From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Fischer To: development@lists.ipfire.org Subject: Re: AW: Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI Date: Fri, 22 Jan 2016 22:00:20 +0100 Message-ID: <56A29864.90602@ipfire.org> In-Reply-To: <0x3xhxmi44x6md2tsvl7fplt.1453449925919@email.android.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1688276723976327852==" List-Id: --===============1688276723976327852== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On 22.01.2016 19:00, Michael Eitelwein wrote: >=20 > =20 >=20 > Hi > The patch itself is working on my machine without issues. If Matthias did n= ot observe any issues as well, than I would propose to merge it into the next= release. Please let me know if there is anything I have to do to get them me= rged. > The problems of applying the patch were not further examined, as Matthias w= as able to apply them in the end. Also they are now available in git.ipfire.o= rg, so they can be applied directly from there. > Michael Hi, I just clicked through all '.dat'-files: I saw no problems. Playing chicken: did anyone *else* test this? ;-) Best, Matthias P.S.: ME, while replying to "ALL", there is something weird with your email-address: it just says "michael", not "michael(a)eitelwein.net". I had to add your address manually from my addressbook. Bug or feature- mine or yours? > -------- Urspr=C3=BCngliche Nachricht -------- > Von: Michael Tremer =20 > Datum: 22.01.2016 01:59 (GMT+01:00)=20 > An: Michael Eitelwein , IPFire Development List =20 > Cc: Matthias Fischer =20 > Betreff: Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall= log pages of web UI=20 >=20 > Hi, >=20 > did you work out what the issue was with these emails? >=20 > Best, > -Michael >=20 > On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein wrote: >> 3 main changes: >> - Fill $iface and $out from PHYSIN and PHYSOUT when looking at >> bridged packets, othewerwise fill from IN and OUT >> - Recognize ipv4 and ipv6 address style for $srcaddr and $dstaddr >> - Match color coding of tables to pie charts >>=20 >> I am using the bridged ipv6 setup as proposed in the wiki. I do not >> think this breaks anything when not using ipv6. So it would be nice >> to include this even if ipv6 is not officially supported yet. It is >> quite useful when using the ipv6 setup. >>=20 >> Signed-off-by: Michael Eitelwein >>=20 >> --- >> html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++-- >> html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43 ++++++++----- >> html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++--- >> html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++-- >> html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81 >> +++++++++++++++++------- >> html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++---- >> html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++-- >> 7 files changed, 131 insertions(+), 75 deletions(-) >>=20 >> diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi >> -bin/logs.cgi/firewalllog.dat >> index 5a584d6..42c9612 100644 >> --- a/html/cgi-bin/logs.cgi/firewalllog.dat >> +++ b/html/cgi-bin/logs.cgi/firewalllog.dat >> @@ -328,7 +328,10 @@ END >> $lines =3D 0; >> foreach $_ (@log) >> { >> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >> + # If ipv6 uses a bridge, PHYSIN=3D contains the relevant iface >> information >> + # otherwise use IN=3D >> + if ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ >> kernel:(.*)(PHYSIN=3D.*)$/) {} >> + elsif ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ >> kernel:(.*)(IN=3D.*)$/) {} >> my $day =3D $1; >> $day =3D~ tr / /0/; >> my $time =3D $cgiparams{'DAY'} ? "$2" : "$day/$2" ; >> @@ -336,9 +339,12 @@ foreach $_ (@log) >> my $packet =3D $4; >>=20 >> my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, >> $dstport); >> - $iface=3D$1 if $packet =3D~ /IN=3D(\w+)/; >> - $srcaddr=3D$1 if $packet =3D~ /SRC=3D([\d\.]+)/; >> - $dstaddr=3D$1 if $packet =3D~ /DST=3D([\d\.]