* [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI
@ 2016-01-10 17:34 Michael Eitelwein
2016-01-22 0:59 ` Michael Tremer
0 siblings, 1 reply; 4+ messages in thread
From: Michael Eitelwein @ 2016-01-10 17:34 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 20316 bytes --]
3 main changes:
- Fill $iface and $out from PHYSIN and PHYSOUT when looking at bridged packets, othewerwise fill from IN and OUT
- Recognize ipv4 and ipv6 address style for $srcaddr and $dstaddr
- Match color coding of tables to pie charts
I am using the bridged ipv6 setup as proposed in the wiki. I do not think this breaks anything when not using ipv6. So it would be nice to include this even if ipv6 is not officially supported yet. It is quite useful when using the ipv6 setup.
Signed-off-by: Michael Eitelwein <michael(a)eitelwein.net>
---
html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++--
html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43 ++++++++-----
html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++---
html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++--
html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81 +++++++++++++++++-------
html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++----
html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++--
7 files changed, 131 insertions(+), 75 deletions(-)
diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat
index 5a584d6..42c9612 100644
--- a/html/cgi-bin/logs.cgi/firewalllog.dat
+++ b/html/cgi-bin/logs.cgi/firewalllog.dat
@@ -328,7 +328,10 @@ END
$lines = 0;
foreach $_ (@log)
{
- /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses a bridge, PHYSIN= contains the relevant iface information
+ # otherwise use IN=
+ if ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $day = $1;
$day =~ tr / /0/;
my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
@@ -336,9 +339,12 @@ foreach $_ (@log)
my $packet = $4;
my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstport);
- $iface=$1 if $packet =~ /IN=(\w+)/;
- $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
- $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1}
+ # Identify whether ipv4 or ipv6. Both are mutally exclusive.
+ if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr=$1 }
+ if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr=$1 }
+ if ($packet =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $dstaddr=$1 }
+ if ($packet =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $dstaddr=$1 }
$macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
$proto=$1 if $packet =~ /PROTO=(\w+)/;
$srcport=$1 if $packet =~ /SPT=(\d+)/;
diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
index f998a62..2661ddd 100644
--- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
@@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} != 0){$pienumber=$cgiparams{'pienumber'};}
if( $cgiparams{'otherspie'} != 0){$otherspie=$cgiparams{'otherspie'};}
if( $cgiparams{'showpie'} != 0){$showpie=$cgiparams{'showpie'};}
if( $cgiparams{'sortcolumn'} != 0){$sortcolumn=$cgiparams{'sortcolumn'};}
-
print <<END
</select>
</td>
@@ -294,15 +293,24 @@ $lines = 0;
foreach $_ (@log)
{
- /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN
+ if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $packet = $4;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+ my $iface = '';
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
+ if ( $1 =~ /2./ ) { $iface=''; }
+ my $srcaddr = '';
+ # Find ipv4 and ipv6 addresses
+ if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr = $1 }
+ elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr = $1 }
if($iface eq $red_interface) {
+ # Traffic from red
if($srcaddr ne '') {
+ # srcaddr is set
my $ccode = $gi->country_code_by_name($srcaddr);
- if( $ccode eq '') {
+ if ($ccode eq '') {
$ccode = 'unknown';
}
$tabjc{$ccode} = $tabjc{$ccode} + 1 ;
@@ -311,11 +319,16 @@ foreach $_ (@log)
}
}
else {
+ # Traffic not from red
if($iface ne '') {
$tabjc{$iface} = $tabjc{$iface} + 1 ;
if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
$linesjc++;
}
+ else {
+ # What to do with empty iface lines?
+ # This probably is traffic from ipfire itself (IN= OUT=XY)?
+ }
}
}
@@ -423,7 +436,6 @@ if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) {
print "<img src='/graphs/fwlog-country$imagerandom.png'>";
print "</div>";
}
-
print <<END
<table width='100%' class='tbl'>
<tr>
@@ -448,10 +460,8 @@ for($s=0;$s<$lines;$s++)
$percent = $value[$s] * 100 / $linesjc;
$percent = sprintf("%.f", $percent);
$total = $total + $value[$s];
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
$color++;
print "<tr>";
@@ -466,8 +476,11 @@ for($s=0;$s<$lines;$s++)
print"<input type='hidden' name='country' value='$key[$s]'>";
print"<input type='submit' value='details'></form>";
}
-
- if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') {
+ elsif ($key[$s] eq 'unknown') {
+ print "unknown";
+ }
+ # Looks dangerous to use hardcoded interface names here. Probably needs fixing.
+ if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0' ) {
print "<td align='center' $col>$key[$s]</td>";
}
else {
@@ -489,10 +502,8 @@ for($s=0;$s<$lines;$s++)
if($cgiparams{'otherspie'} == 2 ){}
else{
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi-bin/logs.cgi/firewalllogip.dat
index 7d82d20..6fc3422 100644
--- a/html/cgi-bin/logs.cgi/firewalllogip.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogip.dat
@@ -291,7 +291,8 @@ if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber =
$lines = 0;
foreach $_ (@log)
{
- if($_ =~ /SRC\=([\d\.]+)/){
+ # Extract ipv4 or ipv6 address
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
$tabjc{$1} = $tabjc{$1} + 1 ;
if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
$linesjc++;
@@ -428,10 +429,8 @@ for($s=0;$s<$lines;$s++)
$percent = $value[$s] * 100 / $linesjc;
$percent = sprintf("%.f", $percent);
$total = $total + $value[$s];
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
@@ -459,10 +458,8 @@ for($s=0;$s<$lines;$s++)
if($cgiparams{'otherspie'} == 2 ){}
else{
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi-bin/logs.cgi/firewalllogport.dat
index 5b0db62..583c1b3 100644
--- a/html/cgi-bin/logs.cgi/firewalllogport.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogport.dat
@@ -429,10 +429,8 @@ for($s=0;$s<$lines;$s++)
$percent = $value[$s] * 100 / $linesjc;
$percent = sprintf("%.f", $percent);
$total = $total + $value[$s];
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
@@ -446,10 +444,8 @@ for($s=0;$s<$lines;$s++)
if($cgiparams{'otherspie'} == 2 ){}
else{
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
index 5283c42..0784ab9 100644
--- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
+++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
@@ -158,23 +158,35 @@ if (!$skip)
{
while (<FILE>)
{
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- my $packet = $2;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+ # First check whether valid log line (date, day)
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ # If ipv6 uses bridge, then use PHYSIN otherwise use IN
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(PHYSIN=.*)$/) {}
+ elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {}
+ my $packet = $2;
+ my $iface = '';
+ my $srcaddr = '';
+ # If ipv6 uses bridge, use PHYSIN otherwise IN
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
+ # Extract ipv4 and ipv6 addresses
+ if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ $srcaddr = $1
+ };
if($iface eq $country) {
+ # iface matches country code
$log[$lines] = $_;
$lines++;
}
elsif($srcaddr ne '') {
+ # or srcaddr matches country code
my $ccode = $gi->country_code_by_name($srcaddr);
if($ccode eq $country){
$log[$lines] = $_;
$lines++;
}
}
- }
+ }
}
close (FILE);
}
@@ -194,16 +206,28 @@ if ($multifile) {
}
if (!$skip) {
while (<FILE>) {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
- my $srcaddr=$1;
- my $ccode = $gi->country_code_by_name($srcaddr);
- if($ccode eq $country){
+ # Check if valid log line (date, day)
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ my $iface = '';
+ # If ipv6 uses bridge, then use PHYSIN otherwise IN
+ if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($_ =~ /IN=(\w+)/) { $iface = $1 }
+
+ if($iface eq $country) {
+ # iface matches country code
+ $log[$lines] = $_;
+ $lines++;
+ }
+ # extract ipv4 and ipv6 address
+ elsif (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ my $srcaddr=$1;
+ my $ccode = $gi->country_code_by_name($srcaddr);
+ if($ccode eq $country){
+ # or srcaddr matches country code
$log[$lines] = $_;
$lines++;
+ }
}
- }
- }
+ }
}
close (FILE);
}
@@ -308,32 +332,45 @@ $lines = 0;
foreach $_ (@slice)
{
$a = $_;
- /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, use PHYSIN otherwise use IN
+ if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {};
my $packet = $4;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+ my $iface = '';
+ # If ipv6 uses bridge, use PHYSIN otherwise use IN
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
+ if ( $1 =~ /2./ ){ $iface="";}
+ my $srcaddr = '';
+ # Extract ipv4 and ipv6 addresses
+ if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ $srcaddr = $1
+ };
if($iface eq $country || $srcaddr ne '') {
- my $ccode;
+ my $ccode='';
if($iface ne $country) {
$ccode = $gi->country_code_by_name($srcaddr);
}
if($iface eq $country || $ccode eq $country) {
- my $chain = '';
+ my $chain = '';
my $in = '-'; my $out = '-';
my $srcaddr = ''; my $dstaddr = '';
my $protostr = '';
my $srcport = ''; my $dstport = '';
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, the use PHYSIN otherwise use IN
+ if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3;
- if ($a =~ /IN\=(\w+)/) { $iface = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
+ # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use IN and OUT
+ if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ /IN=(\w+)/) { $iface = $1 }
+ if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ /OUT=(\w+)/) { $out = $1 }
+ # Extract ipv4 and ipv6 addresses
+ if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
+ if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
my $protostrlc = lc($protostr);
if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat b/html/cgi-bin/logs.cgi/showrequestfromip.dat
index 09a60b5..94e795c 100644
--- a/html/cgi-bin/logs.cgi/showrequestfromip.dat
+++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat
@@ -155,7 +155,7 @@ if (!$skip)
while (<FILE>)
{
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
if($1 eq $ip){
$log[$lines] = $_;
$lines++;
@@ -182,12 +182,12 @@ if ($multifile) {
if (!$skip) {
while (<FILE>) {
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
- if($1 eq $ip){
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ if($1 eq $ip){
$log[$lines] = $_;
$lines++;
- }
- }
+ }
+ }
}
}
close (FILE);
@@ -293,7 +293,8 @@ $lines = 0;
foreach $_ (@slice)
{
$a = $_;
- if($_ =~ /SRC\=([\d\.]+)/){
+ # Check whether valid ipv4 or ipv6 address
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
if($1 eq $ip){
my $chain = '';
my $in = '-'; my $out = '-';
@@ -301,15 +302,19 @@ foreach $_ (@slice)
my $protostr = '';
my $srcport = ''; my $dstport = '';
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
+ if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3;
- if ($a =~ /IN\=(\w+)/) { $iface = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
+ # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
+ if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ /IN=(\w+)/) { $iface = $1 }
+ if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ /OUT=(\w+)/) { $out = $1 }
+ # Detect ipv4 and ipv6 addresses
+ if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
+ if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
my $protostrlc = lc($protostr);
if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat b/html/cgi-bin/logs.cgi/showrequestfromport.dat
index ad9823c..af7779a 100644
--- a/html/cgi-bin/logs.cgi/showrequestfromport.dat
+++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat
@@ -307,15 +307,19 @@ foreach $_ (@slice)
my $protostr = '';
my $srcport = ''; my $dstport = '';
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
+ if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3; my $iface;
- if ($a =~ /IN\=(\w+)/) { $iface = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
+ # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
+ if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ /IN\=(\w+)/) { $iface = $1; }
+ if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ /OUT\=(\w+)/) { $out = $1; }
+ # Detect ipv4 and ipv6 addresses
+ if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
+ if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
my $protostrlc = lc($protostr);
if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
--
1.9.1
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI
2016-01-10 17:34 [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI Michael Eitelwein
@ 2016-01-22 0:59 ` Michael Tremer
0 siblings, 0 replies; 4+ messages in thread
From: Michael Tremer @ 2016-01-22 0:59 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 21080 bytes --]
Hi,
did you work out what the issue was with these emails?
Best,
-Michael
On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein wrote:
> 3 main changes:
> - Fill $iface and $out from PHYSIN and PHYSOUT when looking at
> bridged packets, othewerwise fill from IN and OUT
> - Recognize ipv4 and ipv6 address style for $srcaddr and $dstaddr
> - Match color coding of tables to pie charts
>
> I am using the bridged ipv6 setup as proposed in the wiki. I do not
> think this breaks anything when not using ipv6. So it would be nice
> to include this even if ipv6 is not officially supported yet. It is
> quite useful when using the ipv6 setup.
>
> Signed-off-by: Michael Eitelwein <michael(a)eitelwein.net>
>
> ---
> html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++--
> html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43 ++++++++-----
> html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++---
> html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++--
> html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81
> +++++++++++++++++-------
> html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++----
> html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++--
> 7 files changed, 131 insertions(+), 75 deletions(-)
>
> diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi
> -bin/logs.cgi/firewalllog.dat
> index 5a584d6..42c9612 100644
> --- a/html/cgi-bin/logs.cgi/firewalllog.dat
> +++ b/html/cgi-bin/logs.cgi/firewalllog.dat
> @@ -328,7 +328,10 @@ END
> $lines = 0;
> foreach $_ (@log)
> {
> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> + # If ipv6 uses a bridge, PHYSIN= contains the relevant iface
> information
> + # otherwise use IN=
> + if ($_ =~ /^... (..) (..:..:..) [\w\-]+
> kernel:(.*)(PHYSIN=.*)$/) {}
> + elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+
> kernel:(.*)(IN=.*)$/) {}
> my $day = $1;
> $day =~ tr / /0/;
> my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
> @@ -336,9 +339,12 @@ foreach $_ (@log)
> my $packet = $4;
>
> my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport,
> $dstport);
> - $iface=$1 if $packet =~ /IN=(\w+)/;
> - $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
> - $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
> + if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif ($packet
> =~ /IN=(\w+)/) { $iface = $1}
> + # Identify whether ipv4 or ipv6. Both are mutally exclusive.
> + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
> $srcaddr=$1 }
> + if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> -F]{0,4})){2,7})/) { $srcaddr=$1 }
> + if ($packet =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
> $dstaddr=$1 }
> + if ($packet =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> -F]{0,4})){2,7})/) { $dstaddr=$1 }
> $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
> $proto=$1 if $packet =~ /PROTO=(\w+)/;
> $srcport=$1 if $packet =~ /SPT=(\d+)/;
> diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi
> -bin/logs.cgi/firewalllogcountry.dat
> index f998a62..2661ddd 100644
> --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=
> 0){$pienumber=$cgiparams{'pienumber'};}
> if( $cgiparams{'otherspie'} !=
> 0){$otherspie=$cgiparams{'otherspie'};}
> if( $cgiparams{'showpie'} != 0){$showpie=$cgiparams{'showpie'};}
> if( $cgiparams{'sortcolumn'} !=
> 0){$sortcolumn=$cgiparams{'sortcolumn'};}
> -
> print <<END
> </select>
> </td>
> @@ -294,15 +293,24 @@ $lines = 0;
>
> foreach $_ (@log)
> {
> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN
> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
> my $packet = $4;
> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){
> $iface="";}
> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> + my $iface = '';
> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~
> /IN=(\w+)/) { $iface = $1 }
> + if ( $1 =~ /2./ ) { $iface=''; }
> + my $srcaddr = '';
> + # Find ipv4 and ipv6 addresses
> + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr
> = $1 }
> + elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> -F]{0,4})){2,7})/) { $srcaddr = $1 }
>
> if($iface eq $red_interface) {
> + # Traffic from red
> if($srcaddr ne '') {
> + # srcaddr is set
> my $ccode = $gi->country_code_by_name($srcaddr);
> - if( $ccode eq '') {
> + if ($ccode eq '') {
> $ccode = 'unknown';
> }
> $tabjc{$ccode} = $tabjc{$ccode} + 1 ;
> @@ -311,11 +319,16 @@ foreach $_ (@log)
> }
> }
> else {
> + # Traffic not from red
> if($iface ne '') {
> $tabjc{$iface} = $tabjc{$iface} + 1 ;
> if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines
> = $lines + 1; }
> $linesjc++;
> }
> + else {
> + # What to do with empty iface lines?
> + # This probably is traffic from ipfire itself (IN= OUT=XY)?
> + }
> }
> }
>
> @@ -423,7 +436,6 @@ if ($showpie != 2 && $pienumber <= 50 &&
> $pienumber != 0) {
> print "<img src='/graphs/fwlog-country$imagerandom.png'>";
> print "</div>";
> }
> -
> print <<END
> <table width='100%' class='tbl'>
> <tr>
> @@ -448,10 +460,8 @@ for($s=0;$s<$lines;$s++)
> $percent = $value[$s] * 100 / $linesjc;
> $percent = sprintf("%.f", $percent);
> $total = $total + $value[$s];
> - my $colorIndex = $color % 10;
> - if($colorIndex == 0) {
> - $colorIndex = 10;
> - }
> + # colors are numbered 1 to 10
> + my $colorIndex = ($color % 10) + 1;
> $col="bgcolor='$color{\"color$colorIndex\"}'";
> $color++;
> print "<tr>";
> @@ -466,8 +476,11 @@ for($s=0;$s<$lines;$s++)
> print"<input type='hidden' name='country' value='$key[$s]'>";
> print"<input type='submit' value='details'></form>";
> }
> -
> - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq
> 'orange0') {
> + elsif ($key[$s] eq 'unknown') {
> + print "unknown";
> + }
> + # Looks dangerous to use hardcoded interface names here. Probably
> needs fixing.
> + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq
> 'orange0' ) {
> print "<td align='center' $col>$key[$s]</td>";
> }
> else {
> @@ -489,10 +502,8 @@ for($s=0;$s<$lines;$s++)
>
> if($cgiparams{'otherspie'} == 2 ){}
> else{
> - my $colorIndex = $color % 10;
> - if($colorIndex == 0) {
> - $colorIndex = 10;
> - }
> + # colors are numbered 1 to 10
> + my $colorIndex = ($color % 10) + 1;
> $col="bgcolor='$color{\"color$colorIndex\"}'";
> print "<tr>";
>
> diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi
> -bin/logs.cgi/firewalllogip.dat
> index 7d82d20..6fc3422 100644
> --- a/html/cgi-bin/logs.cgi/firewalllogip.dat
> +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat
> @@ -291,7 +291,8 @@ if ($pienumber == -1 || $pienumber > $lines ||
> $sortcolumn == 2) { $pienumber =
> $lines = 0;
> foreach $_ (@log)
> {
> - if($_ =~ /SRC\=([\d\.]+)/){
> + # Extract ipv4 or ipv6 address
> + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~
> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> $tabjc{$1} = $tabjc{$1} + 1 ;
> if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines =
> $lines + 1; }
> $linesjc++;
> @@ -428,10 +429,8 @@ for($s=0;$s<$lines;$s++)
> $percent = $value[$s] * 100 / $linesjc;
> $percent = sprintf("%.f", $percent);
> $total = $total + $value[$s];
> - my $colorIndex = $color % 10;
> - if($colorIndex == 0) {
> - $colorIndex = 10;
> - }
> + # colors are numbered 1 to 10
> + my $colorIndex = ($color % 10) + 1;
> $col="bgcolor='$color{\"color$colorIndex\"}'";
> print "<tr>";
>
> @@ -459,10 +458,8 @@ for($s=0;$s<$lines;$s++)
>
> if($cgiparams{'otherspie'} == 2 ){}
> else{
> - my $colorIndex = $color % 10;
> - if($colorIndex == 0) {
> - $colorIndex = 10;
> - }
> + # colors are numbered 1 to 10
> + my $colorIndex = ($color % 10) + 1;
> $col="bgcolor='$color{\"color$colorIndex\"}'";
> print "<tr>";
>
> diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi
> -bin/logs.cgi/firewalllogport.dat
> index 5b0db62..583c1b3 100644
> --- a/html/cgi-bin/logs.cgi/firewalllogport.dat
> +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat
> @@ -429,10 +429,8 @@ for($s=0;$s<$lines;$s++)
> $percent = $value[$s] * 100 / $linesjc;
> $percent = sprintf("%.f", $percent);
> $total = $total + $value[$s];
> - my $colorIndex = $color % 10;
> - if($colorIndex == 0) {
> - $colorIndex = 10;
> - }
> + # colors are numbered 1 to 10
> + my $colorIndex = ($color % 10) + 1;
> $col="bgcolor='$color{\"color$colorIndex\"}'";
> print "<tr>";
>
> @@ -446,10 +444,8 @@ for($s=0;$s<$lines;$s++)
>
> if($cgiparams{'otherspie'} == 2 ){}
> else{
> - my $colorIndex = $color % 10;
> - if($colorIndex == 0) {
> - $colorIndex = 10;
> - }
> + # colors are numbered 1 to 10
> + my $colorIndex = ($color % 10) + 1;
> $col="bgcolor='$color{\"color$colorIndex\"}'";
> print "<tr>";
>
> diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> index 5283c42..0784ab9 100644
> --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> @@ -158,23 +158,35 @@ if (!$skip)
> {
> while (<FILE>)
> {
> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(IN=.*)$/) {
> - my $packet = $2;
> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~
> /2./ ){ $iface="";}
> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> + # First check whether valid log line (date, day)
> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(IN=.*)$/) {
> + # If ipv6 uses bridge, then use PHYSIN otherwise use IN
> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(PHYSIN=.*)$/) {}
> + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(IN=.*)$/) {}
> + my $packet = $2;
> + my $iface = '';
> + my $srcaddr = '';
> + # If ipv6 uses bridge, use PHYSIN otherwise IN
> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> ($packet =~ /IN=(\w+)/) { $iface = $1 }
> + # Extract ipv4 and ipv6 addresses
> + if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> -F]{0,4})){2,7})/)) {
> + $srcaddr = $1
> + };
>
> if($iface eq $country) {
> + # iface matches country code
> $log[$lines] = $_;
> $lines++;
> }
> elsif($srcaddr ne '') {
> + # or srcaddr matches country code
> my $ccode = $gi->country_code_by_name($srcaddr);
> if($ccode eq $country){
> $log[$lines] = $_;
> $lines++;
> }
> }
> - }
> + }
> }
> close (FILE);
> }
> @@ -194,16 +206,28 @@ if ($multifile) {
> }
> if (!$skip) {
> while (<FILE>) {
> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(IN=.*)$/) {
> - if($_ =~ /SRC\=([\d\.]+)/){
> - my $srcaddr=$1;
> - my $ccode = $gi->country_code_by_name($srcaddr);
> - if($ccode eq $country){
> + # Check if valid log line (date, day)
> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(IN=.*)$/) {
> + my $iface = '';
> + # If ipv6 uses bridge, then use PHYSIN otherwise
> IN
> + if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> ($_ =~ /IN=(\w+)/) { $iface = $1 }
> +
> + if($iface eq $country) {
> + # iface matches country code
> + $log[$lines] = $_;
> + $lines++;
> + }
> + # extract ipv4 and ipv6 address
> + elsif (($_ =~
> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA
> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> + my $srcaddr=$1;
> + my $ccode = $gi
> ->country_code_by_name($srcaddr);
> + if($ccode eq $country){
> + # or srcaddr matches country code
> $log[$lines] = $_;
> $lines++;
> + }
> }
> - }
> - }
> + }
> }
> close (FILE);
> }
> @@ -308,32 +332,45 @@ $lines = 0;
> foreach $_ (@slice)
> {
> $a = $_;
> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> + # If ipv6 uses bridge, use PHYSIN otherwise use IN
> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {};
> my $packet = $4;
> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){
> $iface="";}
> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> + my $iface = '';
> + # If ipv6 uses bridge, use PHYSIN otherwise use IN
> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~
> /IN=(\w+)/) { $iface = $1 }
> + if ( $1 =~ /2./ ){ $iface="";}
> + my $srcaddr = '';
> + # Extract ipv4 and ipv6 addresses
> + if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> {
> + $srcaddr = $1
> + };
>
> if($iface eq $country || $srcaddr ne '') {
> - my $ccode;
> + my $ccode='';
> if($iface ne $country) {
> $ccode = $gi->country_code_by_name($srcaddr);
> }
> if($iface eq $country || $ccode eq $country) {
> - my $chain = '';
> + my $chain = '';
> my $in = '-'; my $out = '-';
> my $srcaddr = ''; my $dstaddr = '';
> my $protostr = '';
> my $srcport = ''; my $dstport = '';
>
> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> + # If ipv6 uses bridge, the use PHYSIN otherwise use IN
> + if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
> my $timestamp = $1; my $chain = $2; my $packet = $3;
> $timestamp =~ /(...) (..) (..:..:..)/;
> my $month = $1; my $day = $2; my $time = $3;
>
> - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> + # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use
> IN and OUT
> + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~
> /IN=(\w+)/) { $iface = $1 }
> + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~
> /OUT=(\w+)/) { $out = $1 }
> + # Extract ipv4 and ipv6 addresses
> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~
> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =
> $1; }
> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~
> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =
> $1; }
> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> my $protostrlc = lc($protostr);
> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
> diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat b/html/cgi
> -bin/logs.cgi/showrequestfromip.dat
> index 09a60b5..94e795c 100644
> --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat
> +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat
> @@ -155,7 +155,7 @@ if (!$skip)
> while (<FILE>)
> {
> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(IN=.*)$/) {
> - if($_ =~ /SRC\=([\d\.]+)/){
> + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> if($1 eq $ip){
> $log[$lines] = $_;
> $lines++;
> @@ -182,12 +182,12 @@ if ($multifile) {
> if (!$skip) {
> while (<FILE>) {
> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> kernel:.*(IN=.*)$/) {
> - if($_ =~ /SRC\=([\d\.]+)/){
> - if($1 eq $ip){
> + if (($_ =~
> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA
> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> + if($1 eq $ip){
> $log[$lines] = $_;
> $lines++;
> - }
> - }
> + }
> + }
> }
> }
> close (FILE);
> @@ -293,7 +293,8 @@ $lines = 0;
> foreach $_ (@slice)
> {
> $a = $_;
> - if($_ =~ /SRC\=([\d\.]+)/){
> + # Check whether valid ipv4 or ipv6 address
> + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~
> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> if($1 eq $ip){
> my $chain = '';
> my $in = '-'; my $out = '-';
> @@ -301,15 +302,19 @@ foreach $_ (@slice)
> my $protostr = '';
> my $srcport = ''; my $dstport = '';
>
> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
> + if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/)
> {}
> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/)
> {}
> my $timestamp = $1; my $chain = $2; my $packet = $3;
> $timestamp =~ /(...) (..) (..:..:..)/;
> my $month = $1; my $day = $2; my $time = $3;
>
> - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise
> use IN and OUT
> + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~
> /IN=(\w+)/) { $iface = $1 }
> + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~
> /OUT=(\w+)/) { $out = $1 }
> + # Detect ipv4 and ipv6 addresses
> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~
> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =
> $1; }
> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~
> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =
> $1; }
> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> my $protostrlc = lc($protostr);
> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
> diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat b/html/cgi
> -bin/logs.cgi/showrequestfromport.dat
> index ad9823c..af7779a 100644
> --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat
> +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat
> @@ -307,15 +307,19 @@ foreach $_ (@slice)
> my $protostr = '';
> my $srcport = ''; my $dstport = '';
>
> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
> + if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/)
> {}
> my $timestamp = $1; my $chain = $2; my $packet = $3;
> $timestamp =~ /(...) (..) (..:..:..)/;
> my $month = $1; my $day = $2; my $time = $3; my $iface;
>
> - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise
> use IN and OUT
> + if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~
> /IN\=(\w+)/) { $iface = $1; }
> + if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~
> /OUT\=(\w+)/) { $out = $1; }
> + # Detect ipv4 and ipv6 addresses
> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~
> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =
> $1; }
> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~
> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =
> $1; }
> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> my $protostrlc = lc($protostr);
> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: AW: Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI
@ 2016-01-23 10:59 Michael Tremer
2016-01-23 11:59 ` Michael Eitelwein
0 siblings, 1 reply; 4+ messages in thread
From: Michael Tremer @ 2016-01-23 10:59 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 29083 bytes --]
Good morning,
On Sat, 2016-01-23 at 11:50 +0100, Michael Eitelwein wrote:
> Thanks a lot.
>
> Moving on to firewall configuration for IPv6 on the web GUI - who
> would be the right person to talk to in order to understand the
> architecture and structure of the code? Or do I need to reverse
> engineer the existing?
Well, we have decided that this is a piece of work that is not possible
to do with the IPFire 2 web user interface and especially not in
reasonable time with a result that we would want.
> Does it make sense to add this to ipfire2 or should I focus on
> ipfire3?
We have started IPFire 3 instead and that's where there is full IPv6
support. Please install the latest image and have a look.
Best,
-Michael
>
> Best regards
>
> Michael
>
>
>
> Liebe Grüße,
>
> Michael
> > Am 23.01.2016 um 01:43 schrieb Michael Tremer <
> > michael.tremer(a)ipfire.org>:
> >
> > Hi,
> >
> > I merged these by pulling from your Git repository.
> >
> > Please fix this email issue.
