* [PATCH] display GeoIP information on active network connections in WebUI @ 2017-11-07 19:42 Peter Müller 2017-11-07 23:07 ` Michael Tremer 0 siblings, 1 reply; 10+ messages in thread From: Peter Müller @ 2017-11-07 19:42 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 3832 bytes --] Display the GeoIP flag for source and destination IP address on the connection tracking table in WebUI. This could possibly make network or firewall rule debugging easier. Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> --- html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi index 96f09012b..06dc74877 100644 --- a/html/cgi-bin/connections.cgi +++ b/html/cgi-bin/connections.cgi @@ -23,6 +23,7 @@ use strict; use Net::IPv4Addr qw( :all ); use Switch; +use Geo::IP::PurePerl; # enable only the following on debugging purpose #use warnings; @@ -31,6 +32,7 @@ use Switch; require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; +require "${General::swroot}/geoip-functions.pl"; my $colour_multicast = "#A0A0A0"; @@ -372,6 +374,7 @@ print <<END; <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> </th> + <th> </th> <th style='text-align:center' colspan='2'> <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> @@ -386,6 +389,7 @@ print <<END; <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> </th> + <th> </th> <th style='text-align:center'> <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> @@ -409,10 +413,16 @@ print <<END; <th style='text-align:center' colspan='2'> $Lang::tr{'source ip and port'} </th> + <th style='text-align:center'> + $Lang::tr{'country'} + </th> <th style='text-align:center' colspan='2'> $Lang::tr{'dest ip and port'} </th> <th style='text-align:center'> + $Lang::tr{'country'} + </th> + <th style='text-align:center'> $Lang::tr{'download'} / <br>$Lang::tr{'upload'} </th> @@ -540,6 +550,16 @@ foreach my $line (@conntrack) { my $bytes_in = format_bytes($bytes[0]); my $bytes_out = format_bytes($bytes[1]); + my $gi1 = Geo::IP::PurePerl->new(); + my $ccode1 = $gi1->country_code_by_name($sip_ret); + my $fcode1 = lc($ccode1); + my $flag_icon1 = &GeoIP::get_flag_icon($fcode1); + + my $gi2 = Geo::IP::PurePerl->new(); + my $ccode2 = $gi2->country_code_by_name($dip_ret); + my $fcode2 = lc($ccode2); + my $flag_icon2 = &GeoIP::get_flag_icon($fcode2); + # Format TTL $ttl = format_time($ttl); @@ -601,6 +621,9 @@ foreach my $line (@conntrack) { </a> $sport_extra </td> + <td style='text-align:center; background-color:$sip_colour;'> + <a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a> + </td> <td style='text-align:center; background-color:$dip_colour;'> <a href='/cgi-bin/ipinfo.cgi?ip=$dip'> <span style='color:#FFFFFF;'>$dip</span> @@ -613,6 +636,9 @@ foreach my $line (@conntrack) { </a> $dport_extra </td> + <td style='text-align:center; background-color:$dip_colour;'> + <a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a> + </td> <td style='text-align:center'> $bytes_in / $bytes_out </td> -- 2.13.6 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] display GeoIP information on active network connections in WebUI 2017-11-07 19:42 [PATCH] display GeoIP information on active network connections in WebUI Peter Müller @ 2017-11-07 23:07 ` Michael Tremer 2017-11-08 21:52 ` Peter Müller 0 siblings, 1 reply; 10+ messages in thread From: Michael Tremer @ 2017-11-07 23:07 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 4573 bytes --] Basically this patch looks simple and good to me. But since we are using the perl module quite a bit, could we not put those few lines into a function so that if we need to change anything we do that everywhere at once? And secondly, I have some systems that have thousands of open connections very often to the same IP addresses. Could we not add a caching layer so that this isn't being looked up multiple times for the same IP address if that is an expensive operation? -Michael On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote: > Display the GeoIP flag for source and destination IP address > on the connection tracking table in WebUI. > > This could possibly make network or firewall rule debugging easier. > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> > --- > html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++ > 1 file changed, 26 insertions(+) > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi > index 96f09012b..06dc74877 100644 > --- a/html/cgi-bin/connections.cgi > +++ b/html/cgi-bin/connections.cgi > @@ -23,6 +23,7 @@ use strict; > > use Net::IPv4Addr qw( :all ); > use Switch; > +use Geo::IP::PurePerl; > > # enable only the following on debugging purpose > #use warnings; > @@ -31,6 +32,7 @@ use Switch; > require '/var/ipfire/general-functions.pl'; > require "${General::swroot}/lang.pl"; > require "${General::swroot}/header.pl"; > +require "${General::swroot}/geoip-functions.pl"; > > my $colour_multicast = "#A0A0A0"; > > @@ -372,6 +374,7 @@ print <<END; > <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > </th> > + <th> </th> > <th style='text-align:center' colspan='2'> > <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > @@ -386,6 +389,7 @@ print <<END; > <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > </th> > + <th> </th> > <th style='text-align:center'> > <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > @@ -409,10 +413,16 @@ print <<END; > <th style='text-align:center' colspan='2'> > $Lang::tr{'source ip and port'} > </th> > + <th style='text-align:center'> > + $Lang::tr{'country'} > + </th> > <th style='text-align:center' colspan='2'> > $Lang::tr{'dest ip and