From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Eitelwein To: development@lists.ipfire.org Subject: [PATCH] Updated: Enable ipv6 addresses in Firewall logs Date: Thu, 07 Jan 2016 19:53:42 +0100 Message-ID: <568EB436.9080309@eitelwein.net> In-Reply-To: <568E5375.1040906@eitelwein.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8780719261622191792==" List-Id: --===============8780719261622191792== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Updated: Enable correct display of ipv6 entries in Firewall log pages of web = UI. 3 main changes: - Fill $iface and $out from PHYSIN and PHYSOUT when looking at bridged pack= ets, otherwise fill from IN and OUT - Recognize ipv4 and ipv6 address style for $srcaddr and $dstaddr - Match color coding of tables to pie charts (see seperate patch sent earli= er) I am using the bridged ipv6 setup as proposed in the wiki. I do not think thi= s breaks anything when not using ipv6. So it would be nice to include this ev= en if ipv6 is not officially supported yet. It is quite useful when using the= ipv6 setup. This is an updated version to my previous email (as a full diff to master). Signed-off-by: Michael Eitelwein --- diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/fi= rewalllog.dat index 5a584d6..df9b488 100644 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -328,17 +328,23 @@ END $lines =3D 0; foreach $_ (@log) { - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses a bridge, PHYSIN=3D contains the relevant iface informati= on + # otherwise use IN=3D + my $packet =3D ''; + if ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)(PHYSI= N=3D.*)$/) { $packet =3D $5; } + elsif ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/)= { $packet =3D $4; } my $day =3D $1; $day =3D~ tr / /0/; my $time =3D $cgiparams{'DAY'} ? "$2" : "$day/$2" ; - my $comment =3D $3; - my $packet =3D $4; + my $chain =3D $3; my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstpor= t); - $iface=3D$1 if $packet =3D~ /IN=3D(\w+)/; - $srcaddr=3D$1 if $packet =3D~ /SRC=3D([\d\.]+)/; - $dstaddr=3D$1 if $packet =3D~ /DST=3D([\d\.]+)/; + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface=3D$1; } elsif ($packet = =3D~ /IN=3D(\w+)/) { $iface =3D $1; } + # Identify whether ipv4 or ipv6. Both are mutally exclusive. + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcadd= r=3D$1; } + if ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{= 0,4})){2,7})/) { $srcaddr=3D$1; } + if ($packet =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { $dstadd= r=3D$1; } + if ($packet =3D~ /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{= 0,4})){2,7})/) { $dstaddr=3D$1; } $macaddr=3D$1 if $packet =3D~ /MAC=3D([\w+\:]+)/; $proto=3D$1 if $packet =3D~ /PROTO=3D(\w+)/; $srcport=3D$1 if $packet =3D~ /SPT=3D(\d+)/; @@ -366,7 +372,7 @@ foreach $_ (@log) print <$time - $comment + $chain $iface $proto $srcaddr
$dstaddr= diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs= .cgi/firewalllogcountry.dat index f998a62..087b844 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=3D 0){$pienumber=3D$cgipara= ms{'pienumber'};} if( $cgiparams{'otherspie'} !=3D 0){$otherspie=3D$cgiparams{'otherspie'};} if( $cgiparams{'showpie'} !=3D 0){$showpie=3D$cgiparams{'showpie'};} if( $cgiparams{'sortcolumn'} !=3D 0){$sortcolumn=3D$cgiparams{'sortcolumn'}= ;} - print < @@ -294,15 +293,24 @@ $lines =3D 0; foreach $_ (@log) { - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $packet =3D $4; - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ $ifa= ce=3D"";} - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; + my $iface =3D ''; + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1; } elsif ($packet =3D~ = /IN=3D(\w+)/) { $iface =3D $1; } + if ( $1 =3D~ /2./ ) { $iface=3D''; } + my $srcaddr =3D ''; + # Find ipv4 and ipv6 addresses + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr = =3D $1; } + elsif ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7}= )/) { $srcaddr =3D $1; } if($iface eq $red_interface) { + # Traffic from red if($srcaddr ne '') { + # srcaddr is set my $ccode =3D $gi->country_code_by_name($srcaddr); - if( $ccode eq '') { + if ($ccode eq '') { $ccode =3D 'unknown'; } $tabjc{$ccode} =3D $tabjc{$ccode} + 1 ; @@ -311,11 +319,16 @@ foreach $_ (@log) } } else { + # Traffic not from red if($iface ne '') { $tabjc{$iface} =3D $tabjc{$iface} + 1 ; if(($tabjc{$iface} =3D=3D 1) && ($lines < $pienumber)) { $lines =3D= $lines + 1; } $linesjc++; } + else { + # What to do with empty iface lines? + # This probably is traffic from ipfire itself (IN=3D OUT=3DXY)? + } } } @@ -423,7 +436,6 @@ if ($showpie !