bridged ipv6 setup as proposed in the wiki. I do not > think this breaks anything when not using ipv6. So it would be nice > to include this even if ipv6 is not officially supported yet. It is > quite useful when using the ipv6 setup. > > Signed-off-by: Michael Eitelwein > > --- > html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++-- > html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43 ++++++++----- > html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++--- > html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++-- > html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81 > +++++++++++++++++------- > html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++---- > html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++-- > 7 files changed, 131 insertions(+), 75 deletions(-) > > diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi > -bin/logs.cgi/firewalllog.dat > index 5a584d6..42c9612 100644 > --- a/html/cgi-bin/logs.cgi/firewalllog.dat > +++ b/html/cgi-bin/logs.cgi/firewalllog.dat > @@ -328,7 +328,10 @@ END > $lines = 0; > foreach $_ (@log) > { > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; > + # If ipv6 uses a bridge, PHYSIN= contains the relevant iface > information > + # otherwise use IN= > + if ($_ =~ /^... (..) (..:..:..) [\w\-]+ > kernel:(.*)(PHYSIN=.*)$/) {} > + elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+ > kernel:(.*)(IN=.*)$/) {} > my $day = $1; > $day =~ tr / /0/; > my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ; > @@ -336,9 +339,12 @@ foreach $_ (@log) > my $packet = $4; > > my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, > $dstport); > - $iface=$1 if $packet =~ /IN=(\w+)/; > - $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/; > - $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/; > + if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif ($packet > =~ /IN=(\w+)/) { $iface = $1} > + # Identify whether ipv4 or ipv6. Both are mutally exclusive. > + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { > $srcaddr=$1 } > + if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA > -F]{0,4})){2,7})/) { $srcaddr=$1 } > + if ($packet =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { > $dstaddr=$1 } > + if ($packet =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA > -F]{0,4})){2,7})/) { $dstaddr=$1 } > $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/; > $proto=$1 if $packet =~ /PROTO=(\w+)/; > $srcport=$1 if $packet =~ /SPT=(\d+)/; > diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi > -bin/logs.cgi/firewalllogcountry.dat > index f998a62..2661ddd 100644 > --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat > +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat > @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} != > 0){$pienumber=$cgiparams{'pienumber'};} > if( $cgiparams{'otherspie'} != > 0){$otherspie=$cgiparams{'otherspie'};} > if( $cgiparams{'showpie'} != 0){$showpie=$cgiparams{'showpie'};} > if( $cgiparams{'sortcolumn'} != > 0){$sortcolumn=$cgiparams{'sortcolumn'};} > - > print < > > @@ -294,15 +293,24 @@ $lines = 0; > > foreach $_ (@log) > { > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; > + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN > + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {} > + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {} > my $packet = $4; > - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ > $iface="";} > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; > + my $iface = ''; > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ > /IN=(\w+)/) { $iface = $1 } > + if ( $1 =~ /2./ ) { $iface=''; } > + my $srcaddr = ''; > + # Find ipv4 and ipv6 addresses > + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr > = $1 } > + elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA > -F]{0,4})){2,7})/) { $srcaddr = $1 } > > if($iface eq $red_interface) { > + # Traffic from red > if($srcaddr ne '') { > + # srcaddr is set > my $ccode = $gi->country_code_by_name($srcaddr); > - if( $ccode eq '') { > + if ($ccode eq '') { > $ccode = 'unknown'; > } > $tabjc{$ccode} = $tabjc{$ccode} + 1 ; > @@ -311,11 +319,16 @@ foreach $_ (@log) > } > } > else { > + # Traffic not from red > if($iface ne '') { > $tabjc{$iface} = $tabjc{$iface} + 1 ; > if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines > = $lines + 1; } > $linesjc++; > } > + else { > + # What to do with empty iface lines? > + # This probably is traffic from ipfire itself (IN= OUT=XY)? > + } > } > } > > @@ -423,7 +436,6 @@ if ($showpie != 2 && $pienumber <= 50 && > $pienumber != 0) { > print ""; > print ""; > } > - > print < > > @@ -448,10 +460,8 @@ for($s=0;$s<$lines;$s++) > $percent = $value[$s] * 100 / $linesjc; > $percent = sprintf("%.f", $percent); > $total = $total + $value[$s]; > - my $colorIndex = $color % 10; > - if($colorIndex == 0) { > - $colorIndex = 10; > - } > + # colors are numbered 1 to 10 > + my $colorIndex = ($color % 10) + 1; > $col="bgcolor='$color{\"color$colorIndex\"}'"; > $color++; > print ""; > @@ -466,8 +476,11 @@ for($s=0;$s<$lines;$s++) > print""; > print""; > } > - > - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq > 'orange0') { > + elsif ($key[$s] eq 'unknown') { > + print "unknown"; > + } > + # Looks dangerous to use hardcoded interface names here. Probably > needs fixing. > + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq > 'orange0' ) { > print ""; > } > else { > @@ -489,10 +502,8 @@ for($s=0;$s<$lines;$s++) > > if($cgiparams{'otherspie'} == 2 ){} > else{ > - my $colorIndex = $color % 10; > - if($colorIndex == 0) { > - $colorIndex = 10; > - } > + # colors are numbered 1 to 10 > + my $colorIndex = ($color % 10) + 1; > $col="bgcolor='$color{\"color$colorIndex\"}'"; > print ""; > > diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi > -bin/logs.cgi/firewalllogip.dat > index 7d82d20..6fc3422 100644 > --- a/html/cgi-bin/logs.cgi/firewalllogip.dat > +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat > @@ -291,7 +291,8 @@ if ($pienumber == -1 || $pienumber > $lines || > $sortcolumn == 2) { $pienumber = > $lines = 0; > foreach $_ (@log) > { > - if($_ =~ /SRC\=([\d\.]+)/){ > + # Extract ipv4 or ipv6 address > + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { > $tabjc{$1} = $tabjc{$1} + 1 ; > if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines = > $lines + 1; } > $linesjc++; > @@ -428,10 +429,8 @@ for($s=0;$s<$lines;$s++) > $percent = $value[$s] * 100 / $linesjc; > $percent = sprintf("%.f", $percent); > $total = $total + $value[$s]; > - my $colorIndex = $color % 10; > - if($colorIndex == 0) { > - $colorIndex = 10; > - } > + # colors are numbered 1 to 10 > + my $colorIndex = ($color % 10) + 1; > $col="bgcolor='$color{\"color$colorIndex\"}'"; > print ""; > > @@ -459,10 +458,8 @@ for($s=0;$s<$lines;$s++) > > if($cgiparams{'otherspie'} == 2 ){} > else{ > - my $colorIndex = $color % 10; > - if($colorIndex == 0) { > - $colorIndex = 10; > - } > + # colors are numbered 1 to 10 > + my $colorIndex = ($color % 10) + 1; > $col="bgcolor='$color{\"color$colorIndex\"}'"; > print ""; > > diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi > -bin/logs.cgi/firewalllogport.dat > index 5b0db62..583c1b3 100644 > --- a/html/cgi-bin/logs.cgi/firewalllogport.dat > +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat > @@ -429,10 +429,8 @@ for($s=0;$s<$lines;$s++) > $percent = $value[$s] * 100 / $linesjc; > $percent = sprintf("%.f", $percent); > $total = $total + $value[$s]; > - my $colorIndex = $color % 10; > - if($colorIndex == 0) { > - $colorIndex = 10; > - } > + # colors are numbered 1 to 10 > + my $colorIndex = ($color % 10) + 1; > $col="bgcolor='$color{\"color$colorIndex\"}'"; > print ""; > > @@ -446,10 +444,8 @@ for($s=0;$s<$lines;$s++) > > if($cgiparams{'otherspie'} == 2 ){} > else{ > - my $colorIndex = $color % 10; > - if($colorIndex == 0) { > - $colorIndex = 10; > - } > + # colors are numbered 1 to 10 > + my $colorIndex = ($color % 10) + 1; > $col="bgcolor='$color{\"color$colorIndex\"}'"; > print ""; > > diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat > b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat > index 5283c42..0784ab9 100644 > --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat > +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat > @@ -158,23 +158,35 @@ if (!$skip) > { > while () > { > - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(IN=.*)$/) { > - my $packet = $2; > - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ > /2./ ){ $iface="";} > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; > + # First check whether valid log line (date, day) > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(IN=.*)$/) { > + # If ipv6 uses bridge, then use PHYSIN otherwise use IN > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(PHYSIN=.*)$/) {} > + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(IN=.