> >
> > > On Fri, 2016-01-22 at 22:00 +0100, Matthias Fischer wrote:
> > > > On 22.01.2016 19:00, Michael Eitelwein wrote:
> > > >
> > > >
> > > >
> > > > Hi
> > > > The patch itself is working on my machine without issues. If
> > > > Matthias did not observe any issues as well, than I would
> > > > propose
> > > > to merge it into the next release. Please let me know if there
> > > > is
> > > > anything I have to do to get them merged.
> > > > The problems of applying the patch were not further examined,
> > > > as
> > > > Matthias was able to apply them in the end. Also they are now
> > > > available in git.ipfire.org, so they can be applied directly
> > > > from
> > > > there.
> > > > Michael
> > >
> > > Hi,
> > >
> > > I just clicked through all '.dat'-files: I saw no problems.
> > >
> > > Playing chicken: did anyone *else* test this? ;-)
> >
> > I guess the answer is the usual one.
> >
> > > Best,
> > > Matthias
> > >
> > > P.S.: ME, while replying to "ALL", there is something weird with
> > > your
> > > email-address: it just says "michael", not "michael(a)eitelwein.net
> > > ". I
> > > had to add your address manually from my addressbook. Bug or
> > > feature-
> > > mine or yours?
> >
> > Yeah that is a misconfiguration in the email client.
> >
> > >
> > > > -------- Ursprüngliche Nachricht --------
> > > > Von: Michael Tremer <michael.tremer(a)ipfire.org>
> > > > Datum: 22.01.2016 01:59 (GMT+01:00)
> > > > An: Michael Eitelwein <michael(a)eitelwein.net>, IPFire
> > > > Development
> > > > List <development(a)lists.ipfire.org>
> > > > Cc: Matthias Fischer <matthias.fischer(a)ipfire.org>
> > > > Betreff: Re: [PATCH 1/5] Enable correct display of ipv6 entries
> > > > in
> > > > Firewall log pages of web UI
> > > >
> > > > Hi,
> > > >
> > > > did you work out what the issue was with these emails?
> > > >
> > > > Best,
> > > > -Michael
> > > >
> > > > > On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein wrote:
> > > > > 3 main changes:
> > > > > - Fill $iface and $out from PHYSIN and PHYSOUT when looking
> > > > > at
> > > > > bridged packets, othewerwise fill from IN and OUT
> > > > > - Recognize ipv4 and ipv6 address style for $srcaddr and
> > > > > $dstaddr
> > > > > - Match color coding of tables to pie charts
> > > > >
> > > > > I am using the bridged ipv6 setup as proposed in the wiki. I
> > > > > do
> > > > > not
> > > > > think this breaks anything when not using ipv6. So it would
> > > > > be
> > > > > nice
> > > > > to include this even if ipv6 is not officially supported yet.
> > > > > It
> > > > > is
> > > > > quite useful when using the ipv6 setup.
> > > > >
> > > > > Signed-off-by: Michael Eitelwein <michael(a)eitelwein.net>
> > > > >
> > > > > ---
> > > > > html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++--
> > > > > html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43
> > > > > ++++++++-
> > > > > ----
> > > > > html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++---
> > > > > html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++--
> > > > > html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81
> > > > > +++++++++++++++++-------
> > > > > html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++--
> > > > > --
> > > > > html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++--
> > > > > 7 files changed, 131 insertions(+), 75 deletions(-)
> > > > >
> > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi
> > > > > -bin/logs.cgi/firewalllog.dat
> > > > > index 5a584d6..42c9612 100644
> > > > > --- a/html/cgi-bin/logs.cgi/firewalllog.dat
> > > > > +++ b/html/cgi-bin/logs.cgi/firewalllog.dat
> > > > > @@ -328,7 +328,10 @@ END
> > > > > $lines = 0;
> > > > > foreach $_ (@log)
> > > > > {
> > > > > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > + # If ipv6 uses a bridge, PHYSIN= contains the relevant
> > > > > iface
> > > > > information
> > > > > + # otherwise use IN=
> > > > > + if ($_ =~ /^... (..) (..:..:..) [\w\-]+
> > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > + elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+
> > > > > kernel:(.*)(IN=.*)$/) {}
> > > > > my $day = $1;
> > > > > $day =~ tr / /0/;
> > > > > my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
> > > > > @@ -336,9 +339,12 @@ foreach $_ (@log)
> > > > > my $packet = $4;
> > > > >
> > > > > my ($iface, $srcaddr, $dstaddr, $macaddr, $proto,
> > > > > $srcport,
> > > > > $dstport);
> > > > > - $iface=$1 if $packet =~ /IN=(\w+)/;
> > > > > - $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
> > > > > - $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
> > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif
> > > > > ($packet
> > > > > =~ /IN=(\w+)/) { $iface = $1}
> > > > > + # Identify whether ipv4 or ipv6. Both are mutally
> > > > > exclusive.
> > > > > + if ($packet =~
> > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
> > > > > $srcaddr=$1 }
> > > > > + if ($packet =~ /SRC\=(([0-9a-fA
> > > > > -F]{0,4})(\:([0
> > > > > -9a-fA
> > > > > -F]{0,4})){2,7})/) { $srcaddr=$1 }
> > > > > + if ($packet =~
> > > > > /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
> > > > > $dstaddr=$1 }
> > > > > + if ($packet =~ /DST\=(([0-9a-fA
> > > > > -F]{0,4})(\:([0
> > > > > -9a-fA
> > > > > -F]{0,4})){2,7})/) { $dstaddr=$1 }
> > > > > $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
> > > > > $proto=$1 if $packet =~ /PROTO=(\w+)/;
> > > > > $srcport=$1 if $packet =~ /SPT=(\d+)/;
> > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> > > > > b/html/cgi
> > > > > -bin/logs.cgi/firewalllogcountry.dat
> > > > > index f998a62..2661ddd 100644
> > > > > --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> > > > > +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> > > > > @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=
> > > > > 0){$pienumber=$cgiparams{'pienumber'};}
> > > > > if( $cgiparams{'otherspie'} !=
> > > > > 0){$otherspie=$cgiparams{'otherspie'};}
> > > > > if( $cgiparams{'showpie'} !=
> > > > > 0){$showpie=$cgiparams{'showpie'};}
> > > > > if( $cgiparams{'sortcolumn'} !=
> > > > > 0){$sortcolumn=$cgiparams{'sortcolumn'};}
> > > > > -
> > > > > print <<END
> > > > > </select>
> > > > > </td>
> > > > > @@ -294,15 +293,24 @@ $lines = 0;
> > > > >
> > > > > foreach $_ (@log)
> > > > > {
> > > > > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN
> > > > > + if (/^... (..) (..:..:..) [\w\-]+
> > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/)
> > > > > {}
> > > > > my $packet = $4;
> > > > > - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./
> > > > > ){
> > > > > $iface="";}
> > > > > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> > > > > + my $iface = '';
> > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> > > > > ($packet
> > > > > =~
> > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > + if ( $1 =~ /2./ ) { $iface=''; }
> > > > > + my $srcaddr = '';
> > > > > + # Find ipv4 and ipv6 addresses
> > > > > + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
> > > > > $srcaddr
> > > > > = $1 }
> > > > > + elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> > > > > -F]{0,4})){2,7})/) { $srcaddr = $1 }
> > > > >
> > > > > if($iface eq $red_interface) {
> > > > > + # Traffic from red
> > > > > if($srcaddr ne '') {
> > > > > + # srcaddr is set
> > > > > my $ccode = $gi->country_code_by_name($srcaddr);
> > > > > - if( $ccode eq '') {
> > > > > + if ($ccode eq '') {
> > > > > $ccode = 'unknown';
> > > > > }
> > > > > $tabjc{$ccode} = $tabjc{$ccode} + 1 ;
> > > > > @@ -311,11 +319,16 @@ foreach $_ (@log)
> > > > > }
> > > > > }
> > > > > else {
> > > > > + # Traffic not from red
> > > > > if($iface ne '') {
> > > > > $tabjc{$iface} = $tabjc{$iface} + 1 ;
> > > > > if(($tabjc{$iface} == 1) && ($lines < $pienumber)) {
> > > > > $lines
> > > > > = $lines + 1; }
> > > > > $linesjc++;
> > > > > }
> > > > > + else {
> > > > > + # What to do with empty iface lines?
> > > > > + # This probably is traffic from ipfire itself (IN=
> > > > > OUT=XY)?
> > > > > + }
> > > > > }
> > > > > }
> > > > >
> > > > > @@ -423,7 +436,6 @@ if ($showpie != 2 && $pienumber <= 50 &&
> > > > > $pienumber != 0) {
> > > > > print "<img src='/graphs/fwlog
> > > > > -country$imagerandom.png'>";
> > > > > print "</div>";
> > > > > }
> > > > > -
> > > > > print <<END
> > > > > <table width='100%' class='tbl'>
> > > > > <tr>
> > > > > @@ -448,10 +460,8 @@ for($s=0;$s<$lines;$s++)
> > > > > $percent = $value[$s] * 100 / $linesjc;
> > > > > $percent = sprintf("%.f", $percent);
> > > > > $total = $total + $value[$s];
> > > > > - my $colorIndex = $color % 10;
> > > > > - if($colorIndex == 0) {
> > > > > - $colorIndex = 10;
> > > > > - }
> > > > > + # colors are numbered 1 to 10
> > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > $color++;
> > > > > print "<tr>";
> > > > > @@ -466,8 +476,11 @@ for($s=0;$s<$lines;$s++)
> > > > > print"<input type='hidden' name='country'
> > > > > value='$key[$s]'>";
> > > > > print"<input type='submit' value='details'></form>";
> > > > > }
> > > > > -
> > > > > - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s]
> > > > > eq
> > > > > 'orange0') {
> > > > > + elsif ($key[$s] eq 'unknown') {
> > > > > + print "unknown";
> > > > > + }
> > > > > + # Looks dangerous to use hardcoded interface names here.
> > > > > Probably
> > > > > needs fixing.
> > > > > + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' ||
> > > > > $key[$s] eq
> > > > > 'orange0' ) {
> > > > > print "<td align='center' $col>$key[$s]</td>";
> > > > > }
> > > > > else {
> > > > > @@ -489,10 +502,8 @@ for($s=0;$s<$lines;$s++)
> > > > >
> > > > > if($cgiparams{'otherspie'} == 2 ){}
> > > > > else{
> > > > > - my $colorIndex = $color % 10;
> > > > > - if($colorIndex == 0) {
> > > > > - $colorIndex = 10;
> > > > > - }
> > > > > + # colors are numbered 1 to 10
> > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > print "<tr>";
> > > > >
> > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat
> > > > > b/html/cgi
> > > > > -bin/logs.cgi/firewalllogip.dat
> > > > > index 7d82d20..6fc3422 100644
> > > > > --- a/html/cgi-bin/logs.cgi/firewalllogip.dat
> > > > > +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat
> > > > > @@ -291,7 +291,8 @@ if ($pienumber == -1 || $pienumber >
> > > > > $lines
> > > > > > >
> > > > > $sortcolumn == 2) { $pienumber =
> > > > > $lines = 0;
> > > > > foreach $_ (@log)
> > > > > {
> > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > + # Extract ipv4 or ipv6 address
> > > > > + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_
> > > > > =~
> > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > $tabjc{$1} = $tabjc{$1} + 1 ;
> > > > > if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines
> > > > > =
> > > > > $lines + 1; }
> > > > > $linesjc++;
> > > > > @@ -428,10 +429,8 @@ for($s=0;$s<$lines;$s++)
> > > > > $percent = $value[$s] * 100 / $linesjc;
> > > > > $percent = sprintf("%.f", $percent);
> > > > > $total = $total + $value[$s];
> > > > > - my $colorIndex = $color % 10;
> > > > > - if($colorIndex == 0) {
> > > > > - $colorIndex = 10;
> > > > > - }
> > > > > + # colors are numbered 1 to 10
> > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > print "<tr>";
> > > > >
> > > > > @@ -459,10 +458,8 @@ for($s=0;$s<$lines;$s++)
> > > > >
> > > > > if($cgiparams{'otherspie'} == 2 ){}
> > > > > else{
> > > > > - my $colorIndex = $color % 10;
> > > > > - if($colorIndex == 0) {
> > > > > - $colorIndex = 10;
> > > > > - }
> > > > > + # colors are numbered 1 to 10
> > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > print "<tr>";
> > > > >
> > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat
> > > > > b/html/cgi
> > > > > -bin/logs.cgi/firewalllogport.dat
> > > > > index 5b0db62..583c1b3 100644
> > > > > --- a/html/cgi-bin/logs.cgi/firewalllogport.dat
> > > > > +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat
> > > > > @@ -429,10 +429,8 @@ for($s=0;$s<$lines;$s++)
> > > > > $percent = $value[$s] * 100 / $linesjc;
> > > > > $percent = sprintf("%.f", $percent);
> > > > > $total = $total + $value[$s];
> > > > > - my $colorIndex = $color % 10;
> > > > > - if($colorIndex == 0) {
> > > > > - $colorIndex = 10;
> > > > > - }
> > > > > + # colors are numbered 1 to 10
> > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > print "<tr>";
> > > > >
> > > > > @@ -446,10 +444,8 @@ for($s=0;$s<$lines;$s++)
> > > > >
> > > > > if($cgiparams{'otherspie'} == 2 ){}
> > > > > else{
> > > > > - my $colorIndex = $color % 10;
> > > > > - if($colorIndex == 0) {
> > > > > - $colorIndex = 10;
> > > > > - }
> > > > > + # colors are numbered 1 to 10
> > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > print "<tr>";
> > > > >
> > > > > diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> > > > > b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> > > > > index 5283c42..0784ab9 100644
> > > > > --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> > > > > +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> > > > > @@ -158,23 +158,35 @@ if (!$skip)
> > > > > {
> > > > > while (<FILE>)
> > > > > {
> > > > > - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > kernel:.*(IN=.*)$/) {
> > > > > - my $packet = $2;
> > > > > - $packet =~ /IN=(\w+)/; my $iface=$1; if (
> > > > > $1
> > > > > =~
> > > > > /2./ ){ $iface="";}
> > > > > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> > > > > + # First check whether valid log line (date, day)
> > > > > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > kernel:.*(IN=.*)$/) {
> > > > > + # If ipv6 uses bridge, then use PHYSIN otherwise use
> > > > > IN
> > > > > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > kernel:.*(PHYSIN=.*)$/) {}
> > > > > + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\
> > > > > -]+
> > > > > kernel:.*(IN=.*)$/) {}
> > > > > + my $packet = $2;
> > > > > + my $iface = '';
> > > > > + my $srcaddr = '';
> > > > > + # If ipv6 uses bridge, use PHYSIN otherwise IN
> > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 }
> > > > > elsif
> > > > > ($packet =~ /IN=(\w+)/) { $iface = $1 }
> > > > > + # Extract ipv4 and ipv6 addresses
> > > > > + if (($packet =~
> > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> > > > > -F]{0,4})){2,7})/)) {
> > > > > + $srcaddr = $1
> > > > > + };
> > > > >
> > > > > if($iface eq $country) {
> > > > > + # iface matches country code
> > > > > $log[$lines] = $_;
> > > > > $lines++;
> > > > > }
> > > > > elsif($srcaddr ne '') {
> > > > > + # or srcaddr matches country code