port'} > </th> > <th style='text-align:center'> > + $Lang::tr{'country'} > + </th> > + <th style='text-align:center'> > $Lang::tr{'download'} / > <br>$Lang::tr{'upload'} > </th> > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) { > my $bytes_in = format_bytes($bytes[0]); > my $bytes_out = format_bytes($bytes[1]); > > + my $gi1 = Geo::IP::PurePerl->new(); > + my $ccode1 = $gi1->country_code_by_name($sip_ret); > + my $fcode1 = lc($ccode1); > + my $flag_icon1 = &GeoIP::get_flag_icon($fcode1); > + > + my $gi2 = Geo::IP::PurePerl->new(); > + my $ccode2 = $gi2->country_code_by_name($dip_ret); > + my $fcode2 = lc($ccode2); > + my $flag_icon2 = &GeoIP::get_flag_icon($fcode2); > + > # Format TTL > $ttl = format_time($ttl); > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) { > </a> > $sport_extra > </td> > + <td style='text-align:center; background-color:$sip_colour;'> > + <a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a> > + </td> > <td style='text-align:center; background-color:$dip_colour;'> > <a href='/cgi-bin/ipinfo.cgi?ip=$dip'> > <span style='color:#FFFFFF;'>$dip</span> > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) { > </a> > $dport_extra > </td> > + <td style='text-align:center; background-color:$dip_colour;'> > + <a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a> > + </td> > <td style='text-align:center'> > $bytes_in / $bytes_out > </td> [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] display GeoIP information on active network connections in WebUI 2017-11-07 23:07 ` Michael Tremer @ 2017-11-08 21:52 ` Peter Müller 2017-11-09 22:32 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Michael Tremer 2017-11-09 22:34 ` [PATCH] display GeoIP information on active network connections in WebUI Michael Tremer 0 siblings, 2 replies; 10+ messages in thread From: Peter Müller @ 2017-11-08 21:52 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 4994 bytes --] Hello Michael, > Basically this patch looks simple and good to me. Thanks, finally. :-) > > But since we are using the perl module quite a bit, could we not put > those few lines into a function so that if we need to change anything > we do that everywhere at once? > > And secondly, I have some systems that have thousands of open > connections very often to the same IP addresses. Could we not add a > caching layer so that this isn't being looked up multiple times for the > same IP address if that is an expensive operation? Could you (or somebody else) do this, please? I am afraid this is one step to far for me at the moment. Thanks and best regards, Peter Müller > > -Michael > > On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote: > > Display the GeoIP flag for source and destination IP address > > on the connection tracking table in WebUI. > > > > This could possibly make network or firewall rule debugging easier. > > > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> > > --- > > html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++ > > 1 file changed, 26 insertions(+) > > > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi > > index 96f09012b..06dc74877 100644 > > --- a/html/cgi-bin/connections.cgi > > +++ b/html/cgi-bin/connections.cgi > > @@ -23,6 +23,7 @@ use strict; > > > > use Net::IPv4Addr qw( :all ); > > use Switch; > > +use Geo::IP::PurePerl; > > > > # enable only the following on debugging purpose > > #use warnings; > > @@ -31,6 +32,7 @@ use Switch; > > require '/var/ipfire/general-functions.pl'; > > require "${General::swroot}/lang.pl"; > > require "${General::swroot}/header.pl"; > > +require "${General::swroot}/geoip-functions.pl"; > > > > my $colour_multicast = "#A0A0A0"; > > > > @@ -372,6 +374,7 @@ print <<END; > > <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > </th> > > + <th> </th> > > <th style='text-align:center' colspan='2'> > > <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > @@ -386,6 +389,7 @@ print <<END; > > <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > </th> > > + <th> </th> > > <th style='text-align:center'> > > <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > @@ -409,10 +413,16 @@ print <<END; > > <th style='text-align:center' colspan='2'> > > $Lang::tr{'source ip and port'} > > </th> > > + <th style='text-align:center'> > > + $Lang::tr{'country'} > > + </th> > > <th style='text-align:center' colspan='2'> > > $Lang::tr{'dest ip and port'} > > </th> > > <th style='text-align:center'> > > + $Lang::tr{'country'} > > + </th> > > + <th style='text-align:center'> > > $Lang::tr{'download'} / > > <br>$Lang::tr{'upload'} > > </th> > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) { > > my $bytes_in = format_bytes($bytes[0]); > > my $bytes_out = format_bytes($bytes[1]); > > > > + my $gi1 = Geo::IP::PurePerl->new(); > > + my $ccode1 = $gi1->country_code_by_name($sip_ret); > > + my $fcode1 = lc($ccode1); > > + my $flag_icon1 = &GeoIP::get_flag_icon($fcode1); > > + > > + my $gi2 = Geo::IP::PurePerl->new(); > > + my $ccode2 = $gi2->country_code_by_name($dip_ret); > > + my $fcode2 = lc($ccode2); > > + my $flag_icon2 = &GeoIP::get_flag_icon($fcode2); > > + > > # Format TTL > > $ttl = format_time($ttl); > > > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) { > > </a> > > $sport_extra > > </td> > > + <td style='text-align:center; background-color:$sip_colour;'> > > + <a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a> > > + </td> > > <td style='text-align:center; background-color:$dip_colour;'> > > <a href='/cgi-bin/ipinfo.cgi?ip=$dip'> > > <span style='color:#FFFFFF;'>$dip</span> > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) { > > </a> > > $dport_extra > > </td> > > + <td style='text-align:center; background-color:$dip_colour;'> > > + <a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a> > > + </td> > > <td style='text-align:center'> > > $bytes_in / $bytes_out > > </td> ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 1/2] geoip-functions.pl: Fix typos and formatting 2017-11-08 21:52 ` Peter Müller @ 2017-11-09 22:32 ` Michael Tremer 2017-11-09 22:32 ` [PATCH 2/2] GeoIP: Add lookup function for convenience Michael Tremer 2017-11-12 12:27 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Peter Müller 2017-11-09 22:34 ` [PATCH] display GeoIP information on active network connections in WebUI Michael Tremer 1 sibling, 2 replies; 10+ messages in thread From: Michael Tremer @ 2017-11-09 22:32 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 969 bytes --] Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> --- config/cfgroot/geoip-functions.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl index fc2dfdd34..623169eaf 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -63,10 +63,10 @@ sub get_flag_icon($) { # the icon for "unknown". my $ccode = "unknown"; - # Redoing all the stuff from abouve for the "unknown" icon. - my $file = join('.', $ccode,$ext); - my $flag_icon = join('/', $flagdir,$file); - my $absolute_path = join('', $webroot,$flag_icon); + # Redoing all the stuff from above for the "unknown" icon. + my $file = join('.', $ccode, $ext); + my $flag_icon = join('/', $flagdir, $file); + my $absolute_path = join('', $webroot, $flag_icon); # Check if the icon is present. if (-e "$absolute_path") { -- 2.12.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 2/2] GeoIP: Add lookup function for convenience 2017-11-09 22:32 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Michael Tremer @ 2017-11-09 22:32 ` Michael Tremer 2017-11-12 12:27 ` Peter Müller 2017-11-12 12:27 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Peter Müller 1 sibling, 1 reply; 10+ messages in thread From: Michael Tremer @ 2017-11-09 22:32 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 7743 bytes --] Instead of opening the database again for each lookup, we will read it into memory on first use and every lookup after that will be coming from cache. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> --- config/cfgroot/geoip-functions.pl | 15 +++++++++++++++ html/cgi-bin/country.cgi | 10 +++++----- html/cgi-bin/logs.cgi/firewalllog.dat | 9 +++------ html/cgi-bin/logs.cgi/firewalllogcountry.dat | 4 +--- html/cgi-bin/logs.cgi/firewalllogip.dat | 7 ++----- html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 5 ++--- 6 files changed, 28 insertions(+), 22 deletions(-) diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl index 623169eaf..be50d5e14 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -23,8 +23,23 @@ package GeoIP; +use Geo::IP::PurePerl; use Locale::Codes::Country; +my $database; + +sub lookup($) { + my $address = shift; + + # Load the database into memory if not already done + if (!$database) { + $database = Geo::IP::PurePerl->new(GEOIP_MEMORY_CACHE); + } + + # Return the name of the country + return $database->country_code_by_name($address); +} + # Function to get the flag icon for a specified country code. sub get_flag_icon($) { my ($input) = @_; diff --git a/html/cgi-bin/country.cgi b/html/cgi-bin/country.cgi index f2ae81300..8df2427a9 100644 --- a/html/cgi-bin/country.cgi +++ b/html/cgi-bin/country.cgi @@ -60,7 +60,7 @@ foreach my $country (@countries) { $lines++; # Convert country code into upper case. - my $country_uc = uc($country); + $country = uc($country); # Get flag icon for of the country. my $flag_icon = &GeoIP::get_flag_icon($country); @@ -69,8 +69,8 @@ foreach my $country (@countries) { my $name = &GeoIP::get_full_country_name($country); if ($lines % 2) { - print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>"; - print "<td $col>$country_uc</td>"; + print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>"; + print "<td $col>$country</td>"; print "<td $col>$name</td></tr>\n"; } else { $lines2++; @@ -80,8 +80,8 @@ foreach my $country (@countries) { $col="style='background-color:${Header::table1colour};'"; } print "<tr>"; - print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>"; - print "<td $col>$country_uc</td>"; + print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>"; + print "<td $col>$country</td>"; print "<td $col>$name</td>"; print "<td $col> </td>"; diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat index 5c9722b85..e67a40a9f 100644 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -13,7 +13,6 @@ # use strict; -use Geo::IP::PurePerl; use Getopt::Std; # enable only the following on debugging purpose @@ -352,9 +351,7 @@ foreach $_ (@log) $srcport=$1 if $packet =~ /SPT=(\d+)/; $dstport=$1 if $packet =~ /DPT=(\d+)/; - my $gi = Geo::IP::PurePerl->new(); - my $ccode = $gi->country_code_by_name($srcaddr); - my $fcode = lc($ccode); + my $ccode = &GeoIP::lookup($srcaddr); my $servi = uc(getservbyport($srcport, lc($proto))); if ($servi ne '' && $srcport < 1024) { @@ -386,10 +383,10 @@ foreach $_ (@log) END ; # Get flag icon for of the country. - my $flag_icon = &GeoIP::get_flag_icon($fcode); + my $flag_icon = &GeoIP::get_flag_icon($ccode); if ( $flag_icon) { - print "<td align='center' $col><a href='../country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>"; + print "<td align='center' $col><a href='../country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>"; } else { print "<td