[PATCH] display GeoIP information on active network connections in WebUI

[PATCH] display GeoIP information on active network connections in WebUI

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 3832 bytes --]

Display the GeoIP flag for source and destination IP address
on the connection tracking table in WebUI.

This could possibly make network or firewall rule debugging easier.

Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
---
 html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
index 96f09012b..06dc74877 100644
--- a/html/cgi-bin/connections.cgi
+++ b/html/cgi-bin/connections.cgi
@@ -23,6 +23,7 @@ use strict;
 
 use Net::IPv4Addr qw( :all );
 use Switch;
+use Geo::IP::PurePerl;
 
 # enable only the following on debugging purpose
 #use warnings;
@@ -31,6 +32,7 @@ use Switch;
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
+require "${General::swroot}/geoip-functions.pl";
 
 my $colour_multicast = "#A0A0A0";
 
@@ -372,6 +374,7 @@ print <<END;
 				<a href="?sort_field=5&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
 				<a href="?sort_field=5&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
 			</th>
+			<th>&nbsp;</th>
 			<th style='text-align:center' colspan='2'>
 				<a href="?sort_field=1&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
 				<a href="?sort_field=1&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
@@ -386,6 +389,7 @@ print <<END;
 				<a href="?sort_field=4&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
 				<a href="?sort_field=4&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
 			</th>
+			<th>&nbsp;</th>
 			<th style='text-align:center'>
 				<a href="?sort_field=8&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
 				<a href="?sort_field=8&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
@@ -409,10 +413,16 @@ print <<END;
 			<th style='text-align:center' colspan='2'>
 				$Lang::tr{'source ip and port'}
 			</th>
+			<th style='text-align:center'>
+				$Lang::tr{'country'}
+			</th>
 			<th style='text-align:center' colspan='2'>
 				$Lang::tr{'dest ip and port'}
 			</th>
 			<th style='text-align:center'>
+				$Lang::tr{'country'}
+			</th>
+			<th style='text-align:center'>
 				$Lang::tr{'download'} /
 				<br>$Lang::tr{'upload'}
 			</th>
@@ -540,6 +550,16 @@ foreach my $line (@conntrack) {
 	my $bytes_in = format_bytes($bytes[0]);
 	my $bytes_out = format_bytes($bytes[1]);
 
+	my $gi1 = Geo::IP::PurePerl->new();
+	my $ccode1 = $gi1->country_code_by_name($sip_ret);
+	my $fcode1 = lc($ccode1);
+	my $flag_icon1 = &GeoIP::get_flag_icon($fcode1);
+
+	my $gi2 = Geo::IP::PurePerl->new();
+	my $ccode2 = $gi2->country_code_by_name($dip_ret);
+	my $fcode2 = lc($ccode2);
+	my $flag_icon2 = &GeoIP::get_flag_icon($fcode2);
+	
 	# Format TTL
 	$ttl = format_time($ttl);
 
@@ -601,6 +621,9 @@ foreach my $line (@conntrack) {
 			</a>
 			$sport_extra
 		</td>
+		<td style='text-align:center; background-color:$sip_colour;'>
+			<a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a>
+		</td>
 		<td style='text-align:center; background-color:$dip_colour;'>
 			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
 				<span style='color:#FFFFFF;'>$dip</span>
@@ -613,6 +636,9 @@ foreach my $line (@conntrack) {
 			</a>
 			$dport_extra
 		</td>
+		<td style='text-align:center; background-color:$dip_colour;'>
+			<a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a>
+		</td>
 		<td style='text-align:center'>
 			$bytes_in / $bytes_out
 		</td>
-- 
2.13.6

Re: [PATCH] display GeoIP information on active network connections in WebUI

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 4573 bytes --]

Basically this patch looks simple and good to me.

But since we are using the perl module quite a bit, could we not put
those few lines into a function so that if we need to change anything
we do that everywhere at once?

And secondly, I have some systems that have thousands of open
connections very often to the same IP addresses. Could we not add a
caching layer so that this isn't being looked up multiple times for the
same IP address if that is an expensive operation?