> > > > > my $ccode = $gi
> > > > > ->country_code_by_name($srcaddr);
> > > > > if($ccode eq $country){
> > > > > $log[$lines] = $_;
> > > > > $lines++;
> > > > > }
> > > > > }
> > > > > - }
> > > > > + }
> > > > > }
> > > > > close (FILE);
> > > > > }
> > > > > @@ -194,16 +206,28 @@ if ($multifile) {
> > > > > }
> > > > > if (!$skip) {
> > > > > while (<FILE>) {
> > > > > - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > kernel:.*(IN=.*)$/) {
> > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > - my $srcaddr=$1;
> > > > > - my $ccode = $gi
> > > > > ->country_code_by_name($srcaddr);
> > > > > - if($ccode eq $country){
> > > > > + # Check if valid log line (date, day)
> > > > > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > kernel:.*(IN=.*)$/) {
> > > > > + my $iface = '';
> > > > > + # If ipv6 uses bridge, then use PHYSIN
> > > > > otherwise
> > > > > IN
> > > > > + if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1
> > > > > }
> > > > > elsif
> > > > > ($_ =~ /IN=(\w+)/) { $iface = $1 }
> > > > > +
> > > > > + if($iface eq $country) {
> > > > > + # iface matches country code
> > > > > + $log[$lines] = $_;
> > > > > + $lines++;
> > > > > + }
> > > > > + # extract ipv4 and ipv6 address
> > > > > + elsif (($_ =~
> > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0
> > > > > -9a
> > > > > -fA
> > > > > -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > + my $srcaddr=$1;
> > > > > + my $ccode = $gi
> > > > > ->country_code_by_name($srcaddr);
> > > > > + if($ccode eq $country){
> > > > > + # or srcaddr matches country code
> > > > > $log[$lines] = $_;
> > > > > $lines++;
> > > > > + }
> > > > > }
> > > > > - }
> > > > > - }
> > > > > + }
> > > > > }
> > > > > close (FILE);
> > > > > }
> > > > > @@ -308,32 +332,45 @@ $lines = 0;
> > > > > foreach $_ (@slice)
> > > > > {
> > > > > $a = $_;
> > > > > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > + # If ipv6 uses bridge, use PHYSIN otherwise use IN
> > > > > + if (/^... (..) (..:..:..) [\w\-]+
> > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/)
> > > > > {};
> > > > > my $packet = $4;
> > > > > - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./
> > > > > ){
> > > > > $iface="";}
> > > > > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> > > > > + my $iface = '';
> > > > > + # If ipv6 uses bridge, use PHYSIN otherwise use IN
> > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> > > > > ($packet
> > > > > =~
> > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > + if ( $1 =~ /2./ ){ $iface="";}
> > > > > + my $srcaddr = '';
> > > > > + # Extract ipv4 and ipv6 addresses
> > > > > + if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> > > > > -F]{0,4})){2,7})/))
> > > > > {
> > > > > + $srcaddr = $1
> > > > > + };
> > > > >
> > > > > if($iface eq $country || $srcaddr ne '') {
> > > > > - my $ccode;
> > > > > + my $ccode='';
> > > > > if($iface ne $country) {
> > > > > $ccode = $gi->country_code_by_name($srcaddr);
> > > > > }
> > > > > if($iface eq $country || $ccode eq $country) {
> > > > > - my $chain = '';
> > > > > + my $chain = '';
> > > > > my $in = '-'; my $out = '-';
> > > > > my $srcaddr = ''; my $dstaddr = '';
> > > > > my $protostr = '';
> > > > > my $srcport = ''; my $dstport = '';
> > > > >
> > > > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > + # If ipv6 uses bridge, the use PHYSIN otherwise use IN
> > > > > + if ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > kernel:(.*)(IN=.*)$/)
> > > > > {}
> > > > > my $timestamp = $1; my $chain = $2; my $packet = $3;
> > > > > $timestamp =~ /(...) (..) (..:..:..)/;
> > > > > my $month = $1; my $day = $2; my $time = $3;
> > > > >
> > > > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> > > > > - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> > > > > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> > > > > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> > > > > + # If ipv6 uses bridge, use PHYSIN and PHYSOUT,
> > > > > otherwise
> > > > > use
> > > > > IN and OUT
> > > > > + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~
> > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~
> > > > > /OUT=(\w+)/) { $out = $1 }
> > > > > + # Extract ipv4 and ipv6 addresses
> > > > > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > ($a
> > > > > =~
> > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > $srcaddr =
> > > > > $1; }
> > > > > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > ($a
> > > > > =~
> > > > > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > $dstaddr =
> > > > > $1; }
> > > > > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> > > > > my $protostrlc = lc($protostr);
> > > > > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
> > > > > diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat
> > > > > b/html/cgi
> > > > > -bin/logs.cgi/showrequestfromip.dat
> > > > > index 09a60b5..94e795c 100644
> > > > > --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat
> > > > > +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat
> > > > > @@ -155,7 +155,7 @@ if (!$skip)
> > > > > while (<FILE>)
> > > > > {
> > > > > if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > kernel:.*(IN=.*)$/) {
> > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > + if (($_ =~
> > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> > > > > -F]{0,4})){2,7})/)) {
> > > > > if($1 eq $ip){
> > > > > $log[$lines] = $_;
> > > > > $lines++;
> > > > > @@ -182,12 +182,12 @@ if ($multifile) {
> > > > > if (!$skip) {
> > > > > while (<FILE>) {
> > > > > if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > kernel:.*(IN=.*)$/) {
> > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > - if($1 eq $ip){
> > > > > + if (($_ =~
> > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0
> > > > > -9a
> > > > > -fA
> > > > > -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > + if($1 eq $ip){
> > > > > $log[$lines] = $_;
> > > > > $lines++;
> > > > > - }
> > > > > - }
> > > > > + }
> > > > > + }
> > > > > }
> > > > > }
> > > > > close (FILE);
> > > > > @@ -293,7 +293,8 @@ $lines = 0;
> > > > > foreach $_ (@slice)
> > > > > {
> > > > > $a = $_;
> > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > + # Check whether valid ipv4 or ipv6 address
> > > > > + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_
> > > > > =~
> > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > if($1 eq $ip){
> > > > > my $chain = '';
> > > > > my $in = '-'; my $out = '-';
> > > > > @@ -301,15 +302,19 @@ foreach $_ (@slice)
> > > > > my $protostr = '';
> > > > > my $srcport = ''; my $dstport = '';
> > > > >
> > > > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
> > > > > + if ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > kernel:(.*)(PHYSIN=.*)$/)
> > > > > {}
> > > > > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > kernel:(.*)(IN=.*)$/)
> > > > > {}
> > > > > my $timestamp = $1; my $chain = $2; my $packet = $3;
> > > > > $timestamp =~ /(...) (..) (..:..:..)/;
> > > > > my $month = $1; my $day = $2; my $time = $3;
> > > > >
> > > > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> > > > > - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> > > > > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> > > > > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> > > > > + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT,
> > > > > otherwise
> > > > > use IN and OUT
> > > > > + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a
> > > > > =~
> > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a
> > > > > =~
> > > > > /OUT=(\w+)/) { $out = $1 }
> > > > > + # Detect ipv4 and ipv6 addresses
> > > > > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > ($a =~
> > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > $srcaddr =
> > > > > $1; }
> > > > > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > ($a =~
> > > > > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > $dstaddr =
> > > > > $1; }
> > > > > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> > > > > my $protostrlc = lc($protostr);
> > > > > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
> > > > > diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat
> > > > > b/html/cgi
> > > > > -bin/logs.cgi/showrequestfromport.dat
> > > > > index ad9823c..af7779a 100644
> > > > > --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat
> > > > > +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat
> > > > > @@ -307,15 +307,19 @@ foreach $_ (@slice)
> > > > > my $protostr = '';
> > > > > my $srcport = ''; my $dstport = '';
> > > > >
> > > > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > + # If ipv6 uses bridge, the use PHYSIN, otherwise use
> > > > > IN
> > > > > + if ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > kernel:(.*)(PHYSIN=.*)$/)
> > > > > {}
> > > > > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > kernel:(.*)(IN=.*)$/)
> > > > > {}
> > > > > my $timestamp = $1; my $chain = $2; my $packet = $3;
> > > > > $timestamp =~ /(...) (..) (..:..:..)/;
> > > > > my $month = $1; my $day = $2; my $time = $3; my $iface;
> > > > >
> > > > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> > > > > - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> > > > > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> > > > > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> > > > > + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT,
> > > > > otherwise
> > > > > use IN and OUT
> > > > > + if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~
> > > > > /IN\=(\w+)/) { $iface = $1; }
> > > > > + if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a
> > > > > =~
> > > > > /OUT\=(\w+)/) { $out = $1; }
> > > > > + # Detect ipv4 and ipv6 addresses
> > > > > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > ($a =~
> > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > $srcaddr =
> > > > > $1; }
> > > > > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > ($a =~
> > > > > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > $dstaddr =
> > > > > $1; }
> > > > > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> > > > > my $protostrlc = lc($protostr);
> > > > > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI
2016-01-23 10:59 AW: " Michael Tremer
@ 2016-01-23 11:59 ` Michael Eitelwein
2016-01-23 13:07 ` Michael Tremer
0 siblings, 1 reply; 4+ messages in thread
From: Michael Eitelwein @ 2016-01-23 11:59 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 28186 bytes --]
Ok, would concentrate on ipfire3 then.
Only issue I have is that I am not experienced enough to develop something from scratch. If there is an existing architecture/framework, then I should be able to dig in and produce algorithms and code. So if there were a developer who could point me to the topics to be picked up and get started, this would be very helpful for me.
Hope this makes sense.
Michael
> Am 23.01.2016 um 11:59 schrieb Michael Tremer <michael.tremer(a)ipfire.org>:
>
> Good morning,
>
> On Sat, 2016-01-23 at 11:50 +0100, Michael Eitelwein wrote:
>> Thanks a lot.
>>
>> Moving on to firewall configuration for IPv6 on the web GUI - who
>> would be the right person to talk to in order to understand the
>> architecture and structure of the code? Or do I need to reverse
>> engineer the existing?
>
> Well, we have decided that this is a piece of work that is not possible
> to do with the IPFire 2 web user interface and especially not in
> reasonable time with a result that we would want.
>
>> Does it make sense to add this to ipfire2 or should I focus on
>> ipfire3?
>
> We have started IPFire 3 instead and that's where there is full IPv6
> support. Please install the latest image and have a look.
>
> Best,
> -Michael
>
>>
>> Best regards
>>
>> Michael
>>
>>
>>
>> Liebe Grüße,
>>
>> Michael
>>> Am 23.01.2016 um 01:43 schrieb Michael Tremer <
>>> michael.tremer(a)ipfire.org>:
>>>
>>> Hi,
>>>
>>> I merged these by pulling from your Git repository.
>>>
>>> Please fix this email issue.
>>>
>>>> On Fri, 2016-01-22 at 22:00 +0100, Matthias Fischer wrote:
>>>>> On 22.01.2016 19:00, Michael Eitelwein wrote:
>>>>>
>>>>>
>>>>>
>>>>> Hi
>>>>> The patch itself is working on my machine without issues. If
>>>>> Matthias did not observe any issues as well, than I would
>>>>> propose
>>>>> to merge it into the next release. Please let me know if there
>>>>> is
>>>>> anything I have to do to get them merged.
>>>>> The problems of applying the patch were not further examined,
>>>>> as
>>>>> Matthias was able to apply them in the end. Also they are now
>>>>> available in git.ipfire.org, so they can be applied directly
>>>>> from
>>>>> there.
>>>>> Michael
>>>>
>>>> Hi,
>>>>
>>>> I just clicked through all '.dat'-files: I saw no problems.
>>>>
>>>> Playing chicken: did anyone *else* test this? ;-)
>>>
>>> I guess the answer is the usual one.
>>>
>>>> Best,
>>>> Matthias
>>>>
>>>> P.S.: ME, while replying to "ALL", there is something weird with
>>>> your
>>>> email-address: it just says "michael", not "michael(a)eitelwein.net
>>>> ". I
>>>> had to add your address manually from my addressbook. Bug or
>>>> feature-
>>>> mine or yours?
>>>
>>> Yeah that is a misconfiguration in the email client.
>>>
>>>>
>>>>> -------- Ursprüngliche Nachricht --------
>>>>> Von: Michael Tremer <michael.tremer(a)ipfire.org>
>>>>> Datum: 22.01.2016 01:59 (GMT+01:00)
>>>>> An: Michael Eitelwein <michael(a)eitelwein.net>, IPFire
>>>>> Development
>>>>> List <development(a)lists.ipfire.org>
>>>>> Cc: Matthias Fischer <matthias.fischer(a)ipfire.org>
>>>>> Betreff: Re: [PATCH 1/5] Enable correct display of ipv6 entries
>>>>> in
>>>>> Firewall log pages of web UI
>>>>>
>>>>> Hi,
>>>>>
>>>>> did you work out what the issue was with these emails?
>>>>>
>>>>> Best,
>>>>> -Michael
>>>>>
>>>>>> On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein wrote:
>>>>>> 3 main changes:
>>>>>> - Fill $iface and $out from PHYSIN and PHYSOUT when looking
>>>>>> at
>>>>>> bridged packets, othewerwise fill from IN and OUT
>>>>>> - Recognize ipv4 and ipv6 address style for $srcaddr and
>>>>>> $dstaddr
>>>>>> - Match color coding of tables to pie charts
>>>>>>
>>>>>> I am using the bridged ipv6 setup as proposed in the wiki. I
>>>>>> do
>>>>>> not
>>>>>> think this breaks anything when not using ipv6. So it would
>>>>>> be
>>>>>> nice
>>>>>> to include this even if ipv6 is not officially supported yet.
>>>>>> It
>>>>>> is
>>>>>> quite useful when using the ipv6 setup.