=3D 2 && $pienumber <=3D 50 && $pienumber != =3D 0) { print ""; print ""; } - print < @@ -448,10 +460,8 @@ for($s=3D0;$s<$lines;$s++) $percent =3D $value[$s] * 100 / $linesjc; $percent =3D sprintf("%.f", $percent); $total =3D $total + $value[$s]; - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; $color++; print ""; @@ -466,8 +476,11 @@ for($s=3D0;$s<$lines;$s++) print""; print""; } - - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') { + elsif ($key[$s] eq 'unknown') { + print "unknown"; + } + # Looks dangerous to use hardcoded interface names here. Probably needs fi= xing. + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0' )= { print "$key[$s]"; } else { @@ -489,10 +502,8 @@ for($s=3D0;$s<$lines;$s++) if($cgiparams{'otherspie'} =3D=3D 2 ){} else{ - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi-bin/logs.cgi/= firewalllogip.dat index 7d82d20..6fc3422 100644 --- a/html/cgi-bin/logs.cgi/firewalllogip.dat +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat @@ -291,7 +291,8 @@ if ($pienumber =3D=3D -1 || $pienumber > $lines || $sortc= olumn =3D=3D 2) { $pienumber =3D $lines =3D 0; foreach $_ (@log) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ + # Extract ipv4 or ipv6 address + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $tabjc{$1} =3D $tabjc{$1} + 1 ; if(($tabjc{$1} =3D=3D 1) && ($lines < $pienumber)) { $lines =3D $lines = + 1; } $linesjc++; @@ -428,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) $percent =3D $value[$s] * 100 / $linesjc; $percent =3D sprintf("%.f", $percent); $total =3D $total + $value[$s]; - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; @@ -459,10 +458,8 @@ for($s=3D0;$s<$lines;$s++) if($cgiparams{'otherspie'} =3D=3D 2 ){} else{ - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi-bin/logs.cg= i/firewalllogport.dat index 5b0db62..583c1b3 100644 --- a/html/cgi-bin/logs.cgi/firewalllogport.dat +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat @@ -429,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) $percent =3D $value[$s] * 100 / $linesjc; $percent =3D sprintf("%.f", $percent); $total =3D $total + $value[$s]; - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; @@ -446,10 +444,8 @@ for($s=3D0;$s<$lines;$s++) if($cgiparams{'otherspie'} =3D=3D 2 ){} else{ - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/= logs.cgi/showrequestfromcountry.dat index 5283c42..27e7697 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -158,23 +158,35 @@ if (!$skip) { while () { - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)$/= ) { - my $packet =3D $2; - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2= ./ ){ $iface=3D"";} - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; + # First check whether valid log line (date, day) + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)$= /) { + # If ipv6 uses bridge, then use PHYSIN otherwise use IN + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(PHYS= IN=3D.*)$/) {} + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN= =3D.*)$/) {} + my $packet =3D $2; + my $iface =3D ''; + my $srcaddr =3D ''; + # If ipv6 uses bridge, use PHYSIN otherwise IN + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1; } elsif ($pa= cket =3D~ /IN=3D(\w+)/) { $iface =3D $1; } + # Extract ipv4 and ipv6 addresses + if (($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or (= $packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + $srcaddr =3D $1; + }; if($iface eq $country) { + # iface matches country code $log[$lines] =3D $_; $lines++; } elsif($srcaddr ne '') { + # or srcaddr matches country code my $ccode =3D $gi->country_code_by_name($srcaddr); - if($ccode eq $country){ + if($ccode eq uc($country)){ $log[$lines] =3D $_; $lines++; } } - } + } } close (FILE); } @@ -194,16 +206,28 @@ if ($multifile) { } if (!$skip) { while () { - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.= *)$/) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ - my $srcaddr=3D$1; - my $ccode =3D $gi->country_code_by_name($srcaddr); - if($ccode eq $country){ + # Check if valid log line (date, day) + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)= $/) { + my $iface =3D ''; + # If ipv6 uses bridge, then use PHYSIN otherwise IN + if ($_ =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1; } elsif (= $_ =3D~ /IN=3D(\w+)/) { $iface =3D $1; } + + if($iface eq $country) { + # iface matches country code + $log[$lines] =3D $_; + $lines++; + } + # extract ipv4 and ipv6 address + elsif (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/= ) or ($_ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + my $srcaddr=3D$1; + my $ccode =3D $gi->country_code_by_name($srcaddr); + if($ccode eq uc($country)){ + # or srcaddr matches country code $log[$lines] =3D $_; $lines++; + } } - } - } + } } close (FILE); } @@ -308,32 +332,45 @@ $lines =3D 0; foreach $_ (@slice) { $a =3D $_; - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, use PHYSIN otherwise use IN + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {}; my $packet =3D $4; - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ $ifa= ce=3D"";} - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; + my $iface =3D ''; + # If ipv6 uses bridge, use PHYSIN otherwise use IN + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1; } elsif ($packet =3D~ = /IN=3D(\w+)/) { $iface =3D $1; } + if ( $1 =3D~ /2./ ){ $iface=3D""; } + my $srcaddr =3D ''; + # Extract ipv4 and ipv6 addresses + if (($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet = =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + $srcaddr =3D $1; + }; if($iface eq $country || $srcaddr ne '') { - my $ccode; + my $ccode=3D''; if($iface ne $country) { $ccode =3D $gi->country_code_by_name($srcaddr); } - if($iface eq $country || $ccode eq $country) { - my $chain =3D ''; + if($iface eq $country || $ccode eq uc($country)) { + my $chain =3D ''; my $in =3D '-'; my $out =3D '-'; my $srcaddr =3D ''; my $dstaddr =3D ''; my $protostr =3D ''; my $srcport =3D ''; my $dstport =3D ''; - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, the use PHYSIN otherwise use IN + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)(PHYSIN=3D.= *)$/) {} + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; $timestamp =3D~ /(...) (..) (..:..:..)/; my $month =3D $1; my $day =3D $2; my $time =3D $3; - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } + # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use IN and OUT + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1; } elsif ($a =3D~ /IN= =3D(\w+)/) { $iface =3D $1; } + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1; } elsif ($a =3D~ /OUT= =3D(\w+)/) { $out =3D $1; } + # Extract ipv4 and ipv6 addresses + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /SR= C\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D $1; } + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /DS= T\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D $1; } if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } my $protostrlc =3D lc($protostr); if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat b/html/cgi-bin/logs.= cgi/showrequestfromip.dat index 09a60b5..d7d1ace 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat @@ -155,7 +155,7 @@ if (!$skip) while () { if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)$= /) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($= _ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { if($1 eq $ip){ $log[$lines] =3D $_; $lines++; @@ -182,12 +182,12 @@ if ($multifile) { if (!$skip) { while () { if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D= .*)$/) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ - if($1 eq $ip){ + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3= })/) or ($_ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + if($1 eq $ip){ $log[$lines] =3D $_; $lines++; - } - } + } + } } } close (FILE); @@ -293,7 +293,8 @@ $lines =3D 0; foreach $_ (@slice) { $a =3D $_; - if($_ =3D~ /SRC\=3D([\d\.]+)/){ + # Check whether valid ipv4 or ipv6 address + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { if($1 eq $ip){ my $chain =3D ''; my $in =3D '-'; my $out =3D '-'; @@ -301,15 +302,19 @@ foreach $_ (@slice) my $protostr =3D ''; my $srcport =3D ''; my $dstport =3D ''; - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)(PHYSIN= =3D.*)$/) {} + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; $timestamp =3D~ /(...) (..) (..:..:..)/; my $month =3D $1; my $day =3D $2; my $time =3D $3; - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN = and OUT + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1; } elsif ($a =3D~ /IN= =3D(\w+)/) { $iface =3D $1; } + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1; } elsif ($a =3D~ /OU= T=3D(\w+)/) { $out =3D $1; } + # Detect ipv4 and ipv6 addresses + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D $1; } + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /DST\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D $1; } if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } my $protostrlc =3D lc($protostr); if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat b/html/cgi-bin/log= s.cgi/showrequestfromport.dat index ad9823c..6f5f63b 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat @@ -307,15 +307,19 @@ foreach $_ (@slice) my $protostr =3D ''; my $srcport =3D ''; my $dstport =3D ''; - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)(PHYSIN=3D.*)= $/) {} + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; $timestamp =3D~ /(...) (..) (..:..:..)/; my $month =3D $1; my $day =3D $2; my $time =3D $3; my $iface; - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN = and OUT + if ($a =3D~ /PHYSIN\=3D(\w+)/) { $iface =3D $1; } elsif ($a =3D~ /IN\= =3D(\w+)/) { $iface =3D $1; } + if ($a =3D~ /PHYSOUT\=3D(\w+)/) { $out =3D $1; } elsif ($a =3D~ /O= UT\=3D(\w+)/) { $out =3D $1; } + # Detect ipv4 and ipv6 addresses + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D $1; } + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /DST\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D $1; } if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } my $protostrlc =3D lc($protostr); if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } --===============8780719261622191792==--