From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Eitelwein To: development@lists.ipfire.org Subject: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI Date: Sun, 10 Jan 2016 18:34:53 +0100 Message-ID: <5692963D.7020607@eitelwein.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7709924082331393689==" List-Id: --===============7709924082331393689== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable 3 main changes: - Fill $iface and $out from PHYSIN and PHYSOUT when looking at bridged pack= ets, othewerwise fill from IN and OUT - Recognize ipv4 and ipv6 address style for $srcaddr and $dstaddr - Match color coding of tables to pie charts I am using the bridged ipv6 setup as proposed in the wiki. I do not think thi= s breaks anything when not using ipv6. So it would be nice to include this ev= en if ipv6 is not officially supported yet. It is quite useful when using the= ipv6 setup. Signed-off-by: Michael Eitelwein --- html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++-- html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43 ++++++++----- html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++--- html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++-- html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81 +++++++++++++++++----= --- html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++---- html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++-- 7 files changed, 131 insertions(+), 75 deletions(-) diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/fi= rewalllog.dat index 5a584d6..42c9612 100644 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -328,7 +328,10 @@ END $lines =3D 0; foreach $_ (@log) { - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses a bridge, PHYSIN=3D contains the relevant iface informati= on + # otherwise use IN=3D + if ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/= ) {} + elsif ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/)= {} my $day =3D $1; $day =3D~ tr / /0/; my $time =3D $cgiparams{'DAY'} ? "$2" : "$day/$2" ; @@ -336,9 +339,12 @@ foreach $_ (@log) my $packet =3D $4; my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstpor= t); - $iface=3D$1 if $packet =3D~ /IN=3D(\w+)/; - $srcaddr=3D$1 if $packet =3D~ /SRC=3D([\d\.]+)/; - $dstaddr=3D$1 if $packet =3D~ /DST=3D([\d\.]+)/; + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface=3D$1 } elsif ($packet = =3D~ /IN=3D(\w+)/) { $iface =3D $1} + # Identify whether ipv4 or ipv6. Both are mutally exclusive. + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcadd= r=3D$1 } + if ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{= 0,4})){2,7})/) { $srcaddr=3D$1 } + if ($packet =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { $dstadd= r=3D$1 } + if ($packet =3D~ /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{= 0,4})){2,7})/) { $dstaddr=3D$1 } $macaddr=3D$1 if $packet =3D~ /MAC=3D([\w+\:]+)/; $proto=3D$1 if $packet =3D~ /PROTO=3D(\w+)/; $srcport=3D$1 if $packet =3D~ /SPT=3D(\d+)/; diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs= .cgi/firewalllogcountry.dat index f998a62..2661ddd 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=3D 0){$pienumber=3D$cgipara= ms{'pienumber'};} if( $cgiparams{'otherspie'} !=3D 0){$otherspie=3D$cgiparams{'otherspie'};} if( $cgiparams{'showpie'} !=3D 0){$showpie=3D$cgiparams{'showpie'};} if( $cgiparams{'sortcolumn'} !=3D 0){$sortcolumn=3D$cgiparams{'sortcolumn'}= ;} - print < @@ -294,15 +293,24 @@ $lines =3D 0; foreach $_ (@log) { - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $packet =3D $4; - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ $ifa= ce=3D"";} - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; + my $iface =3D ''; + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($packet =3D~ /= IN=3D(\w+)/) { $iface =3D $1 } + if ( $1 =3D~ /2./ ) { $iface=3D''; } + my $srcaddr =3D ''; + # Find ipv4 and ipv6 addresses + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr =3D = $1 } + elsif ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7}= )/) { $srcaddr =3D $1 } if($iface eq $red_interface) { + # Traffic from red if($srcaddr ne '') { + # srcaddr is set my $ccode =3D $gi->country_code_by_name($srcaddr); - if( $ccode eq '') { + if ($ccode eq '') { $ccode =3D 'unknown'; } $tabjc{$ccode} =3D $tabjc{$ccode} + 1 ; @@ -311,11 +319,16 @@ foreach $_ (@log) } } else { + # Traffic not from red if($iface ne '') { $tabjc{$iface} =3D $tabjc{$iface} + 1 ; if(($tabjc{$iface} =3D=3D 1) && ($lines < $pienumber)) { $lines =3D= $lines + 1; } $linesjc++; } + else { + # What to do with empty iface lines? + # This probably is traffic from ipfire itself (IN=3D OUT=3DXY)? + } } } @@ -423,7 +436,6 @@ if ($showpie !