>>>>>>
>>>>>> Signed-off-by: Michael Eitelwein <michael(a)eitelwein.net>
>>>>>>
>>>>>> ---
>>>>>> html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++--
>>>>>> html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43
>>>>>> ++++++++-
>>>>>> ----
>>>>>> html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++---
>>>>>> html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++--
>>>>>> html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81
>>>>>> +++++++++++++++++-------
>>>>>> html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++--
>>>>>> --
>>>>>> html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++--
>>>>>> 7 files changed, 131 insertions(+), 75 deletions(-)
>>>>>>
>>>>>> diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi
>>>>>> -bin/logs.cgi/firewalllog.dat
>>>>>> index 5a584d6..42c9612 100644
>>>>>> --- a/html/cgi-bin/logs.cgi/firewalllog.dat
>>>>>> +++ b/html/cgi-bin/logs.cgi/firewalllog.dat
>>>>>> @@ -328,7 +328,10 @@ END
>>>>>> $lines = 0;
>>>>>> foreach $_ (@log)
>>>>>> {
>>>>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
>>>>>> + # If ipv6 uses a bridge, PHYSIN= contains the relevant
>>>>>> iface
>>>>>> information
>>>>>> + # otherwise use IN=
>>>>>> + if ($_ =~ /^... (..) (..:..:..) [\w\-]+
>>>>>> kernel:(.*)(PHYSIN=.*)$/) {}
>>>>>> + elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+
>>>>>> kernel:(.*)(IN=.*)$/) {}
>>>>>> my $day = $1;
>>>>>> $day =~ tr / /0/;
>>>>>> my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
>>>>>> @@ -336,9 +339,12 @@ foreach $_ (@log)
>>>>>> my $packet = $4;
>>>>>>
>>>>>> my ($iface, $srcaddr, $dstaddr, $macaddr, $proto,
>>>>>> $srcport,
>>>>>> $dstport);
>>>>>> - $iface=$1 if $packet =~ /IN=(\w+)/;
>>>>>> - $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
>>>>>> - $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
>>>>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif
>>>>>> ($packet
>>>>>> =~ /IN=(\w+)/) { $iface = $1}
>>>>>> + # Identify whether ipv4 or ipv6. Both are mutally
>>>>>> exclusive.
>>>>>> + if ($packet =~
>>>>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
>>>>>> $srcaddr=$1 }
>>>>>> + if ($packet =~ /SRC\=(([0-9a-fA
>>>>>> -F]{0,4})(\:([0
>>>>>> -9a-fA
>>>>>> -F]{0,4})){2,7})/) { $srcaddr=$1 }
>>>>>> + if ($packet =~
>>>>>> /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
>>>>>> $dstaddr=$1 }
>>>>>> + if ($packet =~ /DST\=(([0-9a-fA
>>>>>> -F]{0,4})(\:([0
>>>>>> -9a-fA
>>>>>> -F]{0,4})){2,7})/) { $dstaddr=$1 }
>>>>>> $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
>>>>>> $proto=$1 if $packet =~ /PROTO=(\w+)/;
>>>>>> $srcport=$1 if $packet =~ /SPT=(\d+)/;
>>>>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
>>>>>> b/html/cgi
>>>>>> -bin/logs.cgi/firewalllogcountry.dat
>>>>>> index f998a62..2661ddd 100644
>>>>>> --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
>>>>>> +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
>>>>>> @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=
>>>>>> 0){$pienumber=$cgiparams{'pienumber'};}
>>>>>> if( $cgiparams{'otherspie'} !=
>>>>>> 0){$otherspie=$cgiparams{'otherspie'};}
>>>>>> if( $cgiparams{'showpie'} !=
>>>>>> 0){$showpie=$cgiparams{'showpie'};}
>>>>>> if( $cgiparams{'sortcolumn'} !=
>>>>>> 0){$sortcolumn=$cgiparams{'sortcolumn'};}
>>>>>> -
>>>>>> print <<END
>>>>>> </select>
>>>>>> </td>
>>>>>> @@ -294,15 +293,24 @@ $lines = 0;
>>>>>>
>>>>>> foreach $_ (@log)
>>>>>> {
>>>>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
>>>>>> + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN
>>>>>> + if (/^... (..) (..:..:..) [\w\-]+
>>>>>> kernel:(.*)(PHYSIN=.*)$/) {}
>>>>>> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/)
>>>>>> {}
>>>>>> my $packet = $4;
>>>>>> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./
>>>>>> ){
>>>>>> $iface="";}
>>>>>> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
>>>>>> + my $iface = '';
>>>>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
>>>>>> ($packet
>>>>>> =~
>>>>>> /IN=(\w+)/) { $iface = $1 }
>>>>>> + if ( $1 =~ /2./ ) { $iface=''; }
>>>>>> + my $srcaddr = '';
>>>>>> + # Find ipv4 and ipv6 addresses
>>>>>> + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
>>>>>> $srcaddr
>>>>>> = $1 }
>>>>>> + elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
>>>>>> -F]{0,4})){2,7})/) { $srcaddr = $1 }
>>>>>>
>>>>>> if($iface eq $red_interface) {
>>>>>> + # Traffic from red
>>>>>> if($srcaddr ne '') {
>>>>>> + # srcaddr is set
>>>>>> my $ccode = $gi->country_code_by_name($srcaddr);
>>>>>> - if( $ccode eq '') {
>>>>>> + if ($ccode eq '') {
>>>>>> $ccode = 'unknown';
>>>>>> }
>>>>>> $tabjc{$ccode} = $tabjc{$ccode} + 1 ;
>>>>>> @@ -311,11 +319,16 @@ foreach $_ (@log)
>>>>>> }
>>>>>> }
>>>>>> else {
>>>>>> + # Traffic not from red
>>>>>> if($iface ne '') {
>>>>>> $tabjc{$iface} = $tabjc{$iface} + 1 ;
>>>>>> if(($tabjc{$iface} == 1) && ($lines < $pienumber)) {
>>>>>> $lines
>>>>>> = $lines + 1; }
>>>>>> $linesjc++;
>>>>>> }
>>>>>> + else {
>>>>>> + # What to do with empty iface lines?
>>>>>> + # This probably is traffic from ipfire itself (IN=
>>>>>> OUT=XY)?
>>>>>> + }
>>>>>> }
>>>>>> }
>>>>>>
>>>>>> @@ -423,7 +436,6 @@ if ($showpie != 2 && $pienumber <= 50 &&
>>>>>> $pienumber != 0) {
>>>>>> print "<img src='/graphs/fwlog
>>>>>> -country$imagerandom.png'>";
>>>>>> print "</div>";
>>>>>> }
>>>>>> -
>>>>>> print <<END
>>>>>> <table width='100%' class='tbl'>
>>>>>> <tr>
>>>>>> @@ -448,10 +460,8 @@ for($s=0;$s<$lines;$s++)
>>>>>> $percent = $value[$s] * 100 / $linesjc;
>>>>>> $percent = sprintf("%.f", $percent);
>>>>>> $total = $total + $value[$s];
>>>>>> - my $colorIndex = $color % 10;
>>>>>> - if($colorIndex == 0) {
>>>>>> - $colorIndex = 10;
>>>>>> - }
>>>>>> + # colors are numbered 1 to 10
>>>>>> + my $colorIndex = ($color % 10) + 1;
>>>>>> $col="bgcolor='$color{\"color$colorIndex\"}'";
>>>>>> $color++;
>>>>>> print "<tr>";
>>>>>> @@ -466,8 +476,11 @@ for($s=0;$s<$lines;$s++)
>>>>>> print"<input type='hidden' name='country'
>>>>>> value='$key[$s]'>";
>>>>>> print"<input type='submit' value='details'></form>";
>>>>>> }
>>>>>> -
>>>>>> - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s]
>>>>>> eq
>>>>>> 'orange0') {
>>>>>> + elsif ($key[$s] eq 'unknown') {
>>>>>> + print "unknown";
>>>>>> + }
>>>>>> + # Looks dangerous to use hardcoded interface names here.
>>>>>> Probably
>>>>>> needs fixing.
>>>>>> + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' ||
>>>>>> $key[$s] eq
>>>>>> 'orange0' ) {
>>>>>> print "<td align='center' $col>$key[$s]</td>";
>>>>>> }
>>>>>> else {
>>>>>> @@ -489,10 +502,8 @@ for($s=0;$s<$lines;$s++)
>>>>>>
>>>>>> if($cgiparams{'otherspie'} == 2 ){}
>>>>>> else{
>>>>>> - my $colorIndex = $color % 10;
>>>>>> - if($colorIndex == 0) {
>>>>>> - $colorIndex = 10;
>>>>>> - }
>>>>>> + # colors are numbered 1 to 10
>>>>>> + my $colorIndex = ($color % 10) + 1;
>>>>>> $col="bgcolor='$color{\"color$colorIndex\"}'";
>>>>>> print "<tr>";
>>>>>>
>>>>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat
>>>>>> b/html/cgi
>>>>>> -bin/logs.cgi/firewalllogip.dat
>>>>>> index 7d82d20..6fc3422 100644
>>>>>> --- a/html/cgi-bin/logs.cgi/firewalllogip.dat
>>>>>> +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat
>>>>>> @@ -291,7 +291,8 @@ if ($pienumber == -1 || $pienumber >
>>>>>> $lines
>>>>>>>>
>>>>>> $sortcolumn == 2) { $pienumber =
>>>>>> $lines = 0;
>>>>>> foreach $_ (@log)
>>>>>> {
>>>>>> - if($_ =~ /SRC\=([\d\.]+)/){
>>>>>> + # Extract ipv4 or ipv6 address
>>>>>> + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_
>>>>>> =~
>>>>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> $tabjc{$1} = $tabjc{$1} + 1 ;
>>>>>> if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines
>>>>>> =
>>>>>> $lines + 1; }
>>>>>> $linesjc++;
>>>>>> @@ -428,10 +429,8 @@ for($s=0;$s<$lines;$s++)
>>>>>> $percent = $value[$s] * 100 / $linesjc;
>>>>>> $percent = sprintf("%.f", $percent);
>>>>>> $total = $total + $value[$s];
>>>>>> - my $colorIndex = $color % 10;
>>>>>> - if($colorIndex == 0) {
>>>>>> - $colorIndex = 10;
>>>>>> - }
>>>>>> + # colors are numbered 1 to 10
>>>>>> + my $colorIndex = ($color % 10) + 1;
>>>>>> $col="bgcolor='$color{\"color$colorIndex\"}'";
>>>>>> print "<tr>";
>>>>>>
>>>>>> @@ -459,10 +458,8 @@ for($s=0;$s<$lines;$s++)
>>>>>>
>>>>>> if($cgiparams{'otherspie'} == 2 ){}
>>>>>> else{
>>>>>> - my $colorIndex = $color % 10;
>>>>>> - if($colorIndex == 0) {
>>>>>> - $colorIndex = 10;
>>>>>> - }
>>>>>> + # colors are numbered 1 to 10
>>>>>> + my $colorIndex = ($color % 10) + 1;
>>>>>> $col="bgcolor='$color{\"color$colorIndex\"}'";
>>>>>> print "<tr>";
>>>>>>
>>>>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat
>>>>>> b/html/cgi
>>>>>> -bin/logs.cgi/firewalllogport.dat
>>>>>> index 5b0db62..583c1b3 100644
>>>>>> --- a/html/cgi-bin/logs.cgi/firewalllogport.dat
>>>>>> +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat
>>>>>> @@ -429,10 +429,8 @@ for($s=0;$s<$lines;$s++)
>>>>>> $percent = $value[$s] * 100 / $linesjc;
>>>>>> $percent = sprintf("%.f", $percent);
>>>>>> $total = $total + $value[$s];
>>>>>> - my $colorIndex = $color % 10;
>>>>>> - if($colorIndex == 0) {
>>>>>> - $colorIndex = 10;
>>>>>> - }
>>>>>> + # colors are numbered 1 to 10
>>>>>> + my $colorIndex = ($color % 10) + 1;
>>>>>> $col="bgcolor='$color{\"color$colorIndex\"}'";
>>>>>> print "<tr>";
>>>>>>
>>>>>> @@ -446,10 +444,8 @@ for($s=0;$s<$lines;$s++)
>>>>>>
>>>>>> if($cgiparams{'otherspie'} == 2 ){}
>>>>>> else{
>>>>>> - my $colorIndex = $color % 10;
>>>>>> - if($colorIndex == 0) {
>>>>>> - $colorIndex = 10;
>>>>>> - }
>>>>>> + # colors are numbered 1 to 10
>>>>>> + my $colorIndex = ($color % 10) + 1;
>>>>>> $col="bgcolor='$color{\"color$colorIndex\"}'";
>>>>>> print "<tr>";
>>>>>>
>>>>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
>>>>>> b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
>>>>>> index 5283c42..0784ab9 100644
>>>>>> --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
>>>>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
>>>>>> @@ -158,23 +158,35 @@ if (!$skip)
>>>>>> {
>>>>>> while (<FILE>)
>>>>>> {
>>>>>> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
>>>>>> kernel:.*(IN=.*)$/) {
>>>>>> - my $packet = $2;
>>>>>> - $packet =~ /IN=(\w+)/; my $iface=$1; if (
>>>>>> $1
>>>>>> =~
>>>>>> /2./ ){ $iface="";}
>>>>>> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
>>>>>> + # First check whether valid log line (date, day)
>>>>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
>>>>>> kernel:.*(IN=.*)$/) {
>>>>>> + # If ipv6 uses bridge, then use PHYSIN otherwise use
>>>>>> IN
>>>>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
>>>>>> kernel:.*(PHYSIN=.*)$/) {}
>>>>>> + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\
>>>>>> -]+
>>>>>> kernel:.*(IN=.*)$/) {}
>>>>>> + my $packet = $2;
>>>>>> + my $iface = '';
>>>>>> + my $srcaddr = '';
>>>>>> + # If ipv6 uses bridge, use PHYSIN otherwise IN
>>>>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 }
>>>>>> elsif
>>>>>> ($packet =~ /IN=(\w+)/) { $iface = $1 }
>>>>>> + # Extract ipv4 and ipv6 addresses
>>>>>> + if (($packet =~
>>>>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
>>>>>> or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
>>>>>> -F]{0,4})){2,7})/)) {
>>>>>> + $srcaddr = $1
>>>>>> + };
>>>>>>
>>>>>> if($iface eq $country) {
>>>>>> + # iface matches country code
>>>>>> $log[$lines] = $_;
>>>>>> $lines++;
>>>>>> }
>>>>>> elsif($srcaddr ne '') {
>>>>>> + # or srcaddr matches country code
>>>>>> my $ccode = $gi
>>>>>> ->country_code_by_name($srcaddr);
>>>>>> if($ccode eq $country){
>>>>>> $log[$lines] = $_;
>>>>>> $lines++;
>>>>>> }
>>>>>> }
>>>>>> - }
>>>>>> + }
>>>>>> }
>>>>>> close (FILE);
>>>>>> }
>>>>>> @@ -194,16 +206,28 @@ if ($multifile) {
>>>>>> }
>>>>>> if (!$skip) {
>>>>>> while (<FILE>) {
>>>>>> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
>>>>>> kernel:.*(IN=.*)$/) {
>>>>>> - if($_ =~ /SRC\=([\d\.]+)/){
>>>>>> - my $srcaddr=$1;
>>>>>> - my $ccode = $gi
>>>>>> ->country_code_by_name($srcaddr);
>>>>>> - if($ccode eq $country){
>>>>>> + # Check if valid log line (date, day)
>>>>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
>>>>>> kernel:.*(IN=.*)$/) {
>>>>>> + my $iface = '';
>>>>>> + # If ipv6 uses bridge, then use PHYSIN
>>>>>> otherwise
>>>>>> IN
>>>>>> + if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1
>>>>>> }
>>>>>> elsif
>>>>>> ($_ =~ /IN=(\w+)/) { $iface = $1 }
>>>>>> +
>>>>>> + if($iface eq $country) {
>>>>>> + # iface matches country code
>>>>>> + $log[$lines] = $_;
>>>>>> + $lines++;