-Michael

On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote:
> Display the GeoIP flag for source and destination IP address
> on the connection tracking table in WebUI.
> 
> This could possibly make network or firewall rule debugging easier.
> 
> Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> ---
>  html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++
>  1 file changed, 26 insertions(+)
> 
> diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
> index 96f09012b..06dc74877 100644
> --- a/html/cgi-bin/connections.cgi
> +++ b/html/cgi-bin/connections.cgi
> @@ -23,6 +23,7 @@ use strict;
>  
>  use Net::IPv4Addr qw( :all );
>  use Switch;
> +use Geo::IP::PurePerl;
>  
>  # enable only the following on debugging purpose
>  #use warnings;
> @@ -31,6 +32,7 @@ use Switch;
>  require '/var/ipfire/general-functions.pl';
>  require "${General::swroot}/lang.pl";
>  require "${General::swroot}/header.pl";
> +require "${General::swroot}/geoip-functions.pl";
>  
>  my $colour_multicast = "#A0A0A0";
>  
> @@ -372,6 +374,7 @@ print <<END;
>  				<a href="?sort_field=5&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=5&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
>  			</th>
> +			<th>&nbsp;</th>
>  			<th style='text-align:center' colspan='2'>
>  				<a href="?sort_field=1&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=1&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> @@ -386,6 +389,7 @@ print <<END;
>  				<a href="?sort_field=4&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=4&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
>  			</th>
> +			<th>&nbsp;</th>
>  			<th style='text-align:center'>
>  				<a href="?sort_field=8&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
>  				<a href="?sort_field=8&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> @@ -409,10 +413,16 @@ print <<END;
>  			<th style='text-align:center' colspan='2'>
>  				$Lang::tr{'source ip and port'}
>  			</th>
> +			<th style='text-align:center'>
> +				$Lang::tr{'country'}
> +			</th>
>  			<th style='text-align:center' colspan='2'>
>  				$Lang::tr{'dest ip and port'}
>  			</th>
>  			<th style='text-align:center'>
> +				$Lang::tr{'country'}
> +			</th>
> +			<th style='text-align:center'>
>  				$Lang::tr{'download'} /
>  				<br>$Lang::tr{'upload'}
>  			</th>
> @@ -540,6 +550,16 @@ foreach my $line (@conntrack) {
>  	my $bytes_in = format_bytes($bytes[0]);
>  	my $bytes_out = format_bytes($bytes[1]);
>  
> +	my $gi1 = Geo::IP::PurePerl->new();
> +	my $ccode1 = $gi1->country_code_by_name($sip_ret);
> +	my $fcode1 = lc($ccode1);
> +	my $flag_icon1 = &GeoIP::get_flag_icon($fcode1);
> +
> +	my $gi2 = Geo::IP::PurePerl->new();
> +	my $ccode2 = $gi2->country_code_by_name($dip_ret);
> +	my $fcode2 = lc($ccode2);
> +	my $flag_icon2 = &GeoIP::get_flag_icon($fcode2);
> +	
>  	# Format TTL
>  	$ttl = format_time($ttl);
>  
> @@ -601,6 +621,9 @@ foreach my $line (@conntrack) {
>  			</a>
>  			$sport_extra
>  		</td>
> +		<td style='text-align:center; background-color:$sip_colour;'>
> +			<a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a>
> +		</td>
>  		<td style='text-align:center; background-color:$dip_colour;'>
>  			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
>  				<span style='color:#FFFFFF;'>$dip</span>
> @@ -613,6 +636,9 @@ foreach my $line (@conntrack) {
>  			</a>
>  			$dport_extra
>  		</td>
> +		<td style='text-align:center; background-color:$dip_colour;'>
> +			<a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a>
> +		</td>
>  		<td style='text-align:center'>
>  			$bytes_in / $bytes_out
>  		</td>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH] display GeoIP information on active network connections in WebUI

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 4994 bytes --]

Hello Michael,

> Basically this patch looks simple and good to me.
Thanks, finally. :-)
> 
> But since we are using the perl module quite a bit, could we not put
> those few lines into a function so that if we need to change anything
> we do that everywhere at once?
> 
> And secondly, I have some systems that have thousands of open
> connections very often to the same IP addresses. Could we not add a
> caching layer so that this isn't being looked up multiple times for the
> same IP address if that is an expensive operation?
Could you (or somebody else) do this, please? I am afraid this is
one step to far for me at the moment.

Thanks and best regards,
Peter Müller
> 
> -Michael
> 
> On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote:
> > Display the GeoIP flag for source and destination IP address
> > on the connection tracking table in WebUI.
> > 
> > This could possibly make network or firewall rule debugging easier.
> > 
> > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> > ---
> >  html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++
> >  1 file changed, 26 insertions(+)
> > 
> > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
> > index 96f09012b..06dc74877 100644
> > --- a/html/cgi-bin/connections.cgi
> > +++ b/html/cgi-bin/connections.cgi
> > @@ -23,6 +23,7 @@ use strict;
> >  
> >  use Net::IPv4Addr qw( :all );
> >  use Switch;
> > +use Geo::IP::PurePerl;
> >  
> >  # enable only the following on debugging purpose
> >  #use warnings;
> > @@ -31,6 +32,7 @@ use Switch;
> >  require '/var/ipfire/general-functions.pl';
> >  require "${General::swroot}/lang.pl";
> >  require "${General::swroot}/header.pl";
> > +require "${General::swroot}/geoip-functions.pl";
> >  
> >  my $colour_multicast = "#A0A0A0";
> >  
> > @@ -372,6 +374,7 @@ print <<END;
> >  				<a href="?sort_field=5&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> >  				<a href="?sort_field=5&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> >  			</th>
> > +			<th>&nbsp;</th>
> >  			<th style='text-align:center' colspan='2'>
> >  				<a href="?sort_field=1&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> >  				<a href="?sort_field=1&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > @@ -386,6 +389,7 @@ print <<END;
> >  				<a href="?sort_field=4&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> >  				<a href="?sort_field=4&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> >  			</th>
> > +			<th>&nbsp;</th>
> >  			<th style='text-align:center'>
> >  				<a href="?sort_field=8&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> >  				<a href="?sort_field=8&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > @@ -409,10 +413,16 @@ print <<END;
> >  			<th style='text-align:center' colspan='2'>
> >  				$Lang::tr{'source ip and port'}
> >  			</th>
> > +			<th style='text-align:center'>
> > +				$Lang::tr{'country'}
> > +			</th>
> >  			<th style='text-align:center' colspan='2'>
> >  				$Lang::tr{'dest ip and port'}
> >  			</th>
> >  			<th style='text-align:center'>
> > +				$Lang::tr{'country'}
> > +			</th>
> > +			<th style='text-align:center'>
> >  				$Lang::tr{'download'} /
> >  				<br>$Lang::tr{'upload'}
> >  			</th>
> > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) {
> >  	my $bytes_in = format_bytes($bytes[0]);
> >  	my $bytes_out = format_bytes($bytes[1]);
> >  
> > +	my $gi1 = Geo::IP::PurePerl->new();
> > +	my $ccode1 = $gi1->country_code_by_name($sip_ret);
> > +	my $fcode1 = lc($ccode1);
> > +	my $flag_icon1 = &GeoIP::get_flag_icon($fcode1);
> > +
> > +	my $gi2 = Geo::IP::PurePerl->new();
> > +	my $ccode2 = $gi2->country_code_by_name($dip_ret);
> > +	my $fcode2 = lc($ccode2);
> > +	my $flag_icon2 = &GeoIP::get_flag_icon($fcode2);
> > +	
> >  	# Format TTL
> >  	$ttl = format_time($ttl);
> >  
> > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) {
> >  			</a>
> >  			$sport_extra
> >  		</td>
> > +		<td style='text-align:center; background-color:$sip_colour;'>
> > +			<a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a>
> > +		</td>
> >  		<td style='text-align:center; background-color:$dip_colour;'>
> >  			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
> >  				<span style='color:#FFFFFF;'>$dip</span>
> > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) {
> >  			</a>
> >  			$dport_extra
> >  		</td>
> > +		<td style='text-align:center; background-color:$dip_colour;'>
> > +			<a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a>
> > +		</td>
> >  		<td style='text-align:center'>
> >  			$bytes_in / $bytes_out
> >  		</td>  