*)$/) {} > + my $packet = $2; > + my $iface = ''; > + my $srcaddr = ''; > + # If ipv6 uses bridge, use PHYSIN otherwise IN > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif > ($packet =~ /IN=(\w+)/) { $iface = $1 } > + # Extract ipv4 and ipv6 addresses > + if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) > or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA > -F]{0,4})){2,7})/)) { > + $srcaddr = $1 > + }; > > if($iface eq $country) { > + # iface matches country code > $log[$lines] = $_; > $lines++; > } > elsif($srcaddr ne '') { > + # or srcaddr matches country code > my $ccode = $gi->country_code_by_name($srcaddr); > if($ccode eq $country){ > $log[$lines] = $_; > $lines++; > } > } > - } > + } > } > close (FILE); > } > @@ -194,16 +206,28 @@ if ($multifile) { > } > if (!$skip) { > while () { > - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(IN=.*)$/) { > - if($_ =~ /SRC\=([\d\.]+)/){ > - my $srcaddr=$1; > - my $ccode = $gi->country_code_by_name($srcaddr); > - if($ccode eq $country){ > + # Check if valid log line (date, day) > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(IN=.*)$/) { > + my $iface = ''; > + # If ipv6 uses bridge, then use PHYSIN otherwise > IN > + if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif > ($_ =~ /IN=(\w+)/) { $iface = $1 } > + > + if($iface eq $country) { > + # iface matches country code > + $log[$lines] = $_; > + $lines++; > + } > + # extract ipv4 and ipv6 address > + elsif (($_ =~ > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA > -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { > + my $srcaddr=$1; > + my $ccode = $gi > ->country_code_by_name($srcaddr); > + if($ccode eq $country){ > + # or srcaddr matches country code > $log[$lines] = $_; > $lines++; > + } > } > - } > - } > + } > } > close (FILE); > } > @@ -308,32 +332,45 @@ $lines = 0; > foreach $_ (@slice) > { > $a = $_; > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; > + # If ipv6 uses bridge, use PHYSIN otherwise use IN > + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {} > + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}; > my $packet = $4; > - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ > $iface="";} > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; > + my $iface = ''; > + # If ipv6 uses bridge, use PHYSIN otherwise use IN > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ > /IN=(\w+)/) { $iface = $1 } > + if ( $1 =~ /2./ ){ $iface="";} > + my $srcaddr = ''; > + # Extract ipv4 and ipv6 addresses > + if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or > ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) > { > + $srcaddr = $1 > + }; > > if($iface eq $country || $srcaddr ne '') { > - my $ccode; > + my $ccode=''; > if($iface ne $country) { > $ccode = $gi->country_code_by_name($srcaddr); > } > if($iface eq $country || $ccode eq $country) { > - my $chain = ''; > + my $chain = ''; > my $in = '-'; my $out = '-'; > my $srcaddr = ''; my $dstaddr = ''; > my $protostr = ''; > my $srcport = ''; my $dstport = ''; > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; > + # If ipv6 uses bridge, the use PHYSIN otherwise use IN > + if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {} > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {} > my $timestamp = $1; my $chain = $2; my $packet = $3; > $timestamp =~ /(...) (..) (..:..:..)/; > my $month = $1; my $day = $2; my $time = $3; > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; } > - if ($a =~ /OUT\=(\w+)/) { $out = $1; } > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } > + # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use > IN and OUT > + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ > /IN=(\w+)/) { $iface = $1 } > + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ > /OUT=(\w+)/) { $out = $1 } > + # Extract ipv4 and ipv6 addresses > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = > $1; } > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = > $1; } > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } > my $protostrlc = lc($protostr); > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } > diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat b/html/cgi > -bin/logs.cgi/showrequestfromip.dat > index 09a60b5..94e795c 100644 > --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat > +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat > @@ -155,7 +155,7 @@ if (!$skip) > while () > { > if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(IN=.*)$/) { > - if($_ =~ /SRC\=([\d\.]+)/){ > + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) > or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { > if($1 eq $ip){ > $log[$lines] = $_; > $lines++; > @@ -182,12 +182,12 @@ if ($multifile) { > if (!