>>>>>> + }
>>>>>> + # extract ipv4 and ipv6 address
>>>>>> + elsif (($_ =~
>>>>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0
>>>>>> -9a
>>>>>> -fA
>>>>>> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> + my $srcaddr=$1;
>>>>>> + my $ccode = $gi
>>>>>> ->country_code_by_name($srcaddr);
>>>>>> + if($ccode eq $country){
>>>>>> + # or srcaddr matches country code
>>>>>> $log[$lines] = $_;
>>>>>> $lines++;
>>>>>> + }
>>>>>> }
>>>>>> - }
>>>>>> - }
>>>>>> + }
>>>>>> }
>>>>>> close (FILE);
>>>>>> }
>>>>>> @@ -308,32 +332,45 @@ $lines = 0;
>>>>>> foreach $_ (@slice)
>>>>>> {
>>>>>> $a = $_;
>>>>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
>>>>>> + # If ipv6 uses bridge, use PHYSIN otherwise use IN
>>>>>> + if (/^... (..) (..:..:..) [\w\-]+
>>>>>> kernel:(.*)(PHYSIN=.*)$/) {}
>>>>>> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/)
>>>>>> {};
>>>>>> my $packet = $4;
>>>>>> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./
>>>>>> ){
>>>>>> $iface="";}
>>>>>> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
>>>>>> + my $iface = '';
>>>>>> + # If ipv6 uses bridge, use PHYSIN otherwise use IN
>>>>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
>>>>>> ($packet
>>>>>> =~
>>>>>> /IN=(\w+)/) { $iface = $1 }
>>>>>> + if ( $1 =~ /2./ ){ $iface="";}
>>>>>> + my $srcaddr = '';
>>>>>> + # Extract ipv4 and ipv6 addresses
>>>>>> + if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
>>>>>> ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
>>>>>> -F]{0,4})){2,7})/))
>>>>>> {
>>>>>> + $srcaddr = $1
>>>>>> + };
>>>>>>
>>>>>> if($iface eq $country || $srcaddr ne '') {
>>>>>> - my $ccode;
>>>>>> + my $ccode='';
>>>>>> if($iface ne $country) {
>>>>>> $ccode = $gi->country_code_by_name($srcaddr);
>>>>>> }
>>>>>> if($iface eq $country || $ccode eq $country) {
>>>>>> - my $chain = '';
>>>>>> + my $chain = '';
>>>>>> my $in = '-'; my $out = '-';
>>>>>> my $srcaddr = ''; my $dstaddr = '';
>>>>>> my $protostr = '';
>>>>>> my $srcport = ''; my $dstport = '';
>>>>>>
>>>>>> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
>>>>>> + # If ipv6 uses bridge, the use PHYSIN otherwise use IN
>>>>>> + if ($_ =~ /(^.* ..:..:..) [\w\-]+
>>>>>> kernel:(.*)(PHYSIN=.*)$/) {}
>>>>>> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
>>>>>> kernel:(.*)(IN=.*)$/)
>>>>>> {}
>>>>>> my $timestamp = $1; my $chain = $2; my $packet = $3;
>>>>>> $timestamp =~ /(...) (..) (..:..:..)/;
>>>>>> my $month = $1; my $day = $2; my $time = $3;
>>>>>>
>>>>>> - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
>>>>>> - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
>>>>>> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
>>>>>> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
>>>>>> + # If ipv6 uses bridge, use PHYSIN and PHYSOUT,
>>>>>> otherwise
>>>>>> use
>>>>>> IN and OUT
>>>>>> + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~
>>>>>> /IN=(\w+)/) { $iface = $1 }
>>>>>> + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~
>>>>>> /OUT=(\w+)/) { $out = $1 }
>>>>>> + # Extract ipv4 and ipv6 addresses
>>>>>> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
>>>>>> ($a
>>>>>> =~
>>>>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> $srcaddr =
>>>>>> $1; }
>>>>>> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
>>>>>> ($a
>>>>>> =~
>>>>>> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> $dstaddr =
>>>>>> $1; }
>>>>>> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
>>>>>> my $protostrlc = lc($protostr);
>>>>>> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
>>>>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat
>>>>>> b/html/cgi
>>>>>> -bin/logs.cgi/showrequestfromip.dat
>>>>>> index 09a60b5..94e795c 100644
>>>>>> --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat
>>>>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat
>>>>>> @@ -155,7 +155,7 @@ if (!$skip)
>>>>>> while (<FILE>)
>>>>>> {
>>>>>> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
>>>>>> kernel:.*(IN=.*)$/) {
>>>>>> - if($_ =~ /SRC\=([\d\.]+)/){
>>>>>> + if (($_ =~
>>>>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
>>>>>> or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
>>>>>> -F]{0,4})){2,7})/)) {
>>>>>> if($1 eq $ip){
>>>>>> $log[$lines] = $_;
>>>>>> $lines++;
>>>>>> @@ -182,12 +182,12 @@ if ($multifile) {
>>>>>> if (!$skip) {
>>>>>> while (<FILE>) {
>>>>>> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
>>>>>> kernel:.*(IN=.*)$/) {
>>>>>> - if($_ =~ /SRC\=([\d\.]+)/){
>>>>>> - if($1 eq $ip){
>>>>>> + if (($_ =~
>>>>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0
>>>>>> -9a
>>>>>> -fA
>>>>>> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> + if($1 eq $ip){
>>>>>> $log[$lines] = $_;
>>>>>> $lines++;
>>>>>> - }
>>>>>> - }
>>>>>> + }
>>>>>> + }
>>>>>> }
>>>>>> }
>>>>>> close (FILE);
>>>>>> @@ -293,7 +293,8 @@ $lines = 0;
>>>>>> foreach $_ (@slice)
>>>>>> {
>>>>>> $a = $_;
>>>>>> - if($_ =~ /SRC\=([\d\.]+)/){
>>>>>> + # Check whether valid ipv4 or ipv6 address
>>>>>> + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_
>>>>>> =~
>>>>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> if($1 eq $ip){
>>>>>> my $chain = '';
>>>>>> my $in = '-'; my $out = '-';
>>>>>> @@ -301,15 +302,19 @@ foreach $_ (@slice)
>>>>>> my $protostr = '';
>>>>>> my $srcport = ''; my $dstport = '';
>>>>>>
>>>>>> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
>>>>>> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
>>>>>> + if ($_ =~ /(^.* ..:..:..) [\w\-]+
>>>>>> kernel:(.*)(PHYSIN=.*)$/)
>>>>>> {}
>>>>>> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
>>>>>> kernel:(.*)(IN=.*)$/)
>>>>>> {}
>>>>>> my $timestamp = $1; my $chain = $2; my $packet = $3;
>>>>>> $timestamp =~ /(...) (..) (..:..:..)/;
>>>>>> my $month = $1; my $day = $2; my $time = $3;
>>>>>>
>>>>>> - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
>>>>>> - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
>>>>>> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
>>>>>> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
>>>>>> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT,
>>>>>> otherwise
>>>>>> use IN and OUT
>>>>>> + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a
>>>>>> =~
>>>>>> /IN=(\w+)/) { $iface = $1 }
>>>>>> + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a
>>>>>> =~
>>>>>> /OUT=(\w+)/) { $out = $1 }
>>>>>> + # Detect ipv4 and ipv6 addresses
>>>>>> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
>>>>>> ($a =~
>>>>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> $srcaddr =
>>>>>> $1; }
>>>>>> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
>>>>>> ($a =~
>>>>>> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> $dstaddr =
>>>>>> $1; }
>>>>>> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
>>>>>> my $protostrlc = lc($protostr);
>>>>>> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
>>>>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat
>>>>>> b/html/cgi
>>>>>> -bin/logs.cgi/showrequestfromport.dat
>>>>>> index ad9823c..af7779a 100644
>>>>>> --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat
>>>>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat
>>>>>> @@ -307,15 +307,19 @@ foreach $_ (@slice)
>>>>>> my $protostr = '';
>>>>>> my $srcport = ''; my $dstport = '';
>>>>>>
>>>>>> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
>>>>>> + # If ipv6 uses bridge, the use PHYSIN, otherwise use
>>>>>> IN
>>>>>> + if ($_ =~ /(^.* ..:..:..) [\w\-]+
>>>>>> kernel:(.*)(PHYSIN=.*)$/)
>>>>>> {}
>>>>>> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
>>>>>> kernel:(.*)(IN=.*)$/)
>>>>>> {}
>>>>>> my $timestamp = $1; my $chain = $2; my $packet = $3;
>>>>>> $timestamp =~ /(...) (..) (..:..:..)/;
>>>>>> my $month = $1; my $day = $2; my $time = $3; my $iface;
>>>>>>
>>>>>> - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
>>>>>> - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
>>>>>> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
>>>>>> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
>>>>>> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT,
>>>>>> otherwise
>>>>>> use IN and OUT
>>>>>> + if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~
>>>>>> /IN\=(\w+)/) { $iface = $1; }
>>>>>> + if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a
>>>>>> =~
>>>>>> /OUT\=(\w+)/) { $out = $1; }
>>>>>> + # Detect ipv4 and ipv6 addresses
>>>>>> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
>>>>>> ($a =~
>>>>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> $srcaddr =
>>>>>> $1; }
>>>>>> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
>>>>>> ($a =~
>>>>>> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
>>>>>> $dstaddr =
>>>>>> $1; }
>>>>>> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
>>>>>> my $protostrlc = lc($protostr);
>>>>>> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI
2016-01-23 11:59 ` Michael Eitelwein
@ 2016-01-23 13:07 ` Michael Tremer
0 siblings, 0 replies; 4+ messages in thread
From: Michael Tremer @ 2016-01-23 13:07 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 33827 bytes --]
Hi,
I created a new thread for this on the list.
http://lists.ipfire.org/pipermail/development/2016-January/001487.html
I think this is the starting point you have been asking for?!
Best,
-Michael
On Sat, 2016-01-23 at 12:59 +0100, Michael Eitelwein wrote:
> Ok, would concentrate on ipfire3 then.
>
> Only issue I have is that I am not experienced enough to develop
> something from scratch. If there is an existing
> architecture/framework, then I should be able to dig in and produce
> algorithms and code. So if there were a developer who could point me
> to the topics to be picked up and get started, this would be very
> helpful for me.
>
> Hope this makes sense.
>
> Michael
>
>
> > Am 23.01.2016 um 11:59 schrieb Michael Tremer <
> > michael.tremer(a)ipfire.org>:
> >
> > Good morning,
> >
> > On Sat, 2016-01-23 at 11:50 +0100, Michael Eitelwein wrote:
> > > Thanks a lot.
> > >
> > > Moving on to firewall configuration for IPv6 on the web GUI - who
> > > would be the right person to talk to in order to understand the
> > > architecture and structure of the code? Or do I need to reverse
> > > engineer the existing?
> >
> > Well, we have decided that this is a piece of work that is not
> > possible
> > to do with the IPFire 2 web user interface and especially not in
> > reasonable time with a result that we would want.
> >
> > > Does it make sense to add this to ipfire2 or should I focus on
> > > ipfire3?
> >
> > We have started IPFire 3 instead and that's where there is full
> > IPv6
> > support. Please install the latest image and have a look.
> >
> > Best,
> > -Michael
> >
> > >
> > > Best regards
> > >
> > > Michael
> > >
> > >
> > >
> > > Liebe Grüße,
> > >
> > > Michael
> > > > Am 23.01.2016 um 01:43 schrieb Michael Tremer <
> > > > michael.tremer(a)ipfire.org>:
> > > >
> > > > Hi,
> > > >
> > > > I merged these by pulling from your Git repository.
> > > >
> > > > Please fix this email issue.
> > > >
> > > > > On Fri, 2016-01-22 at 22:00 +0100, Matthias Fischer wrote:
> > > > > > On 22.01.2016 19:00, Michael Eitelwein wrote:
> > > > > >
> > > > > >
> > > > > >
> > > > > > Hi
> > > > > > The patch itself is working on my machine without issues.
> > > > > > If
> > > > > > Matthias did not observe any issues as well, than I would
> > > > > > propose
> > > > > > to merge it into the next release. Please let me know if
> > > > > > there
> > > > > > is
> > > > > > anything I have to do to get them merged.
> > > > > > The problems of applying the patch were not further
> > > > > > examined,
> > > > > > as
> > > > > > Matthias was able to apply them in the end. Also they are
> > > > > > now
> > > > > > available in git.ipfire.org, so they can be applied
> > > > > > directly
> > > > > > from
> > > > > > there.
> > > > > > Michael
> > > > >
> > > > > Hi,
> > > > >
> > > > > I just clicked through all '.dat'-files: I saw no problems.
> > > > >
> > > > > Playing chicken: did anyone *else* test this? ;-)
> > > >
> > > > I guess the answer is the usual one.
> > > >
> > > > > Best,
> > > > > Matthias
> > > > >
> > > > > P.S.: ME, while replying to "ALL", there is something weird
> > > > > with
> > > > > your
> > > > > email-address: it just says "michael", not "
> > > > > michael(a)eitelwein.net
> > > > > ". I
> > > > > had to add your address manually from my addressbook. Bug or
> > > > > feature-
> > > > > mine or yours?
> > > >
> > > > Yeah that is a misconfiguration in the email client.
