Re: [PATCH] display GeoIP information on active network connections in WebUI

[Michael Tremer <michael.tremer@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 4573 bytes --]

Basically this patch looks simple and good to me.

But since we are using the perl module quite a bit, could we not put
those few lines into a function so that if we need to change anything
we do that everywhere at once?

And secondly, I have some systems that have thousands of open
connections very often to the same IP addresses. Could we not add a
caching layer so that this isn't being looked up multiple times for the
same IP address if that is an expensive operation?

-Michael

On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote:
> Display the GeoIP flag for source and destination IP address
> on the connection tracking table in WebUI.
> 
> This could possibly make network or firewall rule debugging easier.
> 
> Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> ---
>  html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++
>  1 file changed, 26 insertions(+)
> 
> diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
> index 96f09012b..06dc74877 100644
> --- a/html/cgi-bin/connections.cgi
> +++ b/html/cgi-bin/connections.cgi
> @@ -23,6 +23,7 @@ use strict;
>  
>  use Net::IPv4Addr qw( :all );
>  use Switch;
> +use Geo::IP::PurePerl;
>  
>  # enable only the following on debugging purpose
>  #use warnings;
> @@ -31,6 +32,7 @@ use Switch;
>  require '/var/ipfire/general-functions.pl';
>  require "${General::swroot}/lang.pl";
>  require "${General::swroot}/header.pl";
> +require "${General::swroot}/geoip-functions.pl";
>  
>  my $colour_multicast = "#A0A0A0";
>  
> @@ -372,6 +374,7 @@ print <<END;
>  				<a href="?sort_field=5&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=5&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
>  			</th>
> +			<th>&nbsp;</th>
>  			<th style='text-align:center' colspan='2'>
>  				<a href="?sort_field=1&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=1&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> @@ -386,6 +389,7 @@ print <<END;
>  				<a href="?sort_field=4&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=4&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
>  			</th>
> +			<th>&nbsp;</th>
>  			<th style='text-align:center'>
>  				<a href="?sort_field=8&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=8&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> @@ -409,10 +413,16 @@ print <<END;
>  			<th style='text-align:center' colspan='2'>
>  				$Lang::tr{'source ip and port'}
>  			</th>
> +			<th style='text-align:center'>
> +				$Lang::tr{'country'}
> +			</th>
>  			<th style='text-align:center' colspan='2'>
>  				$Lang::tr{'dest ip and port'}
>  			</th>
>  			<th style='text-align:center'>
> +				$Lang::tr{'country'}
> +			</th>
> +			<th style='text-align:center'>
>  				$Lang::tr{'download'} /
>  				<br>$Lang::tr{'upload'}
>  			</th>
> @@ -540,6 +550,16 @@ foreach my $line (@conntrack) {
>  	my $bytes_in = format_bytes($bytes[0]);
>  	my $bytes_out = format_bytes($bytes[1]);
>  
> +	my $gi1 = Geo::IP::PurePerl->new();
> +	my $ccode1 = $gi1->country_code_by_name($sip_ret);
> +	my $fcode1 = lc($ccode1);
> +	my $flag_icon1 = &GeoIP::get_flag_icon($fcode1);
> +
> +	my $gi2 = Geo::IP::PurePerl->new();
> +	my $ccode2 = $gi2->country_code_by_name($dip_ret);
> +	my $fcode2 = lc($ccode2);
> +	my $flag_icon2 = &GeoIP::get_flag_icon($fcode2);
> +	
>  	# Format TTL
>  	$ttl = format_time($ttl);
>  
> @@ -601,6 +621,9 @@ foreach my $line (@conntrack) {
>  			</a>
>  			$sport_extra
>  		</td>
> +		<td style='text-align:center; background-color:$sip_colour;'>
> +			<a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a>
> +		</td>
>  		<td style='text-align:center; background-color:$dip_colour;'>
>  			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
>  				<span style='color:#FFFFFF;'>$dip</span>
> @@ -613,6 +636,9 @@ foreach my $line (@conntrack) {
>  			</a>
>  			$dport_extra
>  		</td>
> +		<td style='text-align:center; background-color:$dip_colour;'>
> +			<a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a>
> +		</td>
>  		<td style='text-align:center'>
>  			$bytes_in / $bytes_out
>  		</td>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]