$skip) { > while () { > if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ > kernel:.*(IN=.*)$/) { > - if($_ =~ /SRC\=([\d\.]+)/){ > - if($1 eq $ip){ > + if (($_ =~ > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA > -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { > + if($1 eq $ip){ > $log[$lines] = $_; > $lines++; > - } > - } > + } > + } > } > } > close (FILE); > @@ -293,7 +293,8 @@ $lines = 0; > foreach $_ (@slice) > { > $a = $_; > - if($_ =~ /SRC\=([\d\.]+)/){ > + # Check whether valid ipv4 or ipv6 address > + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { > if($1 eq $ip){ > my $chain = ''; > my $in = '-'; my $out = '-'; > @@ -301,15 +302,19 @@ foreach $_ (@slice) > my $protostr = ''; > my $srcport = ''; my $dstport = ''; > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; > + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN > + if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) > {} > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) > {} > my $timestamp = $1; my $chain = $2; my $packet = $3; > $timestamp =~ /(...) (..) (..:..:..)/; > my $month = $1; my $day = $2; my $time = $3; > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; } > - if ($a =~ /OUT\=(\w+)/) { $out = $1; } > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } > + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise > use IN and OUT > + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ > /IN=(\w+)/) { $iface = $1 } > + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ > /OUT=(\w+)/) { $out = $1 } > + # Detect ipv4 and ipv6 addresses > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = > $1; } > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = > $1; } > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } > my $protostrlc = lc($protostr); > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } > diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat b/html/cgi > -bin/logs.cgi/showrequestfromport.dat > index ad9823c..af7779a 100644 > --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat > +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat > @@ -307,15 +307,19 @@ foreach $_ (@slice) > my $protostr = ''; > my $srcport = ''; my $dstport = ''; > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; > + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN > + if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {} > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) > {} > my $timestamp = $1; my $chain = $2; my $packet = $3; > $timestamp =~ /(...) (..) (..:..:..)/; > my $month = $1; my $day = $2; my $time = $3; my $iface; > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; } > - if ($a =~ /OUT\=(\w+)/) { $out = $1; } > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } > + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise > use IN and OUT > + if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ > /IN\=(\w+)/) { $iface = $1; } > + if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ > /OUT\=(\w+)/) { $out = $1; } > + # Detect ipv4 and ipv6 addresses > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = > $1; } > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = > $1; } > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } > my $protostrlc = lc($protostr); > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } --===============3748395403594482427== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjEKCmlRSWNCQUFC Q2dBR0JRSldvWDd1QUFvSkVJQjU4UDl2a0FrSFBxQVAvakw0VUFOZzZVL29CYWRCMG5KQzI5cE4K TDBjaFRuWDU5dTVJWUpzb054dDUvTEhSRmtwaWZmWU52d1N2Y04xcW95UTFtQlliWGdiNlNCZ1RW Yk1EMEorVQpTbDhLVFdTY0tEQkJLbmZCcDZXUk5kclZtbWVYNFl4OTNia2VZMG51TzlMQkdlUlBF dmc4UG10czhySTBkR0MvCnVuWUhLOUNvbEpzd3haUzJERGVuZFJZZzdzVFYrV1BJTGxzTnR0L2hB NmZlaVVSTngvN3hTZlNVc2hpNUZhQUUKd0E2MEd2NVVIQ1h2aUxsT3I2WXZXRXBhRjB0Ykxob0ts VjlUeVdnQURieWJGQ054aXRSRG5vcG1VSGtROTJSYQpPY1R3S0JITWczMXdYclY5WHVBdDhrMUNV eWxkSzZ4Q0xNVjF6NDArY1NjTDAyMjNkVXlIc1gzY29rZ25CUTFQCmEyMW1remZUczV1RFgwc25l NVR1VVlYcTRlRXRGTFNYOGZiOUZzaGpWWTB4RjFubEFTSzVwb3dHcHprb0M0VVMKcmliUi9DSUc0 REVIN2lsZVB4QnhGZVFMOGxJWnpNbTR6T1pLNWZ6cmFxWVkyNHRjWkVLcmk4OHF2a2tYQnVkOApj NnpFY1ZDVm9jdElpWW5Sbm04MSsxVDh5TGJobXQvcm5VTk13QjVPUnZlSkszY2Nack4zdU05bnlt UURjTERmClB6QWhXaFhScmNEMUZlYlo2eGdhcjhsU0xoNGowTkFPS3BpcS9KcXJzeExmY0tUQWZW Z2lPYTFHcGtNcEdRN3UKRUlnQkZGeVhPc1hYVFI1STJGK0p6UUExSWtWTTAyOWwyMmcrSUk1YUpC Y3NZK0wxKzRCUjhPSTdiNFJhNkxDMApDRHpwajlscEZYcWZ4Z1d5Rmd0WAo9Q2QyRQotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============3748395403594482427==--
$key[$s]