> > > >
> > > > >
> > > > > > -------- Ursprüngliche Nachricht --------
> > > > > > Von: Michael Tremer <michael.tremer(a)ipfire.org>
> > > > > > Datum: 22.01.2016 01:59 (GMT+01:00)
> > > > > > An: Michael Eitelwein <michael(a)eitelwein.net>, IPFire
> > > > > > Development
> > > > > > List <development(a)lists.ipfire.org>
> > > > > > Cc: Matthias Fischer <matthias.fischer(a)ipfire.org>
> > > > > > Betreff: Re: [PATCH 1/5] Enable correct display of ipv6
> > > > > > entries
> > > > > > in
> > > > > > Firewall log pages of web UI
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > did you work out what the issue was with these emails?
> > > > > >
> > > > > > Best,
> > > > > > -Michael
> > > > > >
> > > > > > > On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein
> > > > > > > wrote:
> > > > > > > 3 main changes:
> > > > > > > - Fill $iface and $out from PHYSIN and PHYSOUT when
> > > > > > > looking
> > > > > > > at
> > > > > > > bridged packets, othewerwise fill from IN and OUT
> > > > > > > - Recognize ipv4 and ipv6 address style for $srcaddr and
> > > > > > > $dstaddr
> > > > > > > - Match color coding of tables to pie charts
> > > > > > >
> > > > > > > I am using the bridged ipv6 setup as proposed in the
> > > > > > > wiki. I
> > > > > > > do
> > > > > > > not
> > > > > > > think this breaks anything when not using ipv6. So it
> > > > > > > would
> > > > > > > be
> > > > > > > nice
> > > > > > > to include this even if ipv6 is not officially supported
> > > > > > > yet.
> > > > > > > It
> > > > > > > is
> > > > > > > quite useful when using the ipv6 setup.
> > > > > > >
> > > > > > > Signed-off-by: Michael Eitelwein <michael(a)eitelwein.net>
> > > > > > >
> > > > > > > ---
> > > > > > > html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++-
> > > > > > > -
> > > > > > > html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43
> > > > > > > ++++++++-
> > > > > > > ----
> > > > > > > html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++-
> > > > > > > --
> > > > > > > html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++-
> > > > > > > -
> > > > > > > html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81
> > > > > > > +++++++++++++++++-------
> > > > > > > html/cgi-bin/logs.cgi/showrequestfromip.dat | 27
> > > > > > > ++++--
> > > > > > > --
> > > > > > > html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++-
> > > > > > > -
> > > > > > > 7 files changed, 131 insertions(+), 75 deletions(-)
> > > > > > >
> > > > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat
> > > > > > > b/html/cgi
> > > > > > > -bin/logs.cgi/firewalllog.dat
> > > > > > > index 5a584d6..42c9612 100644
> > > > > > > --- a/html/cgi-bin/logs.cgi/firewalllog.dat
> > > > > > > +++ b/html/cgi-bin/logs.cgi/firewalllog.dat
> > > > > > > @@ -328,7 +328,10 @@ END
> > > > > > > $lines = 0;
> > > > > > > foreach $_ (@log)
> > > > > > > {
> > > > > > > - /^... (..) (..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/;
> > > > > > > + # If ipv6 uses a bridge, PHYSIN= contains the
> > > > > > > relevant
> > > > > > > iface
> > > > > > > information
> > > > > > > + # otherwise use IN=
> > > > > > > + if ($_ =~ /^... (..) (..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > > > + elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/) {}
> > > > > > > my $day = $1;
> > > > > > > $day =~ tr / /0/;
> > > > > > > my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
> > > > > > > @@ -336,9 +339,12 @@ foreach $_ (@log)
> > > > > > > my $packet = $4;
> > > > > > >
> > > > > > > my ($iface, $srcaddr, $dstaddr, $macaddr, $proto,
> > > > > > > $srcport,
> > > > > > > $dstport);
> > > > > > > - $iface=$1 if $packet =~ /IN=(\w+)/;
> > > > > > > - $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
> > > > > > > - $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
> > > > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 }
> > > > > > > elsif
> > > > > > > ($packet
> > > > > > > =~ /IN=(\w+)/) { $iface = $1}
> > > > > > > + # Identify whether ipv4 or ipv6. Both are
> > > > > > > mutally
> > > > > > > exclusive.
> > > > > > > + if ($packet =~
> > > > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
> > > > > > > $srcaddr=$1 }
> > > > > > > + if ($packet =~ /SRC\=(([0-9a-fA
> > > > > > > -F]{0,4})(\:([0
> > > > > > > -9a-fA
> > > > > > > -F]{0,4})){2,7})/) { $srcaddr=$1 }
> > > > > > > + if ($packet =~
> > > > > > > /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) {
> > > > > > > $dstaddr=$1 }
> > > > > > > + if ($packet =~ /DST\=(([0-9a-fA
> > > > > > > -F]{0,4})(\:([0
> > > > > > > -9a-fA
> > > > > > > -F]{0,4})){2,7})/) { $dstaddr=$1 }
> > > > > > > $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
> > > > > > > $proto=$1 if $packet =~ /PROTO=(\w+)/;
> > > > > > > $srcport=$1 if $packet =~ /SPT=(\d+)/;
> > > > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> > > > > > > b/html/cgi
> > > > > > > -bin/logs.cgi/firewalllogcountry.dat
> > > > > > > index f998a62..2661ddd 100644
> > > > > > > --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> > > > > > > +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
> > > > > > > @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=
> > > > > > > 0){$pienumber=$cgiparams{'pienumber'};}
> > > > > > > if( $cgiparams{'otherspie'} !=
> > > > > > > 0){$otherspie=$cgiparams{'otherspie'};}
> > > > > > > if( $cgiparams{'showpie'} !=
> > > > > > > 0){$showpie=$cgiparams{'showpie'};}
> > > > > > > if( $cgiparams{'sortcolumn'} !=
> > > > > > > 0){$sortcolumn=$cgiparams{'sortcolumn'};}
> > > > > > > -
> > > > > > > print <<END
> > > > > > > </select>
> > > > > > > </td>
> > > > > > > @@ -294,15 +293,24 @@ $lines = 0;
> > > > > > >
> > > > > > > foreach $_ (@log)
> > > > > > > {
> > > > > > > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > > > + # If ipv6 uses bridge, use PHYSIN for iface, otherwise
> > > > > > > IN
> > > > > > > + if (/^... (..) (..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > > > + elsif (/^... (..) (..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/)
> > > > > > > {}
> > > > > > > my $packet = $4;
> > > > > > > - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~
> > > > > > > /2./
> > > > > > > ){
> > > > > > > $iface="";}
> > > > > > > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> > > > > > > + my $iface = '';
> > > > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> > > > > > > ($packet
> > > > > > > =~
> > > > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > > > + if ( $1 =~ /2./ ) { $iface=''; }
> > > > > > > + my $srcaddr = '';
> > > > > > > + # Find ipv4 and ipv6 addresses
> > > > > > > + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > {
> > > > > > > $srcaddr
> > > > > > > = $1 }
> > > > > > > + elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a
> > > > > > > -fA
> > > > > > > -F]{0,4})){2,7})/) { $srcaddr = $1 }
> > > > > > >
> > > > > > > if($iface eq $red_interface) {
> > > > > > > + # Traffic from red
> > > > > > > if($srcaddr ne '') {
> > > > > > > + # srcaddr is set
> > > > > > > my $ccode = $gi->country_code_by_name($srcaddr);
> > > > > > > - if( $ccode eq '') {
> > > > > > > + if ($ccode eq '') {
> > > > > > > $ccode = 'unknown';
> > > > > > > }
> > > > > > > $tabjc{$ccode} = $tabjc{$ccode} + 1 ;
> > > > > > > @@ -311,11 +319,16 @@ foreach $_ (@log)
> > > > > > > }
> > > > > > > }
> > > > > > > else {
> > > > > > > + # Traffic not from red
> > > > > > > if($iface ne '') {
> > > > > > > $tabjc{$iface} = $tabjc{$iface} + 1 ;
> > > > > > > if(($tabjc{$iface} == 1) && ($lines <
> > > > > > > $pienumber)) {
> > > > > > > $lines
> > > > > > > = $lines + 1; }
> > > > > > > $linesjc++;
> > > > > > > }
> > > > > > > + else {
> > > > > > > + # What to do with empty iface lines?
> > > > > > > + # This probably is traffic from ipfire itself (IN=
> > > > > > > OUT=XY)?
> > > > > > > + }
> > > > > > > }
> > > > > > > }
> > > > > > >
> > > > > > > @@ -423,7 +436,6 @@ if ($showpie != 2 && $pienumber <= 50
> > > > > > > &&
> > > > > > > $pienumber != 0) {
> > > > > > > print "<img src='/graphs/fwlog
> > > > > > > -country$imagerandom.png'>";
> > > > > > > print "</div>";
> > > > > > > }
> > > > > > > -
> > > > > > > print <<END
> > > > > > > <table width='100%' class='tbl'>
> > > > > > > <tr>
> > > > > > > @@ -448,10 +460,8 @@ for($s=0;$s<$lines;$s++)
> > > > > > > $percent = $value[$s] * 100 / $linesjc;
> > > > > > > $percent = sprintf("%.f", $percent);
> > > > > > > $total = $total + $value[$s];
> > > > > > > - my $colorIndex = $color % 10;
> > > > > > > - if($colorIndex == 0) {
> > > > > > > - $colorIndex = 10;
> > > > > > > - }
> > > > > > > + # colors are numbered 1 to 10
> > > > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > > > $color++;
> > > > > > > print "<tr>";
> > > > > > > @@ -466,8 +476,11 @@ for($s=0;$s<$lines;$s++)
> > > > > > > print"<input type='hidden' name='country'
> > > > > > > value='$key[$s]'>";
> > > > > > > print"<input type='submit' value='details'></form>";
> > > > > > > }
> > > > > > > -
> > > > > > > - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' ||
> > > > > > > $key[$s]
> > > > > > > eq
> > > > > > > 'orange0') {
> > > > > > > + elsif ($key[$s] eq 'unknown') {
> > > > > > > + print "unknown";
> > > > > > > + }
> > > > > > > + # Looks dangerous to use hardcoded interface names
> > > > > > > here.
> > > > > > > Probably
> > > > > > > needs fixing.
> > > > > > > + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' ||
> > > > > > > $key[$s] eq
> > > > > > > 'orange0' ) {
> > > > > > > print "<td align='center' $col>$key[$s]</td>";
> > > > > > > }
> > > > > > > else {
> > > > > > > @@ -489,10 +502,8 @@ for($s=0;$s<$lines;$s++)
> > > > > > >
> > > > > > > if($cgiparams{'otherspie'} == 2 ){}
> > > > > > > else{
> > > > > > > - my $colorIndex = $color % 10;
> > > > > > > - if($colorIndex == 0) {
> > > > > > > - $colorIndex = 10;
> > > > > > > - }
> > > > > > > + # colors are numbered 1 to 10
> > > > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > > > print "<tr>";
> > > > > > >
> > > > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat
> > > > > > > b/html/cgi
> > > > > > > -bin/logs.cgi/firewalllogip.dat
> > > > > > > index 7d82d20..6fc3422 100644
> > > > > > > --- a/html/cgi-bin/logs.cgi/firewalllogip.dat
> > > > > > > +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat
> > > > > > > @@ -291,7 +291,8 @@ if ($pienumber == -1 || $pienumber >
> > > > > > > $lines
> > > > > > > > >
> > > > > > > $sortcolumn == 2) { $pienumber =
> > > > > > > $lines = 0;
> > > > > > > foreach $_ (@log)
> > > > > > > {
> > > > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > > > + # Extract ipv4 or ipv6 address
> > > > > > > + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > > > ($_
> > > > > > > =~
> > > > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > $tabjc{$1} = $tabjc{$1} + 1 ;
> > > > > > > if(($tabjc{$1} == 1) && ($lines < $pienumber)) {
> > > > > > > $lines
> > > > > > > =
> > > > > > > $lines + 1; }
> > > > > > > $linesjc++;
> > > > > > > @@ -428,10 +429,8 @@ for($s=0;$s<$lines;$s++)
> > > > > > > $percent = $value[$s] * 100 / $linesjc;
> > > > > > > $percent = sprintf("%.f", $percent);
> > > > > > > $total = $total + $value[$s];
> > > > > > > - my $colorIndex = $color % 10;
> > > > > > > - if($colorIndex == 0) {
> > > > > > > - $colorIndex = 10;
> > > > > > > - }
> > > > > > > + # colors are numbered 1 to 10
> > > > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > > > print "<tr>";
> > > > > > >
> > > > > > > @@ -459,10 +458,8 @@ for($s=0;$s<$lines;$s++)
> > > > > > >
> > > > > > > if($cgiparams{'otherspie'} == 2 ){}
> > > > > > > else{
> > > > > > > - my $colorIndex = $color % 10;
> > > > > > > - if($colorIndex == 0) {
> > > > > > > - $colorIndex = 10;
> > > > > > > - }
> > > > > > > + # colors are numbered 1 to 10
> > > > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > > > print "<tr>";
> > > > > > >
> > > > > > > diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat
> > > > > > > b/html/cgi
> > > > > > > -bin/logs.cgi/firewalllogport.dat
> > > > > > > index 5b0db62..583c1b3 100644
> > > > > > > --- a/html/cgi-bin/logs.cgi/firewalllogport.dat
> > > > > > > +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat
> > > > > > > @@ -429,10 +429,8 @@ for($s=0;$s<$lines;$s++)
> > > > > > > $percent = $value[$s] * 100 / $linesjc;
> > > > > > > $percent = sprintf("%.f", $percent);
> > > > > > > $total = $total + $value[$s];
> > > > > > > - my $colorIndex = $color % 10;
> > > > > > > - if($colorIndex == 0) {
> > > > > > > - $colorIndex = 10;
> > > > > > > - }
> > > > > > > + # colors are numbered 1 to 10
> > > > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > > > print "<tr>";
> > > > > > >
> > > > > > > @@ -446,10 +444,8 @@ for($s=0;$s<$lines;$s++)
> > > > > > >
> > > > > > > if($cgiparams{'otherspie'} == 2 ){}
> > > > > > > else{
> > > > > > > - my $colorIndex = $color % 10;
> > > > > > > - if($colorIndex == 0) {
> > > > > > > - $colorIndex = 10;
> > > > > > > - }
> > > > > > > + # colors are numbered 1 to 10
> > > > > > > + my $colorIndex = ($color % 10) + 1;
> > > > > > > $col="bgcolor='$color{\"color$colorIndex\"}'";
> > > > > > > print "<tr>";
> > > > > > >
> > > > > > > diff --git a/html/cgi
> > > > > > > -bin/logs.cgi/showrequestfromcountry.dat
> > > > > > > b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> > > > > > > index 5283c42..0784ab9 100644
> > > > > > > --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> > > > > > > +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
> > > > > > > @@ -158,23 +158,35 @@ if (!$skip)
> > > > > > > {
> > > > > > > while (<FILE>)
> > > > > > > {
> > > > > > > - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > > > kernel:.*(IN=.*)$/) {
> > > > > > > - my $packet = $2;
> > > > > > > - $packet =~ /IN=(\w+)/; my $iface=$1;
> > > > > > > if (
> > > > > > > $1
> > > > > > > =~
> > > > > > > /2./ ){ $iface="";}
> > > > > > > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> > > > > > > + # First check whether valid log line (date, day)
> > > > > > > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > > > kernel:.*(IN=.*)$/) {
> > > > > > > + # If ipv6 uses bridge, then use PHYSIN otherwise
> > > > > > > use
> > > > > > > IN
> > > > > > > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\
> > > > > > > -]+
> > > > > > > kernel:.*(PHYSIN=.*)$/) {}
> > > > > > > + elsif (/(^${monthstr} ${daystr} ..:..:..)