[PATCH 1/2] geoip-functions.pl: Fix typos and formatting

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 969 bytes --]

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 config/cfgroot/geoip-functions.pl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl
index fc2dfdd34..623169eaf 100644
--- a/config/cfgroot/geoip-functions.pl
+++ b/config/cfgroot/geoip-functions.pl
@@ -63,10 +63,10 @@ sub get_flag_icon($) {
 		# the icon for "unknown".
 		my $ccode = "unknown";
 
-		# Redoing all the stuff from abouve for the "unknown" icon.
-		my $file = join('.', $ccode,$ext);
-		my $flag_icon = join('/', $flagdir,$file);
-		my $absolute_path = join('', $webroot,$flag_icon);
+		# Redoing all the stuff from above for the "unknown" icon.
+		my $file = join('.', $ccode, $ext);
+		my $flag_icon = join('/', $flagdir, $file);
+		my $absolute_path = join('', $webroot, $flag_icon);
 
 		# Check if the icon is present.
 		if (-e "$absolute_path") {
-- 
2.12.2

[PATCH 2/2] GeoIP: Add lookup function for convenience

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 7743 bytes --]

Instead of opening the database again for each lookup,
we will read it into memory on first use and every lookup
after that will be coming from cache.

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 config/cfgroot/geoip-functions.pl                | 15 +++++++++++++++
 html/cgi-bin/country.cgi                         | 10 +++++-----
 html/cgi-bin/logs.cgi/firewalllog.dat            |  9 +++------
 html/cgi-bin/logs.cgi/firewalllogcountry.dat     |  4 +---
 html/cgi-bin/logs.cgi/firewalllogip.dat          |  7 ++-----
 html/cgi-bin/logs.cgi/showrequestfromcountry.dat |  5 ++---
 6 files changed, 28 insertions(+), 22 deletions(-)

diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl
index 623169eaf..be50d5e14 100644
--- a/config/cfgroot/geoip-functions.pl
+++ b/config/cfgroot/geoip-functions.pl
@@ -23,8 +23,23 @@
 
 package GeoIP;
 
+use Geo::IP::PurePerl;
 use Locale::Codes::Country;
 
+my $database;
+
+sub lookup($) {
+	my $address = shift;
+
+	# Load the database into memory if not already done
+	if (!$database) {
+		$database = Geo::IP::PurePerl->new(GEOIP_MEMORY_CACHE);
+	}
+
+	# Return the name of the country
+	return $database->country_code_by_name($address);
+}
+
 # Function to get the flag icon for a specified country code.
 sub get_flag_icon($) {
 	my ($input) = @_;
diff --git a/html/cgi-bin/country.cgi b/html/cgi-bin/country.cgi
index f2ae81300..8df2427a9 100644
--- a/html/cgi-bin/country.cgi
+++ b/html/cgi-bin/country.cgi
@@ -60,7 +60,7 @@ foreach my $country (@countries) {
 	$lines++;
 
 	# Convert country code into upper case.
-	my $country_uc = uc($country);
+	$country = uc($country);
 
 	# Get flag icon for of the country.
 	my $flag_icon = &GeoIP::get_flag_icon($country);
@@ -69,8 +69,8 @@ foreach my $country (@countries) {
 	my $name = &GeoIP::get_full_country_name($country);
 
 	if ($lines % 2) {
-		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>";
-		print "<td $col>$country_uc</td>";
+		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>";
+		print "<td $col>$country</td>";
 		print "<td $col>$name</td></tr>\n";
 	} else {
 		$lines2++;
@@ -80,8 +80,8 @@ foreach my $country (@countries) {
 			$col="style='background-color:${Header::table1colour};'";
 		}
 		print "<tr>";
-		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>";
-		print "<td $col>$country_uc</td>";
+		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>";
+		print "<td $col>$country</td>";
 		print "<td $col>$name</td>";
 		print "<td $col>&nbsp;</td>";
 
diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat
index 5c9722b85..e67a40a9f 100644
--- a/html/cgi-bin/logs.cgi/firewalllog.dat
+++ b/html/cgi-bin/logs.cgi/firewalllog.dat
@@ -13,7 +13,6 @@
 #
 use strict;
 
-use Geo::IP::PurePerl;
 use Getopt::Std;
 
 # enable only the following on debugging purpose
@@ -352,9 +351,7 @@ foreach $_ (@log)
 	$srcport=$1 if $packet =~ /SPT=(\d+)/;
 	$dstport=$1 if $packet =~ /DPT=(\d+)/;
 
-	my $gi = Geo::IP::PurePerl->new();
-	my $ccode = $gi->country_code_by_name($srcaddr);
-	my $fcode = lc($ccode);
+	my $ccode = &GeoIP::lookup($srcaddr);
 
 	my $servi = uc(getservbyport($srcport, lc($proto)));
 	if ($servi ne '' && $srcport < 1024) {
@@ -386,10 +383,10 @@ foreach $_ (@log)
 END
 	;
 	# Get flag icon for of the country.
-	my $flag_icon = &GeoIP::get_flag_icon($fcode);
+	my $flag_icon = &GeoIP::get_flag_icon($ccode);
 
 	if ( $flag_icon) {
-		print "<td align='center' $col><a href='../country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>";
+		print "<td align='center' $col><a href='../country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>";
 	} else {
 		print "<td align='center' $col></td>";
 	}
diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
index f2b6048f7..949f2599d 100644
--- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
@@ -11,7 +11,6 @@
 #			    and Michael Tremer (www.ipfire.org)
 
 use strict;
-use Geo::IP::PurePerl;
 use Getopt::Std;
 