+)/; >> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface=3D$1 } elsif ($packet >> =3D~ /IN=3D(\w+)/) { $iface =3D $1} >> + # Identify whether ipv4 or ipv6. Both are mutally exclusive. >> + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { >> $srcaddr=3D$1 } >> + if ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >> -F]{0,4})){2,7})/) { $srcaddr=3D$1 } >> + if ($packet =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { >> $dstaddr=3D$1 } >> + if ($packet =3D~ /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >> -F]{0,4})){2,7})/) { $dstaddr=3D$1 } >> $macaddr=3D$1 if $packet =3D~ /MAC=3D([\w+\:]+)/; >> $proto=3D$1 if $packet =3D~ /PROTO=3D(\w+)/; >> $srcport=3D$1 if $packet =3D~ /SPT=3D(\d+)/; >> diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi >> -bin/logs.cgi/firewalllogcountry.dat >> index f998a62..2661ddd 100644 >> --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat >> +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat >> @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=3D >> 0){$pienumber=3D$cgiparams{'pienumber'};} >> if( $cgiparams{'otherspie'} !=3D >> 0){$otherspie=3D$cgiparams{'otherspie'};} >> if( $cgiparams{'showpie'} !=3D 0){$showpie=3D$cgiparams{'showpie'};} >> if( $cgiparams{'sortcolumn'} !=3D >> 0){$sortcolumn=3D$cgiparams{'sortcolumn'};} >> - >> print <> >> >> @@ -294,15 +293,24 @@ $lines =3D 0; >>=20 >> foreach $_ (@log) >> { >> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >> + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN >> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} >> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} >> my $packet =3D $4; >> - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ >> $iface=3D"";} >> - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; >> + my $iface =3D ''; >> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($packet =3D~ >> /IN=3D(\w+)/) { $iface =3D $1 } >> + if ( $1 =3D~ /2./ ) { $iface=3D''; } >> + my $srcaddr =3D ''; >> + # Find ipv4 and ipv6 addresses >> + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr >> =3D $1 } >> + elsif ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >> -F]{0,4})){2,7})/) { $srcaddr =3D $1 } >>=20 >> if($iface eq $red_interface) { >> + # Traffic from red >> if($srcaddr ne '') { >> + # srcaddr is set >> my $ccode =3D $gi->country_code_by_name($srcaddr); >> - if( $ccode eq '') { >> + if ($ccode eq '') { >> $ccode =3D 'unknown'; >> } >> $tabjc{$ccode} =3D $tabjc{$ccode} + 1 ; >> @@ -311,11 +319,16 @@ foreach $_ (@log) >> } >> } >> else { >> + # Traffic not from red >> if($iface ne '') { >> $tabjc{$iface} =3D $tabjc{$iface} + 1 ; >> if(($tabjc{$iface} =3D=3D 1) && ($lines < $pienumber)) { $lines >> =3D $lines + 1; } >> $linesjc++; >> } >> + else { >> + # What to do with empty iface lines? >> + # This probably is traffic from ipfire itself (IN=3D OUT=3DXY)? >> + } >> } >> } >>=20 >> @@ -423,7 +436,6 @@ if ($showpie !=3D 2 && $pienumber <=3D 50 && >> $pienumber !=3D 0) { >> print ""; >> print ""; >> } >> - >> print <> >> >> @@ -448,10 +460,8 @@ for($s=3D0;$s<$lines;$s++) >> $percent =3D $value[$s] * 100 / $linesjc; >> $percent =3D sprintf("%.f", $percent); >> $total =3D $total + $value[$s]; >> - my $colorIndex =3D $color % 10; >> - if($colorIndex =3D=3D 0) { >> - $colorIndex =3D 10; >> - } >> + # colors are numbered 1 to 10 >> + my $colorIndex =3D ($color % 10) + 1; >> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >> $color++; >> print ""; >> @@ -466,8 +476,11 @@ for($s=3D0;$s<$lines;$s++) >> print""; >> print""; >> } >> - >> - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq >> 'orange0') { >> + elsif ($key[$s] eq 'unknown') { >> + print "unknown"; >> + } >> + # Looks dangerous to use hardcoded interface names here. Probably >> needs fixing. >> + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq >> 'orange0' ) { >> print ""; >> } >> else { >> @@ -489,10 +502,8 @@ for($s=3D0;$s<$lines;$s++) >>=20 >> if($cgiparams{'otherspie'} =3D=3D 2 ){} >> else{ >> - my $colorIndex =3D $color % 10; >> - if($colorIndex =3D=3D 0) { >> - $colorIndex =3D 10; >> - } >> + # colors are numbered 1 to 10 >> + my $colorIndex =3D ($color % 10) + 1; >> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >> print ""; >>=20 >> diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi >> -bin/logs.cgi/firewalllogip.dat >> index 