=3D 2 && $pienumber <=3D 50 && $pienumber != =3D 0) { print ""; print ""; } - print < @@ -448,10 +460,8 @@ for($s=3D0;$s<$lines;$s++) $percent =3D $value[$s] * 100 / $linesjc; $percent =3D sprintf("%.f", $percent); $total =3D $total + $value[$s]; - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; $color++; print ""; @@ -466,8 +476,11 @@ for($s=3D0;$s<$lines;$s++) print""; print""; } - - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') { + elsif ($key[$s] eq 'unknown') { + print "unknown"; + } + # Looks dangerous to use hardcoded interface names here. Probably needs fi= xing. + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0' )= { print "$key[$s]"; } else { @@ -489,10 +502,8 @@ for($s=3D0;$s<$lines;$s++) if($cgiparams{'otherspie'} =3D=3D 2 ){} else{ - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi-bin/logs.cgi/= firewalllogip.dat index 7d82d20..6fc3422 100644 --- a/html/cgi-bin/logs.cgi/firewalllogip.dat +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat @@ -291,7 +291,8 @@ if ($pienumber =3D=3D -1 || $pienumber > $lines || $sortc= olumn =3D=3D 2) { $pienumber =3D $lines =3D 0; foreach $_ (@log) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ + # Extract ipv4 or ipv6 address + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $tabjc{$1} =3D $tabjc{$1} + 1 ; if(($tabjc{$1} =3D=3D 1) && ($lines < $pienumber)) { $lines =3D $lines = + 1; } $linesjc++; @@ -428,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) $percent =3D $value[$s] * 100 / $linesjc; $percent =3D sprintf("%.f", $percent); $total =3D $total + $value[$s]; - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; @@ -459,10 +458,8 @@ for($s=3D0;$s<$lines;$s++) if($cgiparams{'otherspie'} =3D=3D 2 ){} else{ - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi-bin/logs.cg= i/firewalllogport.dat index 5b0db62..583c1b3 100644 --- a/html/cgi-bin/logs.cgi/firewalllogport.dat +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat @@ -429,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) $percent =3D $value[$s] * 100 / $linesjc; $percent =3D sprintf("%.f", $percent); $total =3D $total + $value[$s]; - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; @@ -446,10 +444,8 @@ for($s=3D0;$s<$lines;$s++) if($cgiparams{'otherspie'} =3D=3D 2 ){} else{ - my $colorIndex =3D $color % 10; - if($colorIndex =3D=3D 0) { - $colorIndex =3D 10; - } + # colors are numbered 1 to 10 + my $colorIndex =3D ($color % 10) + 1; $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; print ""; diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/= logs.cgi/showrequestfromcountry.dat index 5283c42..0784ab9 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -158,23 +158,35 @@ if (!$skip) { while () { - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)$/= ) { - my $packet =3D $2; - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2= ./ ){ $iface=3D"";} - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; + # First check whether valid log line (date, day) + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)$= /) { + # If ipv6 uses bridge, then use PHYSIN otherwise use IN + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(PHYSIN= =3D.*)$/) {} + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN= =3D.*)$/) {} + my $packet =3D $2; + my $iface =3D ''; + my $srcaddr =3D ''; + # If ipv6 uses bridge, use PHYSIN otherwise IN + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($pac= ket =3D~ /IN=3D(\w+)/) { $iface =3D $1 } + # Extract ipv4 and ipv6 addresses + if (($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or (= $packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + $srcaddr =3D $1 + }; if($iface eq $country) { + # iface matches country code $log[$lines] =3D $_; $lines++; } elsif($srcaddr ne '') { + # or srcaddr matches country code my $ccode =3D $gi->country_code_by_name($srcaddr); if($ccode eq $country){ $log[$lines] =3D $_; $lines++; } } - } + } } close (FILE); } @@ -194,16 +206,28 @@ if ($multifile) { } if (!$skip) { while () { - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.= *)$/) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ - my $srcaddr=3D$1; - my $ccode =3D $gi->country_code_by_name($srcaddr); - if($ccode eq $country){ + # Check if valid log line (date, day) + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)= $/) { + my $iface =3D ''; + # If ipv6 uses bridge, then use PHYSIN otherwise IN + if ($_ =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($= _ =3D~ /IN=3D(\w+)/) { $iface =3D $1 } + + if($iface eq $country) { + # iface matches country code + $log[$lines] =3D $_; + $lines++; + } + # extract ipv4 and ipv6 address + elsif (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/= ) or ($_ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + my $srcaddr=3D$1; + my $ccode =3D $gi->country_code_by_name($srcaddr); + if($ccode eq $country){ + # or srcaddr matches country code $log[$lines] =3D $_; $lines++; + } } - } - } + } } close (FILE); } @@ -308,32 +332,45 @@ $lines =3D 0; foreach $_ (@slice) { $a =3D $_; - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, use PHYSIN otherwise use IN + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {}; my $packet =3D $4; - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ $ifa= ce=3D"";} - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; + my $iface =3D ''; + # If ipv6 uses bridge, use PHYSIN otherwise use IN + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($packet =3D~ /= IN=3D(\w+)/) { $iface =3D $1 } + if ( $1 =3D~ /2./ ){ $iface=3D"";} + my $srcaddr =3D ''; + # Extract ipv4 and ipv6 addresses + if (($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet = =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + $srcaddr =3D $1 + }; if($iface eq $country || $srcaddr ne '') { - my $ccode; + my $ccode=3D''; if($iface ne $country) { $ccode =3D $gi->country_code_by_name($srcaddr); } if($iface eq $country || $ccode eq $country) { - my $chain =3D ''; + my $chain =3D ''; my $in =3D '-'; my $out =3D '-'; my $srcaddr =3D ''; my $dstaddr =3D ''; my $protostr =3D ''; my $srcport =3D ''; my $dstport =3D ''; - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, the use PHYSIN otherwise use IN + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; $timestamp =3D~ /(...) (..) (..:..:..)/; my $month =3D $1; my $day =3D $2; my $time =3D $3; - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } + # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use IN and OUT + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($a =3D~ /IN=3D(= \w+)/) { $iface =3D $1 } + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1 } elsif ($a =3D~ /OUT=3D(= \w+)/) { $out =3D $1 } + # Extract ipv4 and ipv6 addresses + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /SR= C\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D $1; } + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /DS= T\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D $1; } if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } my $protostrlc =3D lc($protostr); if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat b/html/cgi-bin/logs.= cgi/showrequestfromip.dat index 09a60b5..94e795c 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat @@ -155,7 +155,7 @@ if (!$skip) while () { if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D.*)$= /) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($= _ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { if($1 eq $ip){ $log[$lines] =3D $_; $lines++; @@ -182,12 +182,12 @@ if ($multifile) { if (!$skip) { while () { if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=3D= .*)$/) { - if($_ =3D~ /SRC\=3D([\d\.]+)/){ - if($1 eq $ip){ + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3= })/) or ($_ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { + if($1 eq $ip){ $log[$lines] =3D $_; $lines++; - } - } + } + } } } close (FILE); @@ -293,7 +293,8 @@ $lines =3D 0; foreach $_ (@slice) { $a =3D $_; - if($_ =3D~ /SRC\=3D([\d\.]+)/){ + # Check whether valid ipv4 or ipv6 address + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { if($1 eq $ip){ my $chain =3D ''; my $in =3D '-'; my $out =3D '-'; @@ -301,15 +302,19 @@ foreach $_ (@slice) my $protostr =3D ''; my $srcport =3D ''; my $dstport =3D ''; - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; $timestamp =3D~ /(...) (..) (..:..:..)/; my $month =3D $1; my $day =3D $2; my $time =3D $3; - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN = and OUT + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($a =3D~ /IN= =3D(\w+)/) { $iface =3D $1 } + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1 } elsif ($a =3D~ /OUT= =3D(\w+)/) { $out =3D $1 } + # Detect ipv4 and ipv6 addresses + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D $1; } + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /DST\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D $1; } if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } my $protostrlc =3D lc($protostr); if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat b/html/cgi-bin/log= s.cgi/showrequestfromport.dat index ad9823c..af7779a 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat @@ -307,15 +307,19 @@ foreach $_ (@slice) my $protostr =3D ''; my $srcport =3D ''; my $dstport =3D ''; - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; $timestamp =3D~ /(...) (..) (..:..:..)/; my $month =3D $1; my $day =3D $2; my $time =3D $3; my $iface; - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN = and OUT + if ($a =3D~ /PHYSIN\=3D(\w+)/) { $iface =3D $1; } elsif ($a =3D~ /IN\=3D= (\w+)/) { $iface =3D $1; } + if ($a =3D~ /PHYSOUT\=3D(\w+)/) { $out =3D $1; } elsif ($a =3D~ /OUT= \=3D(\w+)/) { $out =3D $1; } + # Detect ipv4 and ipv6 addresses + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /SRC\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D $1; } + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ /DST\= =3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D $1; } if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } my $protostrlc =3D lc($protostr); if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } --=20 1.9.1 --===============7709924082331393689==--