 # enable only the following on debugging purpose
@@ -287,7 +286,6 @@ print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
 my $red_interface = &General::get_red_interface();
 my $linesjc = 0;
 my %tabjc;
-my $gi = Geo::IP::PurePerl->new();
 
 if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; };
 $lines = 0;
@@ -310,7 +308,7 @@ foreach $_ (@log)
 		# Traffic from red
 		if($srcaddr ne '') {
 			# srcaddr is set
-			my $ccode = $gi->country_code_by_name($srcaddr);
+			my $ccode = &GeoIP::lookup($srcaddr);
 			if ($ccode eq '') {
 				$ccode = 'unknown';
 			}
diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi-bin/logs.cgi/firewalllogip.dat
index 9e366745d..c73d24fd6 100644
--- a/html/cgi-bin/logs.cgi/firewalllogip.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogip.dat
@@ -11,7 +11,6 @@
 #	                    and Michael Tremer (www.ipfire.org)
 
 use strict;
-use Geo::IP::PurePerl;
 use Getopt::Std;
 
 # enable only the following on debugging purpose
@@ -436,9 +435,7 @@ for($s=0;$s<$lines;$s++)
 	$col="bgcolor='$color{\"color$colorIndex\"}'";
 	print "<tr>";
 
-	my $gi = Geo::IP::PurePerl->new();
-	my $ccode = $gi->country_code_by_name($key[$s]);
-	my $fcode = lc($ccode);
+	my $ccode = &GeoIP::lookup($key[$s]);
   
 	$color++;
 	print "<td align='center' $col><form method='post' action='showrequestfromip.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='ip' value='$key[$s]'> <input type='submit' value='$Lang::tr{'details'}'></form></td>";
@@ -448,7 +445,7 @@ for($s=0;$s<$lines;$s++)
 	my $flag_icon = &GeoIP::get_flag_icon($ccode);
 
 	if ( $flag_icon ) {
-		print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>";
+		print "<td align='center' $col><a href='/cgi-bin/country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>";
 	} else {
 		print "<td align='center' $col></td>";
 	}
diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
index b6383ed59..605873ac0 100644
--- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
+++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
@@ -13,9 +13,9 @@
 #use CGI::Carp 'fatalsToBrowser';
 
 #use strict;
-use Geo::IP::PurePerl;
 
 require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/geoip-functions.pl";
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 
@@ -152,7 +152,6 @@ if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
 my $lines = 0;
 my @log=();
 my $country = $cgiparams{country};
-my $gi = Geo::IP::PurePerl->new();
 
 if (!$skip)
 {
@@ -179,7 +178,7 @@ if (!$skip)
 			}
 			elsif($srcaddr ne '') {
 				# or srcaddr matches country code
-				my $ccode = $gi->country_code_by_name($srcaddr);
+				my $ccode = &GeoIP::lookup($srcaddr);
 				if($ccode eq uc($country)){
 					$log[$lines] = $_;
 					$lines++;
-- 
2.12.2

Re: [PATCH] display GeoIP information on active network connections in WebUI

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 5405 bytes --]

Hi,

I just posted a patch that does this.

Please have a look at it.

Best,
-Michael

On Wed, 2017-11-08 at 22:52 +0100, Peter Müller wrote:
> Hello Michael,
> 
> > Basically this patch looks simple and good to me.
> 
> Thanks, finally. :-)
> > 
> > But since we are using the perl module quite a bit, could we not put
> > those few lines into a function so that if we need to change anything
> > we do that everywhere at once?
> > 
> > And secondly, I have some systems that have thousands of open
> > connections very often to the same IP addresses. Could we not add a
> > caching layer so that this isn't being looked up multiple times for the
> > same IP address if that is an expensive operation?
> 
> Could you (or somebody else) do this, please? I am afraid this is
> one step to far for me at the moment.
> 
> Thanks and best regards,
> Peter Müller
> > 
> > -Michael
> > 
> > On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote:
> > > Display the GeoIP flag for source and destination IP address
> > > on the connection tracking table in WebUI.
> > > 
> > > This could possibly make network or firewall rule debugging easier.
> > > 
> > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> > > ---
> > >  html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++
> > >  1 file changed, 26 insertions(+)
> > > 
> > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
> > > index 96f09012b..06dc74877 100644
> > > --- a/html/cgi-bin/connections.cgi
> > > +++ b/html/cgi-bin/connections.cgi
> > > @@ -23,6 +23,7 @@ use strict;
> > >  
> > >  use Net::IPv4Addr qw( :all );
> > >  use Switch;
> > > +use Geo::IP::PurePerl;
> > >  
> > >  # enable only the following on debugging purpose
> > >  #use warnings;
> > > @@ -31,6 +32,7 @@ use Switch;
> > >  require '/var/ipfire/general-functions.pl';
> > >  require "${General::swroot}/lang.pl";
> > >  require "${General::swroot}/header.pl";
> > > +require "${General::swroot}/geoip-functions.pl";
> > >  
> > >  my $colour_multicast = "#A0A0A0";
> > >  
> > > @@ -372,6 +374,7 @@ print <<END;
> > >  				<a href="?sort_field=5&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > >  				<a href="?sort_field=5&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > >  			</th>
> > > +			<th>&nbsp;</th>
> > >  			<th style='text-align:center' colspan='2'>
> > >  				<a href="?sort_field=1&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > >  				<a href="?sort_field=1&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > @@ -386,6 +389,7 @@ print <<END;
> > >  				<a href="?sort_field=4&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > >  				<a href="?sort_field=4&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > >  			</th>
> > > +			<th>&nbsp;</th>
> > >  			<th style='text-align:center'>
> > >  				<a href="?sort_field=8&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > >  				<a href="?sort_field=8&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > @@ -409,10 +413,16 @@ print <<END;
> > >  			<th style='text-align:center' colspan='2'>
> > >  				$Lang::tr{'source ip and port'}
> > >  			</th>
> > > +			<th style='text-align:center'>
> > > +				$Lang::tr{'country'}
> > > +			</th>
> > >  			<th style='text-align:center' colspan='2'>
> > >  				$Lang::tr{'dest ip and port'}
> > >  			</th>
> > >  			<th style='text-align:center'>
> > > +				$Lang::tr{'country'}
> > > +			</th>
> > > +			<th style='text-align:center'>
> > >  				$Lang::tr{'download'} /
> > >  				<br>$Lang::tr{'upload'}
> > >  			</th>
> > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) {
> > >  	my $bytes_in = format_bytes($bytes[0]);
> > >  	my $bytes_out = format_bytes($bytes[1]);
> > >  
> > > +	my $gi1 = Geo::IP::PurePerl->new();
> > > +	my $ccode1 = $gi1->country_code_by_name($sip_ret);
> > > +	my $fcode1 = lc($ccode1);
> > > +	my $flag_icon1 = &GeoIP::get_flag_icon($fcode1);
> > > +
> > > +	my $gi2 = Geo::IP::PurePerl->new();
> > > +	my $ccode2 = $gi2->country_code_by_name($dip_ret);
> > > +	my $fcode2 = lc($ccode2);
> > > +	my $flag_icon2 = &GeoIP::get_flag_icon($fcode2);
> > > +	
> > >  	# Format TTL
> > >  	$ttl = format_time($ttl);
> > >  
> > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) {
> > >  			</a>
> > >  			$sport_extra
> > >  		</td>
> > > +		<td style='text-align:center; background-color:$sip_colour;'>
> > > +			<a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a>
> > > +		</td>
> > >  		<td style='text-align:center; background-color:$dip_colour;'>
> > >  			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
> > >  				<span style='color:#FFFFFF;'>$dip</span>
> > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) {
> > >  			</a>
> > >  			$dport_extra
> > >  		</td>
> > > +		<td style='text-align:center; background-color:$dip_colour;'>
> > > +			<a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a>
> > > +		</td>
> > >  		<td style='text-align:center'>
> > >  			$bytes_in / $bytes_out
> > >  		</td>  
> 
> 

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH] display GeoIP information on active network connections in WebUI

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 5972 bytes --]

Hello Michael,

the patches look good.

Thanks for working on this.

However, I think for simple sites such as the DNS server list
or ipinfo.cgi, where we have only 1 or 2 queries, we do not need
to load the complete database to RAM.

Best regards,
Peter Müller

> Hi,
> 
> I just posted a patch that does this.
> 
> Please have a look at it.
> 
> Best,
> -Michael
> 
> On Wed, 2017-11-08 at 22:52 +0100, Peter Müller wrote:
> > Hello Michael,
> >   
> > > Basically this patch looks simple and good to me.  
> > 
> > Thanks, finally. :-)  
> > > 
> > > But since we are using the perl module quite a bit, could we not put
> > > those few lines into a function so that if we need to change anything
> > > we do that everywhere at once?
> > > 
> > > And secondly, I have some systems that have thousands of open
> > > connections very often to the same IP addresses. Could we not add a
> > > caching layer so that this isn't being looked up multiple times for the
> > > same IP address if that is an expensive operation?  
> > 
> > Could you (or somebody else) do this, please? I am afraid this is
> > one step to far for me at the moment.
> > 
> > Thanks and best regards,
> > Peter Müller  
> > > 
> > > -Michael
> > > 
> > > On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote:  
> > > > Display the GeoIP flag for source and destination IP address
> > > > on the connection tracking table in WebUI.
> > > > 
> > > > This could possibly make network or firewall rule debugging easier.
> > > > 
> > > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> > > > ---
> > > >  html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++
> > > >  1 file changed, 26 insertions(+)
> > > > 
> > > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
> > > > index 96f09012b..06dc74877 100644
> > > > --- a/html/cgi-bin/connections.cgi
> > > > +++ b/html/cgi-bin/connections.cgi
> > > > @@ -23,6 +23,7 @@ use strict;
> > > >  
> > > >  use Net::IPv4Addr qw( :all );
> > > >  use Switch;
> > > > +use Geo::IP::PurePerl;
> > > >  
> > > >  # enable only the following on debugging purpose
> > > >  #use warnings;
> > > > @@ -31,6 +32,7 @@ use Switch;
> > > >  require '/var/ipfire/general-functions.pl';
> > > >  require "${General::swroot}/lang.pl";
> > > >  require "${General::swroot}/header.pl";
> > > > +require "${General::swroot}/geoip-functions.pl";
> > > >  
> > > >  my $colour_multicast = "#A0A0A0";
> > > >  
> > > > @@ -372,6 +374,7 @@ print <<END;
> > > >  				<a href="?sort_field=5&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > >  				<a href="?sort_field=5&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > >  			</th>
> > > > +			<th>&nbsp;</th>
> > > >  			<th style='text-align:center' colspan='2'>
> > > >  				<a href="?sort_field=1&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > >  				<a href="?sort_field=1&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > > @@ -386,6 +389,7 @@ print <<END;
> > > >  				<a href="?sort_field=4&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > >  				<a href="?sort_field=4&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > >  			</th>
> > > > +			<th>&nbsp;</th>
> > > >  			<th style='text-align:center'>
> > > >  				<a href="?sort_field=8&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > >  				<a href="?sort_field=8&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > > @@ -409,10 +413,16 @@ print <<END;
> > > >  			<th style='text-align:center' colspan='2'>
> > > >  				$Lang::tr{'source ip and port'}
> > > >  			</th>
> > > > +			<th style='text-align:center'>
> > > > +				$Lang::tr{'country'}
> > > > +			</th>
> > > >  			<th style='text-align:center' colspan='2'>
> > > >  				$Lang::tr{'dest ip and port'}
> > > >  			</th>
> > > >  			<th style='text-align:center'>
> > > > +				$Lang::tr{'country'}
> > > > +			</th>
> > > > +			<th style='text-align:center'>
> > > >  				$Lang::tr{'download'} /
> > > >  				<br>$Lang::tr{'upload'}
> > > >  			</th>
> > > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) {
> > > >  	my $bytes_in = format_bytes($bytes[0]);
> > > >  	my $bytes_out = format_bytes($bytes[1]);
> > > >  
> > > > +	my $gi1 = Geo::IP::PurePerl->new();
> > > > +	my $ccode1 = $gi1->country_code_by_name($sip_ret);
> > > > +	my $fcode1 = lc($ccode1);
> > > > +	my $flag_icon1 = &GeoIP::get_flag_icon($fcode1);
> > > > +
> > > > +	my $gi2 = Geo::IP::PurePerl->new();
> > > > +	my $ccode2 = $gi2->country_code_by_name($dip_ret);
> > > > +	my $fcode2 = lc($ccode2);
> > > > +	my $flag_icon2 = &GeoIP::get_flag_icon($fcode2);
> > > > +	
> > > >  	# Format TTL
> > > >  	$ttl = format_time($ttl);
> > > >  
> > > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) {
> > > >  			</a>
> > > >  			$sport_extra
> > > >  		</td>
> > > > +		<td style='text-align:center; background-color:$sip_colour;'>
> > > > +			<a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a>
> > > > +		</td>
> > > >  		<td style='text-align:center; background-color:$dip_colour;'>
> > > >  			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
> > > >  				<span style='color:#FFFFFF;'>$dip</span>
> > > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) {
> > > >  			</a>
> > > >  			$dport_extra
> > > >  		</td>
> > > > +		<td style='text-align:center; background-color:$dip_colour;'>
> > > > +			<a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a>
> > > > +		</td>
> > > >  		<td style='text-align:center'>
> > > >  			$bytes_in / $bytes_out
> > > >  		</td>    
> > 
> >   