align='center' $col></td>"; } diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index f2b6048f7..949f2599d 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -11,7 +11,6 @@ # and Michael Tremer (www.ipfire.org) use strict; -use Geo::IP::PurePerl; use Getopt::Std; # enable only the following on debugging purpose @@ -287,7 +286,6 @@ print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>"; my $red_interface = &General::get_red_interface(); my $linesjc = 0; my %tabjc; -my $gi = Geo::IP::PurePerl->new(); if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; }; $lines = 0; @@ -310,7 +308,7 @@ foreach $_ (@log) # Traffic from red if($srcaddr ne '') { # srcaddr is set - my $ccode = $gi->country_code_by_name($srcaddr); + my $ccode = &GeoIP::lookup($srcaddr); if ($ccode eq '') { $ccode = 'unknown'; } diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi-bin/logs.cgi/firewalllogip.dat index 9e366745d..c73d24fd6 100644 --- a/html/cgi-bin/logs.cgi/firewalllogip.dat +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat @@ -11,7 +11,6 @@ # and Michael Tremer (www.ipfire.org) use strict; -use Geo::IP::PurePerl; use Getopt::Std; # enable only the following on debugging purpose @@ -436,9 +435,7 @@ for($s=0;$s<$lines;$s++) $col="bgcolor='$color{\"color$colorIndex\"}'"; print "<tr>"; - my $gi = Geo::IP::PurePerl->new(); - my $ccode = $gi->country_code_by_name($key[$s]); - my $fcode = lc($ccode); + my $ccode = &GeoIP::lookup($key[$s]); $color++; print "<td align='center' $col><form method='post' action='showrequestfromip.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='ip' value='$key[$s]'> <input type='submit' value='$Lang::tr{'details'}'></form></td>"; @@ -448,7 +445,7 @@ for($s=0;$s<$lines;$s++) my $flag_icon = &GeoIP::get_flag_icon($ccode); if ( $flag_icon ) { - print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>"; + print "<td align='center' $col><a href='/cgi-bin/country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>"; } else { print "<td align='center' $col></td>"; } diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat index b6383ed59..605873ac0 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -13,9 +13,9 @@ #use CGI::Carp 'fatalsToBrowser'; #use strict; -use Geo::IP::PurePerl; require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/geoip-functions.pl"; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; @@ -152,7 +152,6 @@ if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { my $lines = 0; my @log=(); my $country = $cgiparams{country}; -my $gi = Geo::IP::PurePerl->new(); if (!$skip) { @@ -179,7 +178,7 @@ if (!$skip) } elsif($srcaddr ne '') { # or srcaddr matches country code - my $ccode = $gi->country_code_by_name($srcaddr); + my $ccode = &GeoIP::lookup($srcaddr); if($ccode eq uc($country)){ $log[$lines] = $_; $lines++; -- 2.12.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 2/2] GeoIP: Add lookup function for convenience 2017-11-09 22:32 ` [PATCH 2/2] GeoIP: Add lookup function for convenience Michael Tremer @ 2017-11-12 12:27 ` Peter Müller 0 siblings, 0 replies; 10+ messages in thread From: Peter Müller @ 2017-11-12 12:27 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 7797 bytes --] Instead of opening the database again for each lookup, we will read it into memory on first use and every lookup after that will be coming from cache. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> Reviewed-by: Peter Müller <peter.mueller(a)link38.eu> --- config/cfgroot/geoip-functions.pl | 15 +++++++++++++++ html/cgi-bin/country.cgi | 10 +++++----- html/cgi-bin/logs.cgi/firewalllog.dat | 9 +++------ html/cgi-bin/logs.cgi/firewalllogcountry.dat | 4 +--- html/cgi-bin/logs.cgi/firewalllogip.dat | 7 ++----- html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 5 ++--- 6 files changed, 28 insertions(+), 22 deletions(-) diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl index 623169eaf..be50d5e14 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -23,8 +23,23 @@ package GeoIP; +use Geo::IP::PurePerl; use Locale::Codes::Country; +my $database; + +sub lookup($) { + my $address = shift; + + # Load the database into memory if not already done + if (!$database) { + $database = Geo::IP::PurePerl->new(GEOIP_MEMORY_CACHE); + } + + # Return the name of the country + return $database->country_code_by_name($address); +} + # Function to get the flag icon for a specified country code. sub get_flag_icon($) { my ($input) = @_; diff --git a/html/cgi-bin/country.cgi b/html/cgi-bin/country.cgi index f2ae81300..8df2427a9 100644 --- a/html/cgi-bin/country.cgi +++ b/html/cgi-bin/country.cgi @@ -60,7 +60,7 @@ foreach my $country (@countries) { $lines++; # Convert country code into upper case. - my $country_uc = uc($country); + $country = uc($country); # Get flag icon for of the country. my $flag_icon = &GeoIP::get_flag_icon($country); @@ -69,8 +69,8 @@ foreach my $country (@countries) { my $name = &GeoIP::get_full_country_name($country); if ($lines % 2) { - print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>"; - print "<td $col>$country_uc</td>"; + print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>"; + print "<td $col>$country</td>"; print "<td $col>$name</td></tr>\n"; } else { $lines2++; @@ -80,8 +80,8 @@ foreach my $country (@countries) { $col="style='background-color:${Header::table1colour};'"; } print "<tr>"; - print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>"; - print "<td $col>$country_uc</td>"; + print "<td $col><a id='$country'><img src='$flag_icon' alt='$country' title='$country'/></a></td>"; + print "<td $col>$country</td>"; print "<td $col>$name</td>"; print "<td $col> </td>"; diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat index 5c9722b85..e67a40a9f 100644 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -13,7 +13,6 @@ # use strict; -use Geo::IP::PurePerl; use Getopt::Std; # enable only the following on debugging purpose @@ -352,9 +351,7 @@ foreach $_ (@log) $srcport=$1 if $packet =~ /SPT=(\d+)/; $dstport=$1 if $packet =~ /DPT=(\d+)/; - my $gi = Geo::IP::PurePerl->new(); - my $ccode = $gi->country_code_by_name($srcaddr); - my $fcode = lc($ccode); + my $ccode = &GeoIP::lookup($srcaddr); my $servi = uc(getservbyport($srcport, lc($proto))); if ($servi ne '' && $srcport < 1024) { @@ -386,10 +383,10 @@ foreach $_ (@log) END ; # Get flag icon for of the country. - my $flag_icon = &GeoIP::get_flag_icon($fcode); + my $flag_icon = &GeoIP::get_flag_icon($ccode); if ( $flag_icon) { - print "<td align='center' $col><a href='../country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>"; + print "<td align='center' $col><a href='../country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>"; } else { print "<td align='center' $col></td>"; } diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index f2b6048f7..949f2599d 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -11,7 +11,6 @@ # and Michael Tremer (www.ipfire.org) use strict; -use Geo::IP::PurePerl; use Getopt::Std; # enable only the following on debugging purpose @@ -287,7 +286,6 @@ print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>"; my $red_interface = &General::get_red_interface(); my $linesjc = 0; my %tabjc; -my $gi = Geo::IP::PurePerl->new(); if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; }; $lines = 0; @@ -310,7 +308,7 @@ foreach $_ (@log) # Traffic from red if($srcaddr ne '') { # srcaddr is set - my $ccode = $gi->country_code_by_name($srcaddr); + my $ccode = &GeoIP::lookup($srcaddr); if ($ccode eq '') { $ccode = 'unknown'; } diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi-bin/logs.cgi/firewalllogip.dat index 9e366745d..c73d24fd6 100644 --- a/html/cgi-bin/logs.cgi/firewalllogip.dat +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat @@ -11,7 +11,6 @@ # and Michael Tremer (www.ipfire.org) use strict; -use Geo::IP::PurePerl; use Getopt::Std; # enable only the following on debugging purpose @@ -436,9 +435,7 @@ for($s=0;$s<$lines;$s++) $col="bgcolor='$color{\"color$colorIndex\"}'"; print "<tr>"; - my $gi = Geo::IP::PurePerl->new(); - my $ccode = $gi->country_code_by_name($key[$s]); - my $fcode = lc($ccode); + my $ccode = &GeoIP::lookup($key[$s]); $color++; print "<td align='center' $col><form method='post' action='showrequestfromip.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='ip' value='$key[$s]'> <input type='submit' value='$Lang::tr{'details'}'></form></td>"; @@ -448,7 +445,7 @@ for($s=0;$s<$lines;$s++) my $flag_icon = &GeoIP::get_flag_icon($ccode); if ( $flag_icon ) { - print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>"; + print "<td align='center' $col><a href='/cgi-bin/country.cgi#$ccode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>"; } else { print "<td align='center' $col></td>"; } diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat index b6383ed59..605873ac0 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -13,9 +13,9 @@ #use CGI::Carp 'fatalsToBrowser'; #use strict; -use Geo::IP::PurePerl; require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/geoip-functions.pl"; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; @@ -152,7 +152,6 @@ if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { my $lines = 0; my @log=(); my $country = $cgiparams{country}; -my $gi = Geo::IP::PurePerl->new(); if (!$skip) { @@ -179,7 +178,7 @@ if (!$skip) } elsif($srcaddr ne '') { # or srcaddr matches country code - my $ccode = $gi->country_code_by_name($srcaddr); + my $ccode = &GeoIP::lookup($srcaddr); if($ccode eq uc($country)){ $log[$lines] = $_; $lines++; -- 2.12.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 1/2] geoip-functions.pl: Fix typos and formatting 2017-11-09 22:32 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Michael Tremer 2017-11-09 22:32 ` [PATCH 2/2] GeoIP: Add lookup function for convenience Michael Tremer @ 2017-11-12 12:27 ` Peter Müller 1 sibling, 0 replies; 10+ messages in thread From: Peter Müller @ 2017-11-12 12:27 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1023 bytes --] Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> Reviewed-by: Peter Müller <peter.mueller(a)link38.eu> --- config/cfgroot/geoip-functions.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl index fc2dfdd34..623169eaf 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -63,10 +63,10 @@ sub get_flag_icon($) { # the icon for "unknown". my $ccode = "unknown"; - # Redoing all the stuff from abouve for the "unknown" icon. - my $file = join('.', $ccode,$ext); - my $flag_icon = join('/', $flagdir,$file); - my $absolute_path = join('', $webroot,$flag_icon); + # Redoing all the stuff from above for the "unknown" icon. + my $file = join('.', $ccode, $ext); + my $flag_icon = join('/', $flagdir, $file); + my $absolute_path = join('', $webroot, $flag_icon); # Check if the icon is present. if (-e "$absolute_path") { -- 2.12.