> > > > > > > [\w\
> > > > > > > -]+
> > > > > > > kernel:.*(IN=.*)$/) {}
> > > > > > > + my $packet = $2;
> > > > > > > + my $iface = '';
> > > > > > > + my $srcaddr = '';
> > > > > > > + # If ipv6 uses bridge, use PHYSIN otherwise
> > > > > > > IN
> > > > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1
> > > > > > > }
> > > > > > > elsif
> > > > > > > ($packet =~ /IN=(\w+)/) { $iface = $1 }
> > > > > > > + # Extract ipv4 and ipv6 addresses
> > > > > > > + if (($packet =~
> > > > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> > > > > > > -F]{0,4})){2,7})/)) {
> > > > > > > + $srcaddr = $1
> > > > > > > + };
> > > > > > >
> > > > > > > if($iface eq $country) {
> > > > > > > + # iface matches country code
> > > > > > > $log[$lines] = $_;
> > > > > > > $lines++;
> > > > > > > }
> > > > > > > elsif($srcaddr ne '') {
> > > > > > > + # or srcaddr matches country code
> > > > > > > my $ccode = $gi
> > > > > > > ->country_code_by_name($srcaddr);
> > > > > > > if($ccode eq $country){
> > > > > > > $log[$lines] = $_;
> > > > > > > $lines++;
> > > > > > > }
> > > > > > > }
> > > > > > > - }
> > > > > > > + }
> > > > > > > }
> > > > > > > close (FILE);
> > > > > > > }
> > > > > > > @@ -194,16 +206,28 @@ if ($multifile) {
> > > > > > > }
> > > > > > > if (!$skip) {
> > > > > > > while (<FILE>) {
> > > > > > > - if (/(^${monthstr} ${daystr} ..:..:..) [\w\
> > > > > > > -]+
> > > > > > > kernel:.*(IN=.*)$/) {
> > > > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > > > - my $srcaddr=$1;
> > > > > > > - my $ccode = $gi
> > > > > > > ->country_code_by_name($srcaddr);
> > > > > > > - if($ccode eq $country){
> > > > > > > + # Check if valid log line (date, day)
> > > > > > > + if (/(^${monthstr} ${daystr} ..:..:..) [\w\
> > > > > > > -]+
> > > > > > > kernel:.*(IN=.*)$/) {
> > > > > > > + my $iface = '';
> > > > > > > + # If ipv6 uses bridge, then use
> > > > > > > PHYSIN
> > > > > > > otherwise
> > > > > > > IN
> > > > > > > + if ($_ =~ /PHYSIN=(\w+)/) { $iface =
> > > > > > > $1
> > > > > > > }
> > > > > > > elsif
> > > > > > > ($_ =~ /IN=(\w+)/) { $iface = $1 }
> > > > > > > +
> > > > > > > + if($iface eq $country) {
> > > > > > > + # iface matches country code
> > > > > > > + $log[$lines] = $_;
> > > > > > > + $lines++;
> > > > > > > + }
> > > > > > > + # extract ipv4 and ipv6 address
> > > > > > > + elsif (($_ =~
> > > > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~
> > > > > > > /SRC\=(([0
> > > > > > > -9a
> > > > > > > -fA
> > > > > > > -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > > > + my $srcaddr=$1;
> > > > > > > + my $ccode = $gi
> > > > > > > ->country_code_by_name($srcaddr);
> > > > > > > + if($ccode eq $country){
> > > > > > > + # or srcaddr matches country
> > > > > > > code
> > > > > > > $log[$lines] = $_;
> > > > > > > $lines++;
> > > > > > > + }
> > > > > > > }
> > > > > > > - }
> > > > > > > - }
> > > > > > > + }
> > > > > > > }
> > > > > > > close (FILE);
> > > > > > > }
> > > > > > > @@ -308,32 +332,45 @@ $lines = 0;
> > > > > > > foreach $_ (@slice)
> > > > > > > {
> > > > > > > $a = $_;
> > > > > > > - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > > > + # If ipv6 uses bridge, use PHYSIN otherwise use IN
> > > > > > > + if (/^... (..) (..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > > > + elsif (/^... (..) (..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/)
> > > > > > > {};
> > > > > > > my $packet = $4;
> > > > > > > - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~
> > > > > > > /2./
> > > > > > > ){
> > > > > > > $iface="";}
> > > > > > > - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
> > > > > > > + my $iface = '';
> > > > > > > + # If ipv6 uses bridge, use PHYSIN otherwise use IN
> > > > > > > + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> > > > > > > ($packet
> > > > > > > =~
> > > > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > > > + if ( $1 =~ /2./ ){ $iface="";}
> > > > > > > + my $srcaddr = '';
> > > > > > > + # Extract ipv4 and ipv6 addresses
> > > > > > > + if (($packet =~
> > > > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > > > ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> > > > > > > -F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > + $srcaddr = $1
> > > > > > > + };
> > > > > > >
> > > > > > > if($iface eq $country || $srcaddr ne '') {
> > > > > > > - my $ccode;
> > > > > > > + my $ccode='';
> > > > > > > if($iface ne $country) {
> > > > > > > $ccode = $gi->country_code_by_name($srcaddr);
> > > > > > > }
> > > > > > > if($iface eq $country || $ccode eq $country) {
> > > > > > > - my $chain = '';
> > > > > > > + my $chain = '';
> > > > > > > my $in = '-'; my $out = '-';
> > > > > > > my $srcaddr = ''; my $dstaddr = '';
> > > > > > > my $protostr = '';
> > > > > > > my $srcport = ''; my $dstport = '';
> > > > > > >
> > > > > > > - $_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/;
> > > > > > > + # If ipv6 uses bridge, the use PHYSIN otherwise
> > > > > > > use IN
> > > > > > > + if ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(PHYSIN=.*)$/) {}
> > > > > > > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/)
> > > > > > > {}
> > > > > > > my $timestamp = $1; my $chain = $2; my $packet =
> > > > > > > $3;
> > > > > > > $timestamp =~ /(...) (..) (..:..:..)/;
> > > > > > > my $month = $1; my $day = $2; my $time = $3;
> > > > > > >
> > > > > > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> > > > > > > - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> > > > > > > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> > > > > > > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> > > > > > > + # If ipv6 uses bridge, use PHYSIN and PHYSOUT,
> > > > > > > otherwise
> > > > > > > use
> > > > > > > IN and OUT
> > > > > > > + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> > > > > > > ($a =~
> > > > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > > > + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a
> > > > > > > =~
> > > > > > > /OUT=(\w+)/) { $out = $1 }
> > > > > > > + # Extract ipv4 and ipv6 addresses
> > > > > > > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or
> > > > > > > ($a
> > > > > > > =~
> > > > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > $srcaddr =
> > > > > > > $1; }
> > > > > > > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or
> > > > > > > ($a
> > > > > > > =~
> > > > > > > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > $dstaddr =
> > > > > > > $1; }
> > > > > > > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> > > > > > > my $protostrlc = lc($protostr);
> > > > > > > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
> > > > > > > diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat
> > > > > > > b/html/cgi
> > > > > > > -bin/logs.cgi/showrequestfromip.dat
> > > > > > > index 09a60b5..94e795c 100644
> > > > > > > --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat
> > > > > > > +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat
> > > > > > > @@ -155,7 +155,7 @@ if (!$skip)
> > > > > > > while (<FILE>)
> > > > > > > {
> > > > > > > if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+
> > > > > > > kernel:.*(IN=.*)$/) {
> > > > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > > > + if (($_ =~
> > > > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA
> > > > > > > -F]{0,4})){2,7})/)) {
> > > > > > > if($1 eq $ip){
> > > > > > > $log[$lines] = $_;
> > > > > > > $lines++;
> > > > > > > @@ -182,12 +182,12 @@ if ($multifile) {
> > > > > > > if (!$skip) {
> > > > > > > while (<FILE>) {
> > > > > > > if (/(^${monthstr} ${daystr} ..:..:..) [\w\
> > > > > > > -]+
> > > > > > > kernel:.*(IN=.*)$/) {
> > > > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > > > - if($1 eq $ip){
> > > > > > > + if (($_ =~
> > > > > > > /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~
> > > > > > > /SRC\=(([0
> > > > > > > -9a
> > > > > > > -fA
> > > > > > > -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
> > > > > > > + if($1 eq $ip){
> > > > > > > $log[$lines] = $_;
> > > > > > > $lines++;
> > > > > > > - }
> > > > > > > - }
> > > > > > > + }
> > > > > > > + }
> > > > > > > }
> > > > > > > }
> > > > > > > close (FILE);
> > > > > > > @@ -293,7 +293,8 @@ $lines = 0;
> > > > > > > foreach $_ (@slice)
> > > > > > > {
> > > > > > > $a = $_;
> > > > > > > - if($_ =~ /SRC\=([\d\.]+)/){
> > > > > > > + # Check whether valid ipv4 or ipv6 address
> > > > > > > + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or
> > > > > > > ($_
> > > > > > > =~
> > > > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > if($1 eq $ip){
> > > > > > > my $chain = '';
> > > > > > > my $in = '-'; my $out = '-';
> > > > > > > @@ -301,15 +302,19 @@ foreach $_ (@slice)
> > > > > > > my $protostr = '';
> > > > > > > my $srcport = ''; my $dstport = '';
> > > > > > >
> > > > > > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > > > + # If ipv6 uses bridge, the use PHYSIN, otherwise use
> > > > > > > IN
> > > > > > > + if ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(PHYSIN=.*)$/)
> > > > > > > {}
> > > > > > > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/)
> > > > > > > {}
> > > > > > > my $timestamp = $1; my $chain = $2; my $packet = $3;
> > > > > > > $timestamp =~ /(...) (..) (..:..:..)/;
> > > > > > > my $month = $1; my $day = $2; my $time = $3;
> > > > > > >
> > > > > > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> > > > > > > - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> > > > > > > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> > > > > > > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> > > > > > > + # If ipv6 uses bridge, the use PHYSIN and
> > > > > > > PHYSOUT,
> > > > > > > otherwise
> > > > > > > use IN and OUT
> > > > > > > + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif
> > > > > > > ($a
> > > > > > > =~
> > > > > > > /IN=(\w+)/) { $iface = $1 }
> > > > > > > + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif
> > > > > > > ($a
> > > > > > > =~
> > > > > > > /OUT=(\w+)/) { $out = $1 }
> > > > > > > + # Detect ipv4 and ipv6 addresses
> > > > > > > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or
> > > > > > > ($a =~
> > > > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > $srcaddr =
> > > > > > > $1; }
> > > > > > > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or
> > > > > > > ($a =~
> > > > > > > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > $dstaddr =
> > > > > > > $1; }
> > > > > > > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> > > > > > > my $protostrlc = lc($protostr);
> > > > > > > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
> > > > > > > diff --git a/html/cgi
> > > > > > > -bin/logs.cgi/showrequestfromport.dat
> > > > > > > b/html/cgi
> > > > > > > -bin/logs.cgi/showrequestfromport.dat
> > > > > > > index ad9823c..af7779a 100644
> > > > > > > --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat
> > > > > > > +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat
> > > > > > > @@ -307,15 +307,19 @@ foreach $_ (@slice)
> > > > > > > my $protostr = '';
> > > > > > > my $srcport = ''; my $dstport = '';
> > > > > > >
> > > > > > > - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
> > > > > > > + # If ipv6 uses bridge, the use PHYSIN, otherwise
> > > > > > > use
> > > > > > > IN
> > > > > > > + if ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(PHYSIN=.*)$/)
> > > > > > > {}
> > > > > > > + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+
> > > > > > > kernel:(.*)(IN=.*)$/)
> > > > > > > {}
> > > > > > > my $timestamp = $1; my $chain = $2; my $packet = $3;
> > > > > > > $timestamp =~ /(...) (..) (..:..:..)/;
> > > > > > > my $month = $1; my $day = $2; my $time = $3; my
> > > > > > > $iface;
> > > > > > >
> > > > > > > - if ($a =~ /IN\=(\w+)/) { $iface = $1; }
> > > > > > > - if ($a =~ /OUT\=(\w+)/) { $out = $1; }
> > > > > > > - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
> > > > > > > - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
> > > > > > > + # If ipv6 uses bridge, the use PHYSIN and
> > > > > > > PHYSOUT,
> > > > > > > otherwise
> > > > > > > use IN and OUT
> > > > > > > + if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif
> > > > > > > ($a =~
> > > > > > > /IN\=(\w+)/) { $iface = $1; }
> > > > > > > + if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif
> > > > > > > ($a
> > > > > > > =~
> > > > > > > /OUT\=(\w+)/) { $out = $1; }
> > > > > > > + # Detect ipv4 and ipv6 addresses
> > > > > > > + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or
> > > > > > > ($a =~
> > > > > > > /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > $srcaddr =
> > > > > > > $1; }
> > > > > > > + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/)
> > > > > > > or
> > > > > > > ($a =~
> > > > > > > /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/))
> > > > > > > {
> > > > > > > $dstaddr =
> > > > > > > $1; }
> > > > > > > if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
> > > > > > > my $protostrlc = lc($protostr);
> > > > > > > if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-01-23 13:07 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-01-10 17:34 [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI Michael Eitelwein
2016-01-22 0:59 ` Michael Tremer
2016-01-23 10:59 AW: " Michael Tremer
2016-01-23 11:59 ` Michael Eitelwein
2016-01-23 13:07 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox