From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] display GeoIP information on active network connections in WebUI Date: Sat, 11 Nov 2017 21:30:18 +0100 Message-ID: <20171111213018.29d3cae8.peter.mueller@link38.eu> In-Reply-To: <1510266885.2945.7.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1156389011535752304==" List-Id: --===============1156389011535752304== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Michael, the patches look good. Thanks for working on this. However, I think for simple sites such as the DNS server list or ipinfo.cgi, where we have only 1 or 2 queries, we do not need to load the complete database to RAM. Best regards, Peter M=C3=BCller > Hi, >=20 > I just posted a patch that does this. >=20 > Please have a look at it. >=20 > Best, > -Michael >=20 > On Wed, 2017-11-08 at 22:52 +0100, Peter M=C3=BCller wrote: > > Hello Michael, > > =20 > > > Basically this patch looks simple and good to me. =20 > >=20 > > Thanks, finally. :-) =20 > > >=20 > > > But since we are using the perl module quite a bit, could we not put > > > those few lines into a function so that if we need to change anything > > > we do that everywhere at once? > > >=20 > > > And secondly, I have some systems that have thousands of open > > > connections very often to the same IP addresses. Could we not add a > > > caching layer so that this isn't being looked up multiple times for the > > > same IP address if that is an expensive operation? =20 > >=20 > > Could you (or somebody else) do this, please? I am afraid this is > > one step to far for me at the moment. > >=20 > > Thanks and best regards, > > Peter M=C3=BCller =20 > > >=20 > > > -Michael > > >=20 > > > On Tue, 2017-11-07 at 20:42 +0100, Peter M=C3=BCller wrote: =20 > > > > Display the GeoIP flag for source and destination IP address > > > > on the connection tracking table in WebUI. > > > >=20 > > > > This could possibly make network or firewall rule debugging easier. > > > >=20 > > > > Signed-off-by: Peter M=C3=BCller > > > > --- > > > > html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++ > > > > 1 file changed, 26 insertions(+) > > > >=20 > > > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.= cgi > > > > index 96f09012b..06dc74877 100644 > > > > --- a/html/cgi-bin/connections.cgi > > > > +++ b/html/cgi-bin/connections.cgi > > > > @@ -23,6 +23,7 @@ use strict; > > > > =20 > > > > use Net::IPv4Addr qw( :all ); > > > > use Switch; > > > > +use Geo::IP::PurePerl; > > > > =20 > > > > # enable only the following on debugging purpose > > > > #use warnings; > > > > @@ -31,6 +32,7 @@ use Switch; > > > > require '/var/ipfire/general-functions.pl'; > > > > require "${General::swroot}/lang.pl"; > > > > require "${General::swroot}/header.pl"; > > > > +require "${General::swroot}/geoip-functions.pl"; > > > > =20 > > > > my $colour_multicast =3D "#A0A0A0"; > > > > =20 > > > > @@ -372,6 +374,7 @@ print < > > > 3D"" > > > > 3D"" > > > > > > > > +   > > > > > > > > 3D"" > > > > 3D"" > > > > @@ -386,6 +389,7 @@ print < > > > 3D"" > > > > 3D"" > > > > > > > > +   > > > > > > > > 3D"" > > > > 3D"" > > > > @@ -409,10 +413,16 @@ print < > > > > > > > $Lang::tr{'source ip and port'} > > > > > > > > + > > > > + $Lang::tr{'country'} > > > > + > > > > > > > > $Lang::tr{'dest ip and port'} > > > > > > > > > > > > + $Lang::tr{'country'} > > > > + > > > > + > > > > $Lang::tr{'download'} / > > > >
$Lang::tr{'upload'} > > > > > > > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) { > > > > my $bytes_in =3D format_bytes($bytes[0]); > > > > my $bytes_out =3D format_bytes($bytes[1]); > > > > =20 > > > > + my $gi1 =3D Geo::IP::PurePerl->new(); > > > > + my $ccode1 =3D $gi1->country_code_by_name($sip_ret); > > > > + my $fcode1 =3D lc($ccode1); > > > > + my $flag_icon1 =3D &GeoIP::get_flag_icon($fcode1); > > > > + > > > > + my $gi2 =3D Geo::IP::PurePerl->new(); > > > > + my $ccode2 =3D $gi2->country_code_by_name($dip_ret); > > > > + my $fcode2 =3D lc($ccode2); > > > > + my $flag_icon2 =3D &GeoIP::get_flag_icon($fcode2); > > > > +=09 > > > > # Format TTL > > > > $ttl =3D format_time($ttl); > > > > =20 > > > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) { > > > > > > > > $sport_extra > > > > > > > > + > > > > + > > > > + > > > > > > > > > > > > $dip > > > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) { > > > > > > > > $dport_extra > > > > > > > > + > > > > + > > > > + > > > > > > > > $bytes_in / $bytes_out > > > > =20 > >=20 > > =20 --===============1156389011535752304==--