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] display GeoIP information on active network connections in WebUI 2017-11-08 21:52 ` Peter Müller 2017-11-09 22:32 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Michael Tremer @ 2017-11-09 22:34 ` Michael Tremer 2017-11-11 20:30 ` Peter Müller 1 sibling, 1 reply; 10+ messages in thread From: Michael Tremer @ 2017-11-09 22:34 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 5405 bytes --] Hi, I just posted a patch that does this. Please have a look at it. Best, -Michael On Wed, 2017-11-08 at 22:52 +0100, Peter Müller wrote: > Hello Michael, > > > Basically this patch looks simple and good to me. > > Thanks, finally. :-) > > > > But since we are using the perl module quite a bit, could we not put > > those few lines into a function so that if we need to change anything > > we do that everywhere at once? > > > > And secondly, I have some systems that have thousands of open > > connections very often to the same IP addresses. Could we not add a > > caching layer so that this isn't being looked up multiple times for the > > same IP address if that is an expensive operation? > > Could you (or somebody else) do this, please? I am afraid this is > one step to far for me at the moment. > > Thanks and best regards, > Peter Müller > > > > -Michael > > > > On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote: > > > Display the GeoIP flag for source and destination IP address > > > on the connection tracking table in WebUI. > > > > > > This could possibly make network or firewall rule debugging easier. > > > > > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> > > > --- > > > html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++ > > > 1 file changed, 26 insertions(+) > > > > > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi > > > index 96f09012b..06dc74877 100644 > > > --- a/html/cgi-bin/connections.cgi > > > +++ b/html/cgi-bin/connections.cgi > > > @@ -23,6 +23,7 @@ use strict; > > > > > > use Net::IPv4Addr qw( :all ); > > > use Switch; > > > +use Geo::IP::PurePerl; > > > > > > # enable only the following on debugging purpose > > > #use warnings; > > > @@ -31,6 +32,7 @@ use Switch; > > > require '/var/ipfire/general-functions.pl'; > > > require "${General::swroot}/lang.pl"; > > > require "${General::swroot}/header.pl"; > > > +require "${General::swroot}/geoip-functions.pl"; > > > > > > my $colour_multicast = "#A0A0A0"; > > > > > > @@ -372,6 +374,7 @@ print <<END; > > > <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > </th> > > > + <th> </th> > > > <th style='text-align:center' colspan='2'> > > > <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > @@ -386,6 +389,7 @@ print <<END; > > > <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > </th> > > > + <th> </th> > > > <th style='text-align:center'> > > > <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > @@ -409,10 +413,16 @@ print <<END; > > > <th style='text-align:center' colspan='2'> > > > $Lang::tr{'source ip and port'} > > > </th> > > > + <th style='text-align:center'> > > > + $Lang::tr{'country'} > > > + </th> > > > <th style='text-align:center' colspan='2'> > > > $Lang::tr{'dest ip and port'} > > > </th> > > > <th style='text-align:center'> > > > + $Lang::tr{'country'} > > > + </th> > > > + <th style='text-align:center'> > > > $Lang::tr{'download'} / > > > <br>$Lang::tr{'upload'} > > > </th> > > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) { > > > my $bytes_in = format_bytes($bytes[0]); > > > my $bytes_out = format_bytes($bytes[1]); > > > > > > + my $gi1 = Geo::IP::PurePerl->new(); > > > + my $ccode1 = $gi1->country_code_by_name($sip_ret); > > > + my $fcode1 = lc($ccode1); > > > + my $flag_icon1 = &GeoIP::get_flag_icon($fcode1); > > > + > > > + my $gi2 = Geo::IP::PurePerl->new(); > > > + my $ccode2 = $gi2->country_code_by_name($dip_ret); > > > + my $fcode2 = lc($ccode2); > > > + my $flag_icon2 = &GeoIP::get_flag_icon($fcode2); > > > + > > > # Format TTL > > > $ttl = format_time($ttl); > > > > > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) { > > > </a> > > > $sport_extra > > > </td> > > > + <td style='text-align:center; background-color:$sip_colour;'> > > > + <a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a> > > > + </td> > > > <td style='text-align:center; background-color:$dip_colour;'> > > > <a href='/cgi-bin/ipinfo.cgi?ip=$dip'> > > > <span style='color:#FFFFFF;'>$dip</span> > > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) { > > > </a> > > > $dport_extra > > > </td> > > > + <td style='text-align:center; background-color:$dip_colour;'> > > > + <a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a> > > > + </td> > > > <td style='text-align:center'> > > > $bytes_in / $bytes_out > > > </td> > > [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] display GeoIP information on active network connections in WebUI 2017-11-09 22:34 ` [PATCH] display GeoIP information on active network connections in WebUI Michael Tremer @ 2017-11-11 20:30 ` Peter Müller 2017-11-12 12:23 ` Michael Tremer 0 siblings, 1 reply; 10+ messages in thread From: Peter Müller @ 2017-11-11 20:30 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 5972 bytes --] Hello Michael, the patches look good. Thanks for working on this. However, I think for simple sites such as the DNS server list or ipinfo.cgi, where we have only 1 or 2 queries, we do not need to load the complete database to RAM. Best regards, Peter Müller > Hi, > > I just posted a patch that does this. > > Please have a look at it. > > Best, > -Michael > > On Wed, 2017-11-08 at 22:52 +0100, Peter Müller wrote: > > Hello Michael, > > > > > Basically this patch looks simple and good to me. > > > > Thanks, finally. :-) > > > > > > But since we are using the perl module quite a bit, could we not put > > > those few lines into a function so that if we need to change anything > > > we do that