7d82d20..6fc3422 100644 >> --- a/html/cgi-bin/logs.cgi/firewalllogip.dat >> +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat >> @@ -291,7 +291,8 @@ if ($pienumber =3D=3D -1 || $pienumber > $lines || >> $sortcolumn =3D=3D 2) { $pienumber =3D >> $lines =3D 0; >> foreach $_ (@log) >> { >> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >> + # Extract ipv4 or ipv6 address >> + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ >> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >> $tabjc{$1} =3D $tabjc{$1} + 1 ; >> if(($tabjc{$1} =3D=3D 1) && ($lines < $pienumber)) { $lines =3D >> $lines + 1; } >> $linesjc++; >> @@ -428,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) >> $percent =3D $value[$s] * 100 / $linesjc; >> $percent =3D sprintf("%.f", $percent); >> $total =3D $total + $value[$s]; >> - my $colorIndex =3D $color % 10; >> - if($colorIndex =3D=3D 0) { >> - $colorIndex =3D 10; >> - } >> + # colors are numbered 1 to 10 >> + my $colorIndex =3D ($color % 10) + 1; >> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >> print ""; >>=20 >> @@ -459,10 +458,8 @@ for($s=3D0;$s<$lines;$s++) >>=20 >> if($cgiparams{'otherspie'} =3D=3D 2 ){} >> else{ >> - my $colorIndex =3D $color % 10; >> - if($colorIndex =3D=3D 0) { >> - $colorIndex =3D 10; >> - } >> + # colors are numbered 1 to 10 >> + my $colorIndex =3D ($color % 10) + 1; >> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >> print ""; >>=20 >> diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi >> -bin/logs.cgi/firewalllogport.dat >> index 5b0db62..583c1b3 100644 >> --- a/html/cgi-bin/logs.cgi/firewalllogport.dat >> +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat >> @@ -429,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) >> $percent =3D $value[$s] * 100 / $linesjc; >> $percent =3D sprintf("%.f", $percent); >> $total =3D $total + $value[$s]; >> - my $colorIndex =3D $color % 10; >> - if($colorIndex =3D=3D 0) { >> - $colorIndex =3D 10; >> - } >> + # colors are numbered 1 to 10 >> + my $colorIndex =3D ($color % 10) + 1; >> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >> print ""; >>=20 >> @@ -446,10 +444,8 @@ for($s=3D0;$s<$lines;$s++) >>=20 >> if($cgiparams{'otherspie'} =3D=3D 2 ){} >> else{ >> - my $colorIndex =3D $color % 10; >> - if($colorIndex =3D=3D 0) { >> - $colorIndex =3D 10; >> - } >> + # colors are numbered 1 to 10 >> + my $colorIndex =3D ($color % 10) + 1; >> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >> print ""; >>=20 >> diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >> b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >> index 5283c42..0784ab9 100644 >> --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >> +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >> @@ -158,23 +158,35 @@ if (!$skip) >> { >> while () >> { >> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(IN=3D.*)$/) { >> - my $packet =3D $2; >> - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ >> /2./ ){ $iface=3D"";} >> - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; >> + # First check whether valid log line (date, day) >> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(IN=3D.*)$/) { >> + # If ipv6 uses bridge, then use PHYSIN otherwise use IN >> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(PHYSIN=3D.*)$/) {} >> + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(IN=3D.*)$/) {} >> + my $packet =3D $2; >> + my $iface =3D ''; >> + my $srcaddr =3D ''; >> + # If ipv6 uses bridge, use PHYSIN otherwise IN >> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif >> ($packet =3D~ /IN=3D(\w+)/) { $iface =3D $1 } >> + # Extract ipv4 and ipv6 addresses >> + if (($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) >> or ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >> -F]{0,4})){2,7})/)) { >> + $srcaddr =3D $1 >> + }; >>=20 >> if($iface eq $country) { >> + # iface matches country code >> $log[$lines] =3D $_; >> $lines++; >> } >> elsif($srcaddr ne '') { >> + # or srcaddr matches country code >> my $ccode =3D $gi->country_code_by_name($srcaddr); >> if($ccode eq $country){ >> $log[$lines] =3D $_; >> $lines++; >> } >> } >> - } >> + } >> } >> close (FILE); >> } >> @@ -194,16 +206,28 @@ if ($multifile) { >> } >> if (!$skip) { >> while () { >> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(IN=3D.*)$/) { >> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >> - my $srcaddr=3D$1; >> - my $ccode =3D $gi->country_code_by_name($srcaddr); >> - if($ccode eq $country){ >> + # Check if valid log line (date, day) >> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(IN=3D.*)$/) { >> + my $iface =3D ''; >> + # If ipv6 uses bridge, then use PHYSIN otherwise >> IN >> + if ($_ =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif >> ($_ =3D~ /IN=3D(\w+)/) { $iface =3D $1 } >> + >> + if($iface eq $country) { >> + # iface matches country code >> + $log[$lines] =3D $_; >> + $lines++; >> + } >> + # extract ipv4 and ipv6 address >> + elsif (($_ =3D~ >> /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\=3D(([0-9a-fA >> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >> + my $srcaddr=3D$1; >> + my $ccode =3D $gi >> ->country_code_by_name($srcaddr); >> + if($ccode eq $country){ >> + # or srcaddr matches country code >> $log[$lines] =3D $_; >> $lines++; >> + } >> } >> - } >> - } >> + } >> } >> close (FILE); >> } >> @@ -308,32 +332,45 @@ $lines =3D 0; >> foreach $_ (@slice) >> { >> $a =3D $_; >> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >> + # If ipv6 uses bridge, use PHYSIN otherwise use IN >> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} >> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {}; >> my $packet =3D $4; >> - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ >> $iface=3D"";} >> - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; >> + my $iface =3D ''; >> + # If ipv6 uses bridge, use PHYSIN otherwise use IN >> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($packet =3D~ >> /IN=3D(\w+)/) { $iface =3D $1 } >> + if ( $1 =3D~ /2./ ){ $iface=3D"";} >> + my $srcaddr =3D ''; >> + # Extract ipv4 and ipv6 addresses >> + if (($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or >> ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) >> { >> + $srcaddr =3D $1 >> + }; >>=20 >> if($iface eq $country || $srcaddr ne '') { >> - my $ccode; >> + my $ccode=3D''; >> if($iface ne $country) { >> $ccode =3D $gi->country_code_by_name($srcaddr); >> } >> if($iface eq $country || $ccode eq $country) { >> - my $chain =3D ''; >> + my $chain =3D ''; >> my $in =3D '-'; my $out =3D '-'; >> my $srcaddr =3D ''; my $dstaddr =3D ''; >> my $protostr =3D ''; >> my $srcport =3D ''; my $dstport =3D ''; >>=20 >> - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >> + # If ipv6 uses bridge, the use PHYSIN otherwise use IN >> + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} >> + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} >> my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; >> $timestamp =3D~ /(...) (..) (..:..:..)/; >> my $month =3D $1; my $day =3D $2; my $time =3D $3; >>=20 >> - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } >> - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } >> - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } >> - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } >> + # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use >> IN and OUT >> + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($a =3D~ >> /IN=3D(\w+)/) { $iface =3D $1 } >> + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1 } elsif ($a =3D~ >> /OUT=3D(\w+)/) { $out =3D $1 } >> + # Extract ipv4 and ipv6 addresses >> + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D >> $1; } >> + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >> /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D >> $1; } >> if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } >> my $protostrlc =3D lc($protostr); >> if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } >> diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat b/html/cgi >> -bin/logs.cgi/showrequestfromip.dat >> index 09a60b5..94e795c 100644 >> --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat >> +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat >> @@ -155,7 +155,7 @@ if (!$skip) >> while () >> { >> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(IN=3D.*)$/) { >> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >> + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) >> or ($_ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >> if($1 eq $ip){ >> $log[$lines] =3D $_; >> $lines++; >> @@ -182,12 +182,12 @@ if ($multifile) { >> if (!$skip) { >> while () { >> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >> kernel:.*(IN=3D.*)$/) { >> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >> - if($1 eq $ip){ >> + if (($_ =3D~ >> /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\=3D(([0-9a-fA >> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >> + if($1 eq $ip){ >> $log[$lines] =3D $_; >> $lines++; >> - } >> - } >> + } >> + } >> } >> } >> close (FILE); >> @@ -293,7 +293,8 @@ $lines =3D 0; >> foreach $_ (@slice) >> { >> $a =3D $_; >> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >> + # Check whether valid ipv4 or ipv6 address >> + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ >> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >> if($1 eq $ip){ >> my $chain =3D ''; >> my $in =3D '-'; my $out =3D '-'; >> @@ -301,15 +302,19 @@ foreach $_ (@slice) >> my $protostr =3D ''; >> my $srcport =3D ''; my $dstport =3D ''; >>=20 >> - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN >> + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) >> {} >> + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) >> {} >> my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; >> $timestamp =3D~ /(...) (..) (..:..:..)/; >> my $month =3D $1; my $day =3D $2; my $time =3D $3; >>=20 >> - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } >> - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } >> - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } >> - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } >> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise >> use IN and OUT >> + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($a =3D~ >> /IN=3D(\w+)/) { $iface =3D $1 } >> + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1 } elsif ($a =3D~ >> /OUT=3D(\w+)/) { $out =3D $1 } >> + # Detect ipv4 and ipv6 addresses >> + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D >> $1; } >> + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >> /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D >> $1; } >> if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } >> my $protostrlc =3D lc($protostr); >> if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } >> diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat b/html/cgi >> -bin/logs.cgi/showrequestfromport.dat >> index ad9823c..af7779a 100644 >> --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat >> +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat >> @@ -307,15 +307,19 @@ foreach $_ (@slice) >> my $protostr =3D ''; >> my $srcport =3D ''; my $dstport =3D ''; >>=20 >> - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN >> + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} >> + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) >> {} >> my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; >> $timestamp =3D~ /(...) (..) (..:..:..)/; >> my $month =3D $1; my $day =3D $2; my $time =3D $3; my $iface; >>=20 >> - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } >> - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } >> - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } >> - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } >> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise >> use IN and OUT >> + if ($a =3D~ /PHYSIN\=3D(\w+)/) { $iface =3D $1; } elsif ($a =3D~ >> /IN\=3D(\w+)/) { $iface =3D $1; } >> + if ($a =3D~ /PHYSOUT\=3D(\w+)/) { $out =3D $1; } elsif ($a =3D~ >> /OUT\=3D(\w+)/) { $out =3D $1; } >> + # Detect ipv4 and ipv6 addresses >> + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr =3D >> $1; } >> + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >> /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr =3D >> $1; } >> if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } >> my $protostrlc =3D lc($protostr); >> if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } >=20 --===============1688276723976327852==--
$key[$s]