Re: [PATCH] display GeoIP information on active network connections in WebUI

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 6709 bytes --]

Hi,

I think that still makes sense since we have very short-running scripts
here and the database uses 1.1 MB of space on disk. So lets assume we
have a lot of overhead when we load it into memory, it might be up to
2MB which is totally fine with me.

Can you send an email with a Reviewed-by or Tested-by tag? Which ever
is suitable for what you did.

-Michael

On Sat, 2017-11-11 at 21:30 +0100, Peter Müller wrote:
> Hello Michael,
> 
> the patches look good.
> 
> Thanks for working on this.
> 
> However, I think for simple sites such as the DNS server list
> or ipinfo.cgi, where we have only 1 or 2 queries, we do not need
> to load the complete database to RAM.
> 
> Best regards,
> Peter Müller
> 
> > Hi,
> > 
> > I just posted a patch that does this.
> > 
> > Please have a look at it.
> > 
> > Best,
> > -Michael
> > 
> > On Wed, 2017-11-08 at 22:52 +0100, Peter Müller wrote:
> > > Hello Michael,
> > >   
> > > > Basically this patch looks simple and good to me.  
> > > 
> > > Thanks, finally. :-)  
> > > > 
> > > > But since we are using the perl module quite a bit, could we not put
> > > > those few lines into a function so that if we need to change anything
> > > > we do that everywhere at once?
> > > > 
> > > > And secondly, I have some systems that have thousands of open
> > > > connections very often to the same IP addresses. Could we not add a
> > > > caching layer so that this isn't being looked up multiple times for the
> > > > same IP address if that is an expensive operation?  
> > > 
> > > Could you (or somebody else) do this, please? I am afraid this is
> > > one step to far for me at the moment.
> > > 
> > > Thanks and best regards,
> > > Peter Müller  
> > > > 
> > > > -Michael
> > > > 
> > > > On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote:  
> > > > > Display the GeoIP flag for source and destination IP address
> > > > > on the connection tracking table in WebUI.
> > > > > 
> > > > > This could possibly make network or firewall rule debugging easier.
> > > > > 
> > > > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> > > > > ---
> > > > >  html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++
> > > > >  1 file changed, 26 insertions(+)
> > > > > 
> > > > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
> > > > > index 96f09012b..06dc74877 100644
> > > > > --- a/html/cgi-bin/connections.cgi
> > > > > +++ b/html/cgi-bin/connections.cgi
> > > > > @@ -23,6 +23,7 @@ use strict;
> > > > >  
> > > > >  use Net::IPv4Addr qw( :all );
> > > > >  use Switch;
> > > > > +use Geo::IP::PurePerl;
> > > > >  
> > > > >  # enable only the following on debugging purpose
> > > > >  #use warnings;
> > > > > @@ -31,6 +32,7 @@ use Switch;
> > > > >  require '/var/ipfire/general-functions.pl';
> > > > >  require "${General::swroot}/lang.pl";
> > > > >  require "${General::swroot}/header.pl";
> > > > > +require "${General::swroot}/geoip-functions.pl";
> > > > >  
> > > > >  my $colour_multicast = "#A0A0A0";
> > > > >  
> > > > > @@ -372,6 +374,7 @@ print <<END;
> > > > >  				<a href="?sort_field=5&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > > >  				<a href="?sort_field=5&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > > >  			</th>
> > > > > +			<th>&nbsp;</th>
> > > > >  			<th style='text-align:center' colspan='2'>
> > > > >  				<a href="?sort_field=1&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > > >  				<a href="?sort_field=1&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > > > @@ -386,6 +389,7 @@ print <<END;
> > > > >  				<a href="?sort_field=4&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > > >  				<a href="?sort_field=4&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > > >  			</th>
> > > > > +			<th>&nbsp;</th>
> > > > >  			<th style='text-align:center'>
> > > > >  				<a href="?sort_field=8&amp;sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a>
> > > > >  				<a href="?sort_field=8&amp;sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a>
> > > > > @@ -409,10 +413,16 @@ print <<END;
> > > > >  			<th style='text-align:center' colspan='2'>
> > > > >  				$Lang::tr{'source ip and port'}
> > > > >  			</th>
> > > > > +			<th style='text-align:center'>
> > > > > +				$Lang::tr{'country'}
> > > > > +			</th>
> > > > >  			<th style='text-align:center' colspan='2'>
> > > > >  				$Lang::tr{'dest ip and port'}
> > > > >  			</th>
> > > > >  			<th style='text-align:center'>
> > > > > +				$Lang::tr{'country'}
> > > > > +			</th>
> > > > > +			<th style='text-align:center'>
> > > > >  				$Lang::tr{'download'} /
> > > > >  				<br>$Lang::tr{'upload'}
> > > > >  			</th>
> > > > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) {
> > > > >  	my $bytes_in = format_bytes($bytes[0]);
> > > > >  	my $bytes_out = format_bytes($bytes[1]);
> > > > >  
> > > > > +	my $gi1 = Geo::IP::PurePerl->new();
> > > > > +	my $ccode1 = $gi1->country_code_by_name($sip_ret);
> > > > > +	my $fcode1 = lc($ccode1);
> > > > > +	my $flag_icon1 = &GeoIP::get_flag_icon($fcode1);
> > > > > +
> > > > > +	my $gi2 = Geo::IP::PurePerl->new();
> > > > > +	my $ccode2 = $gi2->country_code_by_name($dip_ret);
> > > > > +	my $fcode2 = lc($ccode2);
> > > > > +	my $flag_icon2 = &GeoIP::get_flag_icon($fcode2);
> > > > > +	
> > > > >  	# Format TTL
> > > > >  	$ttl = format_time($ttl);
> > > > >  
> > > > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) {
> > > > >  			</a>
> > > > >  			$sport_extra
> > > > >  		</td>
> > > > > +		<td style='text-align:center; background-color:$sip_colour;'>
> > > > > +			<a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a>
> > > > > +		</td>
> > > > >  		<td style='text-align:center; background-color:$dip_colour;'>
> > > > >  			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
> > > > >  				<span style='color:#FFFFFF;'>$dip</span>
> > > > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) {
> > > > >  			</a>
> > > > >  			$dport_extra
> > > > >  		</td>
> > > > > +		<td style='text-align:center; background-color:$dip_colour;'>
> > > > > +			<a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a>
> > > > > +		</td>
> > > > >  		<td style='text-align:center'>
> > > > >  			$bytes_in / $bytes_out
> > > > >  		</td>    
> > > 
> > >   
> 
> 

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH 1/2] geoip-functions.pl: Fix typos and formatting

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 1023 bytes --]

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
Reviewed-by: Peter Müller <peter.mueller(a)link38.eu>
---
 config/cfgroot/geoip-functions.pl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl
index fc2dfdd34..623169eaf 100644
--- a/config/cfgroot/geoip-functions.pl
+++ b/config/cfgroot/geoip-functions.pl
@@ -63,10 +63,10 @@ sub get_flag_icon($) {
 		# the icon for "unknown".
 		my $ccode = "unknown";
 
-		# Redoing all the stuff from abouve for the "unknown" icon.
-		my $file = join('.', $ccode,$ext);
-		my $flag_icon = join('/', $flagdir,$file);
-		my $absolute_path = join('', $webroot,$flag_icon);
+		# Redoing all the stuff from above for the "unknown" icon.
+		my $file = join('.', $ccode, $ext);
+		my $flag_icon = join('/', $flagdir, $file);
+		my $absolute_path = join('', $webroot, $flag_icon);
 
 		# Check if the icon is present.
 		if (-e "$absolute_path") {
-- 
2.12.2

Re: [PATCH 2/2] GeoIP: Add lookup function for convenience

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 7797 bytes --]

Instead of opening the database again for each lookup,
we will read it into memory on first use and every lookup
after that will be coming from cache.

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
Reviewed-by: Peter Müller <peter.mueller(a)link38.eu>
---
 config/cfgroot/geoip-functions.pl                | 15 +++++++++++++++
 html/cgi-bin/country.cgi                         | 10 +++++-----
 html/cgi-bin/logs.cgi/firewalllog.dat            |  9 +++------
 html/cgi-bin/logs.cgi/firewalllogcountry.dat     |  4 +---
 html/cgi-bin/logs.cgi/firewalllogip.dat          |  7 ++-----
 html/cgi-bin/logs.cgi/showrequestfromcountry.dat |  5 ++---
 6 files changed, 28 insertions(+), 22 deletions(-)

diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl
index 623169eaf..be50d5e14 100644
--- a/config/cfgroot/geoip-functions.pl
+++ b/config/cfgroot/geoip-functions.pl
@@ -23,8 +23,23 @@
 
 package GeoIP;
 
+use Geo::IP::PurePerl;
 use Locale::Codes::Country;
 
+my $database;
+
+sub lookup($) {
+	my $address = shift;
+
+	# Load the database into memory if not already done
+	if (!$database) {
+		$database = Geo::IP::PurePerl->new(GEOIP_MEMORY_CACHE);
+	}
+
+	# Return the name of the country
+	return $database->country_code_by_name($address);
+}
+
 # Function to get the flag icon for a specified country code.
 sub get_flag_icon($) {
 	my ($input) = @_;
diff --git a/html/cgi-bin/country.cgi b/html/cgi-bin/country.cgi
index f2ae81300..8df2427a9 100644
--- a/html/cgi-bin/country.cgi
+++ b/html/cgi-bin/country.cgi
@@ -60,7 +60,7 @@ foreach my $country (@countries) {
 	$lines++;
 
 	# Convert country code into upper case.
-	my $country_uc = uc($country);
+	$country = uc($country);
 
 	# Get flag icon for of the country.
 	my $flag_icon = &GeoIP::get_flag_icon($country);
@@ -69,8 +69,8 @@ foreach my $country (@countries) {
 	my $name = &GeoIP::get_full_country_name($country);
 
 	if ($lines % 2) {
-		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>";
-		print "<td $col>$country_uc</td>";
+		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>";
+		print "<td $col>$country</td>";
 		print "<td $col>$name</td></tr>\n";
 	} else {
 		$lines2++;
@@ -80,8 +80,8 @@ foreach my $country (@countries) {
 			$col="style='background-color:${Header::table1colour};'";
 		}
 		print "<tr>";
-		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>";
-		print "<td $col>$country_uc</td>";
+		print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>";
+		print "<td $col>$country</td>";
 		print "<td $col>$name</td>";
 		print "<td $col>&nbsp;</td>";
 
diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat
index 5c9722b85..e67a40a9f 100644
--- a/html/cgi-bin/logs.cgi/firewalllog.dat
+++ b/html/cgi-bin/logs.cgi/firewalllog.dat
@@ -13,7 +13,6 @@
 #
 use strict;
 
-use Geo::IP::PurePerl;
 use Getopt::Std;
 
 # enable only the following on debugging purpose
@@ -352,9 +351,7 @@ foreach $_ (@log)
 	$srcport=$1 if $packet =~ /SPT=(\d+)/;
 	$dstport=$1 if $packet =~ /DPT=(\d+)/;
 
-	my $gi = Geo::IP::PurePerl->new();
-	my $ccode = $gi->country_code_by_name($srcaddr);
-	my $fcode = lc($ccode);
+	my $ccode = &GeoIP::lookup($srcaddr);
 
 	my $servi = uc(getservbyport($srcport, lc($proto)));
 	if ($servi ne '' && $srcport < 1024) {
@@ -386,10 +383,10 @@ foreach $_ (@log)
 END
 	;
 	# Get flag icon for of the country.
-	my $flag_icon = &GeoIP::get_flag_icon($fcode);
+	my $flag_icon = &GeoIP::get_flag_icon($ccode);
 
 	if ( $flag_icon) {
-		print "<td align='center' $col><a href='../country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>";
+		print "<td align='center' $col><a href='../country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>";
 	} else {
 		print "<td align='center' $col></td>";
 	}
diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
index f2b6048f7..949f2599d 100644
--- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
@@ -11,7 +11,6 @@
 #			    and Michael Tremer (www.ipfire.org)
 
 use strict;
-use Geo::IP::PurePerl;
 use Getopt::Std;
 
 # enable only the following on debugging purpose
@@ -287,7 +286,6 @@ print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
 my $red_interface = &General::get_red_interface();
 my $linesjc = 0;
 my %tabjc;
-my $gi = Geo::IP::PurePerl->new();
 
 if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; };
 $lines = 0;
@@ -310,7 +308,7 @@ foreach $_ (@log)
 		# Traffic from red
 		if($srcaddr ne '') {
 			# srcaddr is set
-			my $ccode = $gi->country_code_by_name($srcaddr);
+			my $ccode = &GeoIP::lookup($srcaddr);
 			if ($ccode eq '') {
 				$ccode = 'unknown';
 			}
diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi-bin/logs.cgi/firewalllogip.dat
index 9e366745d..c73d24fd6 100644
--- a/html/cgi-bin/logs.cgi/firewalllogip.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogip.dat
@@ -11,7 +11,6 @@
 #	                    and Michael Tremer (www.ipfire.org)
 
 use strict;
-use Geo::IP::PurePerl;
 use Getopt::Std;
 
 # enable only the following on debugging purpose
@@ -436,9 +435,7 @@ for($s=0;$s<$lines;$s++)
 	$col="bgcolor='$color{\"color$colorIndex\"}'";
 	print "<tr>";
 
-	my $gi = Geo::IP::PurePerl->new();
-	my $ccode = $gi->country_code_by_name($key[$s]);
-	my $fcode = lc($ccode);
+	my $ccode = &GeoIP::lookup($key[$s]);
   
 	$color++;
 	print "<td align='center' $col><form method='post' action='showrequestfromip.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='ip' value='$key[$s]'> <input type='submit' value='$Lang::tr{'details'}'></form></td>";
@@ -448,7 +445,7 @@ for($s=0;$s<$lines;$s++)
 	my $flag_icon = &GeoIP::get_flag_icon($ccode);
 
 	if ( $flag_icon ) {
-		print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>";
+		print "<td align='center' $col><a href='/cgi-bin/country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>";
 	} else {
 		print "<td align='center' $col></td>";
 	}
diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
index b6383ed59..605873ac0 100644
--- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
+++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
@@ -13,9 +13,9 @@
 #use CGI::Carp 'fatalsToBrowser';
 
 #use strict;
-use Geo::IP::PurePerl;
 
 require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/geoip-functions.pl";
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 
@@ -152,7 +152,6 @@ if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
 my $lines = 0;
 my @log=();
 my $country = $cgiparams{country};
-my $gi = Geo::IP::PurePerl->new();
 
 if (!$skip)
 {
@@ -179,7 +178,7 @@ if (!$skip)
 			}
 			elsif($srcaddr ne '') {
 				# or srcaddr matches country code
-				my $ccode = $gi->country_code_by_name($srcaddr);
+				my $ccode = &GeoIP::lookup($srcaddr);
 				if($ccode eq uc($country)){
 					$log[$lines] = $_;
 					$lines++;
-- 
2.12.2