everywhere at once? > > > > > > And secondly, I have some systems that have thousands of open > > > connections very often to the same IP addresses. Could we not add a > > > caching layer so that this isn't being looked up multiple times for the > > > same IP address if that is an expensive operation? > > > > Could you (or somebody else) do this, please? I am afraid this is > > one step to far for me at the moment. > > > > Thanks and best regards, > > Peter Müller > > > > > > -Michael > > > > > > On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote: > > > > Display the GeoIP flag for source and destination IP address > > > > on the connection tracking table in WebUI. > > > > > > > > This could possibly make network or firewall rule debugging easier. > > > > > > > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> > > > > --- > > > > html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++ > > > > 1 file changed, 26 insertions(+) > > > > > > > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi > > > > index 96f09012b..06dc74877 100644 > > > > --- a/html/cgi-bin/connections.cgi > > > > +++ b/html/cgi-bin/connections.cgi > > > > @@ -23,6 +23,7 @@ use strict; > > > > > > > > use Net::IPv4Addr qw( :all ); > > > > use Switch; > > > > +use Geo::IP::PurePerl; > > > > > > > > # enable only the following on debugging purpose > > > > #use warnings; > > > > @@ -31,6 +32,7 @@ use Switch; > > > > require '/var/ipfire/general-functions.pl'; > > > > require "${General::swroot}/lang.pl"; > > > > require "${General::swroot}/header.pl"; > > > > +require "${General::swroot}/geoip-functions.pl"; > > > > > > > > my $colour_multicast = "#A0A0A0"; > > > > > > > > @@ -372,6 +374,7 @@ print <<END; > > > > <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > </th> > > > > + <th> </th> > > > > <th style='text-align:center' colspan='2'> > > > > <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > @@ -386,6 +389,7 @@ print <<END; > > > > <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > </th> > > > > + <th> </th> > > > > <th style='text-align:center'> > > > > <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > @@ -409,10 +413,16 @@ print <<END; > > > > <th style='text-align:center' colspan='2'> > > > > $Lang::tr{'source ip and port'} > > > > </th> > > > > + <th style='text-align:center'> > > > > + $Lang::tr{'country'} > > > > + </th> > > > > <th style='text-align:center' colspan='2'> > > > > $Lang::tr{'dest ip and port'} > > > > </th> > > > > <th style='text-align:center'> > > > > + $Lang::tr{'country'} > > > > + </th> > > > > + <th style='text-align:center'> > > > > $Lang::tr{'download'} / > > > > <br>$Lang::tr{'upload'} > > > > </th> > > > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) { > > > > my $bytes_in = format_bytes($bytes[0]); > > > > my $bytes_out = format_bytes($bytes[1]); > > > > > > > > + my $gi1 = Geo::IP::PurePerl->new(); > > > > + my $ccode1 = $gi1->country_code_by_name($sip_ret); > > > > + my $fcode1 = lc($ccode1); > > > > + my $flag_icon1 = &GeoIP::get_flag_icon($fcode1); > > > > + > > > > + my $gi2 = Geo::IP::PurePerl->new(); > > > > + my $ccode2 = $gi2->country_code_by_name($dip_ret); > > > > + my $fcode2 = lc($ccode2); > > > > + my $flag_icon2 = &GeoIP::get_flag_icon($fcode2); > > > > + > > > > # Format TTL > > > > $ttl = format_time($ttl); > > > > > > > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) { > > > > </a> > > > > $sport_extra > > > > </td> > > > > + <td style='text-align:center; background-color:$sip_colour;'> > > > > + <a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a> > > > > + </td> > > > > <td style='text-align:center; background-color:$dip_colour;'> > > > > <a href='/cgi-bin/ipinfo.cgi?ip=$dip'> > > > > <span style='color:#FFFFFF;'>$dip</span> > > > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) { > > > > </a> > > > > $dport_extra > > > > </td> > > > > + <td style='text-align:center; background-color:$dip_colour;'> > > > > + <a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a> > > > > + </td> > > > > <td style='text-align:center'> > > > > $bytes_in / $bytes_out > > > > </td> > > > > ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] display GeoIP information on active network connections in WebUI 2017-11-11 20:30 ` Peter Müller @ 2017-11-12 12:23 ` Michael Tremer 0 siblings, 0 replies; 10+ messages in thread From: Michael Tremer @ 2017-11-12 12:23 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 6709 bytes --] Hi, I think that still makes sense since we have very short-running scripts here and the database uses 1.1 MB of space on disk. So lets assume we have a lot of overhead when we load it into memory, it might be up to 2MB which is totally fine with me. Can you send an email with a Reviewed-by or Tested-by tag? Which ever is suitable for what you did. -Michael On Sat, 2017-11-11 at 21:30 +0100, Peter Müller wrote: > Hello Michael, > > the patches look good. > > Thanks for working on this. > > However, I think for simple sites such as the DNS server list > or ipinfo.cgi, where we have only 1 or 2 queries, we do not need > to load the complete database to RAM. > > Best regards, > Peter Müller > > > Hi, > > > > I just posted a patch that does this. > > > > Please have a look at it. > > > > Best, > > -Michael > > > > On Wed, 2017-11-08 at 22:52 +0100, Peter Müller wrote: > > > Hello Michael, > > > > > > > Basically this patch looks simple and good to me. > > > > > > Thanks, finally. :-) > > > > > > > > But since we are using the perl module quite a bit, could we not put > > > > those few lines into a function so that if we need to change anything > > > > we do that everywhere at once? > > > > > > > > And secondly, I have some systems that have thousands of open > > > > connections very often to the same IP addresses. Could we not add a > > > > caching layer so that this isn't being looked up multiple times for the > > > > same IP address if that is an expensive operation? > > > > > > Could you (or somebody else) do this, please? I am afraid this is > > > one step to far for me at the moment. > > > > > > Thanks and best regards, > > > Peter Müller > > > > > > > > -Michael > > > > > > > > On Tue, 2017-11-07 at 20:42 +0100, Peter Müller wrote: > > > > > Display the GeoIP flag for source and destination IP address > > > > > on the connection tracking table in WebUI. > > > > > > > > > > This could possibly make network or firewall rule debugging easier. > > > > > > > > > > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> > > > > > --- > > > > > html/cgi-bin/connections.cgi | 26 ++++++++++++++++++++++++++ > > > > > 1 file changed, 26 insertions(+) > > > > > > > > > > diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi > > > > > index 96f09012b..06dc74877 100644 > > > > > --- a/html/cgi-bin/connections.cgi > > > > > +++ b/html/cgi-bin/connections.cgi > > > > > @@ -23,6 +23,7 @@ use strict; > > > > > > > > > > use Net::IPv4Addr qw( :all ); > > > > > use Switch; > > > > > +use Geo::IP::PurePerl; > > > > > > > > > > # enable only the following on debugging purpose > > > > > #use warnings; > > > > > @@ -31,6 +32,7 @@ use Switch; > > > > > require '/var/ipfire/general-functions.pl'; > > > > > require "${General::swroot}/lang.pl"; > > > > > require "${General::swroot}/header.pl"; > > > > > +require "${General::swroot}/geoip-functions.pl"; > > > > > > > > > > my $colour_multicast = "#A0A0A0"; > > > > > > > > > > @@ -372,6 +374,7 @@ print <<END; > > > > > <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > > <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > > </th> > > > > > + <th> </th> > > > > > <th style='text-align:center' colspan='2'> > > > > > <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > > <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > > @@ -386,6 +389,7 @@ print <<END; > > > > > <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > > <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > > </th> > > > > > + <th> </th> > > > > > <th style='text-align:center'> > > > > > <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> > > > > > <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> > > > > > @@ -409,10 +413,16 @@ print <<END; > > > > > <th style='text-align:center' colspan='2'> > > > > > $Lang::tr{'source ip and port'} > > > > > </th> > > > > > + <th style='text-align:center'> > > > > > + $Lang::tr{'country'} > > > > > + </th> > > > > > <th style='text-align:center' colspan='2'> > > > > > $Lang::tr{'dest ip and port'} > > > > > </th> > > > > > <th style='text-align:center'> > > > > > + $Lang::tr{'country'} > > > > > + </th> > > > > > + <th style='text-align:center'> > > > > > $Lang::tr{'download'} / > > > > > <br>$Lang::tr{'upload'} > > > > > </th> > > > > > @@ -540,6 +550,16 @@ foreach my $line (@conntrack) { > > > > > my $bytes_in = format_bytes($bytes[0]); > > > > > my $bytes_out = format_bytes($bytes[1]); > > > > > > > > > > + my $gi1 = Geo::IP::PurePerl->new(); > > > > > + my $ccode1 = $gi1->country_code_by_name($sip_ret); > > > > > + my $fcode1 = lc($ccode1); > > > > > + my $flag_icon1 = &GeoIP::get_flag_icon($fcode1); > > > > > + > > > > > + my $gi2 = Geo::IP::PurePerl->new(); > > > > > + my $ccode2 = $gi2->country_code_by_name($dip_ret); > > > > > + my $fcode2 = lc($ccode2); > > > > > + my $flag_icon2 = &GeoIP::get_flag_icon($fcode2); > > > > > + > > > > > # Format TTL > > > > > $ttl = format_time($ttl); > > > > > > > > > > @@ -601,6 +621,9 @@ foreach my $line (@conntrack) { > > > > > </a> > > > > > $sport_extra > > > > > </td> > > > > > + <td style='text-align:center; background-color:$sip_colour;'> > > > > > + <a href='country.cgi#$fcode1'><img src='$flag_icon1' border='0' align='absmiddle' title='$ccode1'></a> > > > > > + </td> > > > > > <td style='text-align:center; background-color:$dip_colour;'> > > > > > <a href='/cgi-bin/ipinfo.cgi?ip=$dip'> > > > > > <span style='color:#FFFFFF;'>$dip</span> > > > > > @@ -613,6 +636,9 @@ foreach my $line (@conntrack) { > > > > > </a> > > > > > $dport_extra > > > > > </td> > > > > > + <td style='text-align:center; background-color:$dip_colour;'> > > > > > + <a href='country.cgi#$fcode2'><img src='$flag_icon2' border='0' align='absmiddle' title='$ccode2'></a> > > > > > + </td> > > > > > <td style='text-align:center'> > > > > > $bytes_in / $bytes_out > > > > > </td> > > > > > > > > [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2017-11-12 12:27 UTC | newest] Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2017-11-07 19:42 [PATCH] display GeoIP information on active network connections in WebUI Peter Müller 2017-11-07 23:07 ` Michael Tremer 2017-11-08 21:52 ` Peter Müller 2017-11-09 22:32 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Michael Tremer 2017-11-09 22:32 ` [PATCH 2/2] GeoIP: Add lookup function for convenience Michael Tremer 2017-11-12 12:27 ` Peter Müller 2017-11-12 12:27 ` [PATCH 1/2] geoip-functions.pl: Fix typos and formatting Peter Müller 2017-11-09 22:34 ` [PATCH] display GeoIP information on active network connections in WebUI Michael Tremer 2017-11-11 20:30 ` Peter Müller 2017-11-12 12:23 ` Michael Tremer
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox