Thanks a lot. Moving on to firewall configuration for IPv6 on the web GUI - who would be the right person to talk to in order to understand the architecture and structure of the code? Or do I need to reverse engineer the existing? Does it make sense to add this to ipfire2 or should I focus on ipfire3? Best regards Michael Liebe Grüße, Michael > Am 23.01.2016 um 01:43 schrieb Michael Tremer : > > Hi, > > I merged these by pulling from your Git repository. > > Please fix this email issue. > >> On Fri, 2016-01-22 at 22:00 +0100, Matthias Fischer wrote: >>> On 22.01.2016 19:00, Michael Eitelwein wrote: >>> >>> >>> >>> Hi >>> The patch itself is working on my machine without issues. If >>> Matthias did not observe any issues as well, than I would propose >>> to merge it into the next release. Please let me know if there is >>> anything I have to do to get them merged. >>> The problems of applying the patch were not further examined, as >>> Matthias was able to apply them in the end. Also they are now >>> available in git.ipfire.org, so they can be applied directly from >>> there. >>> Michael >> >> Hi, >> >> I just clicked through all '.dat'-files: I saw no problems. >> >> Playing chicken: did anyone *else* test this? ;-) > > I guess the answer is the usual one. > >> Best, >> Matthias >> >> P.S.: ME, while replying to "ALL", there is something weird with your >> email-address: it just says "michael", not "michael(a)eitelwein.net". I >> had to add your address manually from my addressbook. Bug or feature- >> mine or yours? > > Yeah that is a misconfiguration in the email client. > >> >>> -------- Ursprüngliche Nachricht -------- >>> Von: Michael Tremer >>> Datum: 22.01.2016 01:59 (GMT+01:00) >>> An: Michael Eitelwein , IPFire Development >>> List >>> Cc: Matthias Fischer >>> Betreff: Re: [PATCH 1/5] Enable correct display of ipv6 entries in >>> Firewall log pages of web UI >>> >>> Hi, >>> >>> did you work out what the issue was with these emails? >>> >>> Best, >>> -Michael >>> >>>> On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein wrote: >>>> 3 main changes: >>>> - Fill $iface and $out from PHYSIN and PHYSOUT when looking at >>>> bridged packets, othewerwise fill from IN and OUT >>>> - Recognize ipv4 and ipv6 address style for $srcaddr and >>>> $dstaddr >>>> - Match color coding of tables to pie charts >>>> >>>> I am using the bridged ipv6 setup as proposed in the wiki. I do >>>> not >>>> think this breaks anything when not using ipv6. So it would be >>>> nice >>>> to include this even if ipv6 is not officially supported yet. It >>>> is >>>> quite useful when using the ipv6 setup. >>>> >>>> Signed-off-by: Michael Eitelwein >>>> >>>> --- >>>> html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++-- >>>> html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43 ++++++++- >>>> ---- >>>> html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++--- >>>> html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++-- >>>> html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81 >>>> +++++++++++++++++------- >>>> html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++---- >>>> html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++-- >>>> 7 files changed, 131 insertions(+), 75 deletions(-) >>>> >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi >>>> -bin/logs.cgi/firewalllog.dat >>>> index 5a584d6..42c9612 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllog.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllog.dat >>>> @@ -328,7 +328,10 @@ END >>>> $lines = 0; >>>> foreach $_ (@log) >>>> { >>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; >>>> + # If ipv6 uses a bridge, PHYSIN= contains the relevant iface >>>> information >>>> + # otherwise use IN= >>>> + if ($_ =~ /^... (..) (..:..:..) [\w\-]+ >>>> kernel:(.*)(PHYSIN=.*)$/) {} >>>> + elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+ >>>> kernel:(.*)(IN=.*)$/) {} >>>> my $day = $1; >>>> $day =~ tr / /0/; >>>> my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ; >>>> @@ -336,9 +339,12 @@ foreach $_ (@log) >>>> my $packet = $4; >>>> >>>> my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, >>>> $srcport, >>>> $dstport); >>>> - $iface=$1 if $packet =~ /IN=(\w+)/; >>>> - $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/; >>>> - $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/; >>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif >>>> ($packet >>>> =~ /IN=(\w+)/) { $iface = $1} >>>> + # Identify whether ipv4 or ipv6. Both are mutally >>>> exclusive. >>>> + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { >>>> $srcaddr=$1 } >>>> + if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0 >>>> -9a-fA >>>> -F]{0,4})){2,7})/) { $srcaddr=$1 } >>>> + if ($packet =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { >>>> $dstaddr=$1 } >>>> + if ($packet =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0 >>>> -9a-fA >>>> -F]{0,4})){2,7})/) { $dstaddr=$1 } >>>> $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/; >>>> $proto=$1 if $packet =~ /PROTO=(\w+)/; >>>> $srcport=$1 if $packet =~ /SPT=(\d+)/; >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat >>>> b/html/cgi >>>> -bin/logs.cgi/firewalllogcountry.dat >>>> index f998a62..2661ddd 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat >>>> @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} != >>>> 0){$pienumber=$cgiparams{'pienumber'};} >>>> if( $cgiparams{'otherspie'} != >>>> 0){$otherspie=$cgiparams{'otherspie'};} >>>> if( $cgiparams{'showpie'} != >>>> 0){$showpie=$cgiparams{'showpie'};} >>>> if( $cgiparams{'sortcolumn'} != >>>> 0){$sortcolumn=$cgiparams{'sortcolumn'};} >>>> - >>>> print <>>> >>>> >>>> @@ -294,15 +293,24 @@ $lines = 0; >>>> >>>> foreach $_ (@log) >>>> { >>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; >>>> + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN >>>> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {} >>>> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {} >>>> my $packet = $4; >>>> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ >>>> $iface="";} >>>> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; >>>> + my $iface = ''; >>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet >>>> =~ >>>> /IN=(\w+)/) { $iface = $1 } >>>> + if ( $1 =~ /2./ ) { $iface=''; } >>>> + my $srcaddr = ''; >>>> + # Find ipv4 and ipv6 addresses >>>> + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { >>>> $srcaddr >>>> = $1 } >>>> + elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/) { $srcaddr = $1 } >>>> >>>> if($iface eq $red_interface) { >>>> + # Traffic from red >>>> if($srcaddr ne '') { >>>> + # srcaddr is set >>>> my $ccode = $gi->country_code_by_name($srcaddr); >>>> - if( $ccode eq '') { >>>> + if ($ccode eq '') { >>>> $ccode = 'unknown'; >>>> } >>>> $tabjc{$ccode} = $tabjc{$ccode} + 1 ; >>>> @@ -311,11 +319,16 @@ foreach $_ (@log) >>>> } >>>> } >>>> else { >>>> + # Traffic not from red >>>> if($iface ne '') { >>>> $tabjc{$iface} = $tabjc{$iface} + 1 ; >>>> if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { >>>> $lines >>>> = $lines + 1; } >>>> $linesjc++; >>>> } >>>> + else { >>>> + # What to do with empty iface lines? >>>> + # This probably is traffic from ipfire itself (IN= >>>> OUT=XY)? >>>> + } >>>> } >>>> } >>>> >>>> @@ -423,7 +436,6 @@ if ($showpie != 2 && $pienumber <= 50 && >>>> $pienumber != 0) { >>>> print ""; >>>> print ""; >>>> } >>>> - >>>> print <>>> >>>> >>>> @@ -448,10 +460,8 @@ for($s=0;$s<$lines;$s++) >>>> $percent = $value[$s] * 100 / $linesjc; >>>> $percent = sprintf("%.f", $percent); >>>> $total = $total + $value[$s]; >>>> - my $colorIndex = $color % 10; >>>> - if($colorIndex == 0) { >>>> - $colorIndex = 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex = ($color % 10) + 1; >>>> $col="bgcolor='$color{\"color$colorIndex\"}'"; >>>> $color++; >>>> print ""; >>>> @@ -466,8 +476,11 @@ for($s=0;$s<$lines;$s++) >>>> print">>> value='$key[$s]'>"; >>>> print""; >>>> } >>>> - >>>> - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq >>>> 'orange0') { >>>> + elsif ($key[$s] eq 'unknown') { >>>> + print "unknown"; >>>> + } >>>> + # Looks dangerous to use hardcoded interface names here. >>>> Probably >>>> needs fixing. >>>> + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq >>>> 'orange0' ) { >>>> print ""; >>>> } >>>> else { >>>> @@ -489,10 +502,8 @@ for($s=0;$s<$lines;$s++) >>>> >>>> if($cgiparams{'otherspie'} == 2 ){} >>>> else{ >>>> - my $colorIndex = $color % 10; >>>> - if($colorIndex == 0) { >>>> - $colorIndex = 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex = ($color % 10) + 1; >>>> $col="bgcolor='$color{\"color$colorIndex\"}'"; >>>> print ""; >>>> >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi >>>> -bin/logs.cgi/firewalllogip.dat >>>> index 7d82d20..6fc3422 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllogip.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat >>>> @@ -291,7 +291,8 @@ if ($pienumber == -1 || $pienumber > $lines >>>> || >>>> $sortcolumn == 2) { $pienumber = >>>> $lines = 0; >>>> foreach $_ (@log) >>>> { >>>> - if($_ =~ /SRC\=([\d\.]+)/){ >>>> + # Extract ipv4 or ipv6 address >>>> + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ >>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $tabjc{$1} = $tabjc{$1} + 1 ; >>>> if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines = >>>> $lines + 1; } >>>> $linesjc++; >>>> @@ -428,10 +429,8 @@ for($s=0;$s<$lines;$s++) >>>> $percent = $value[$s] * 100 / $linesjc; >>>> $percent = sprintf("%.f", $percent); >>>> $total = $total + $value[$s]; >>>> - my $colorIndex = $color % 10; >>>> - if($colorIndex == 0) { >>>> - $colorIndex = 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex = ($color % 10) + 1; >>>> $col="bgcolor='$color{\"color$colorIndex\"}'"; >>>> print ""; >>>> >>>> @@ -459,10 +458,8 @@ for($s=0;$s<$lines;$s++) >>>> >>>> if($cgiparams{'otherspie'} == 2 ){} >>>> else{ >>>> - my $colorIndex = $color % 10; >>>> - if($colorIndex == 0) { >>>> - $colorIndex = 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex = ($color % 10) + 1; >>>> $col="bgcolor='$color{\"color$colorIndex\"}'"; >>>> print ""; >>>> >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi >>>> -bin/logs.cgi/firewalllogport.dat >>>> index 5b0db62..583c1b3 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllogport.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat >>>> @@ -429,10 +429,8 @@ for($s=0;$s<$lines;$s++) >>>> $percent = $value[$s] * 100 / $linesjc; >>>> $percent = sprintf("%.f", $percent); >>>> $total = $total + $value[$s]; >>>> - my $colorIndex = $color % 10; >>>> - if($colorIndex == 0) { >>>> - $colorIndex = 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex = ($color % 10) + 1; >>>> $col="bgcolor='$color{\"color$colorIndex\"}'"; >>>> print ""; >>>> >>>> @@ -446,10 +444,8 @@ for($s=0;$s<$lines;$s++) >>>> >>>> if($cgiparams{'otherspie'} == 2 ){} >>>> else{ >>>> - my $colorIndex = $color % 10; >>>> - if($colorIndex == 0) { >>>> - $colorIndex = 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex = ($color % 10) + 1; >>>> $col="bgcolor='$color{\"color$colorIndex\"}'"; >>>> print ""; >>>> >>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> index 5283c42..0784ab9 100644 >>>> --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> @@ -158,23 +158,35 @@ if (!$skip) >>>> { >>>> while () >>>> { >>>> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=.*)$/) { >>>> - my $packet = $2; >>>> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 >>>> =~ >>>> /2./ ){ $iface="";} >>>> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; >>>> + # First check whether valid log line (date, day) >>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=.*)$/) { >>>> + # If ipv6 uses bridge, then use PHYSIN otherwise use IN >>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(PHYSIN=.*)$/) {} >>>> + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=.*)$/) {} >>>> + my $packet = $2; >>>> + my $iface = ''; >>>> + my $srcaddr = ''; >>>> + # If ipv6 uses bridge, use PHYSIN otherwise IN >>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif >>>> ($packet =~ /IN=(\w+)/) { $iface = $1 } >>>> + # Extract ipv4 and ipv6 addresses >>>> + if (($packet =~ >>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) >>>> or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/)) { >>>> + $srcaddr = $1 >>>> + }; >>>> >>>> if($iface eq $country) { >>>> + # iface matches country code >>>> $log[$lines] = $_; >>>> $lines++; >>>> } >>>> elsif($srcaddr ne '') { >>>> + # or srcaddr matches country code >>>> my $ccode = $gi >>>> ->country_code_by_name($srcaddr); >>>> if($ccode eq $country){ >>>> $log[$lines] = $_; >>>> $lines++; >>>> } >>>> } >>>> - } >>>> + } >>>> } >>>> close (FILE); >>>> } >>>> @@ -194,16 +206,28 @@ if ($multifile) { >>>> } >>>> if (!$skip) { >>>> while () { >>>> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=.*)$/) { >>>> - if($_ =~ /SRC\=([\d\.]+)/){ >>>> - my $srcaddr=$1; >>>> - my $ccode = $gi >>>> ->country_code_by_name($srcaddr); >>>> - if($ccode eq $country){ >>>> + # Check if valid log line (date, day) >>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=.*)$/) { >>>> + my $iface = ''; >>>> + # If ipv6 uses bridge, then use PHYSIN >>>> otherwise >>>> IN >>>> + if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1 } >>>> elsif >>>> ($_ =~ /IN=(\w+)/) { $iface = $1 } >>>> + >>>> + if($iface eq $country) { >>>> + # iface matches country code >>>> + $log[$lines] = $_; >>>> + $lines++; >>>> + } >>>> + # extract ipv4 and ipv6 address >>>> + elsif (($_ =~ >>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a >>>> -fA >>>> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> + my $srcaddr=$1; >>>> + my $ccode = $gi >>>> ->country_code_by_name($srcaddr); >>>> + if($ccode eq $country){ >>>> + # or srcaddr matches country code >>>> $log[$lines] = $_; >>>> $lines++; >>>> + } >>>> } >>>> - } >>>> - } >>>> + } >>>> } >>>> close (FILE); >>>> } >>>> @@ -308,32 +332,45 @@ $lines = 0; >>>> foreach $_ (@slice) >>>> { >>>> $a = $_; >>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; >>>> + # If ipv6 uses bridge, use PHYSIN otherwise use IN >>>> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {} >>>> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}; >>>> my $packet = $4; >>>> - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ >>>> $iface="";} >>>> - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; >>>> + my $iface = ''; >>>> + # If ipv6 uses bridge, use PHYSIN otherwise use IN >>>> + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet >>>> =~ >>>> /IN=(\w+)/) { $iface = $1 } >>>> + if ( $1 =~ /2./ ){ $iface="";} >>>> + my $srcaddr = ''; >>>> + # Extract ipv4 and ipv6 addresses >>>> + if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or >>>> ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/)) >>>> { >>>> + $srcaddr = $1 >>>> + }; >>>> >>>> if($iface eq $country || $srcaddr ne '') { >>>> - my $ccode; >>>> + my $ccode=''; >>>> if($iface ne $country) { >>>> $ccode = $gi->country_code_by_name($srcaddr); >>>> } >>>> if($iface eq $country || $ccode eq $country) { >>>> - my $chain = ''; >>>> + my $chain = ''; >>>> my $in = '-'; my $out = '-'; >>>> my $srcaddr = ''; my $dstaddr = ''; >>>> my $protostr = ''; >>>> my $srcport = ''; my $dstport = ''; >>>> >>>> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; >>>> + # If ipv6 uses bridge, the use PHYSIN otherwise use IN >>>> + if ($_ =~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(PHYSIN=.*)$/) {} >>>> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) >>>> {} >>>> my $timestamp = $1; my $chain = $2; my $packet = $3; >>>> $timestamp =~ /(...) (..) (..:..:..)/; >>>> my $month = $1; my $day = $2; my $time = $3; >>>> >>>> - if ($a =~ /IN\=(\w+)/) { $iface = $1; } >>>> - if ($a =~ /OUT\=(\w+)/) { $out = $1; } >>>> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } >>>> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } >>>> + # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise >>>> use >>>> IN and OUT >>>> + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ >>>> /IN=(\w+)/) { $iface = $1 } >>>> + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ >>>> /OUT=(\w+)/) { $out = $1 } >>>> + # Extract ipv4 and ipv6 addresses >>>> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a >>>> =~ >>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $srcaddr = >>>> $1; } >>>> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a >>>> =~ >>>> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $dstaddr = >>>> $1; } >>>> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } >>>> my $protostrlc = lc($protostr); >>>> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } >>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat >>>> b/html/cgi >>>> -bin/logs.cgi/showrequestfromip.dat >>>> index 09a60b5..94e795c 100644 >>>> --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat >>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat >>>> @@ -155,7 +155,7 @@ if (!$skip) >>>> while () >>>> { >>>> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=.*)$/) { >>>> - if($_ =~ /SRC\=([\d\.]+)/){ >>>> + if (($_ =~ >>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) >>>> or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/)) { >>>> if($1 eq $ip){ >>>> $log[$lines] = $_; >>>> $lines++; >>>> @@ -182,12 +182,12 @@ if ($multifile) { >>>> if (!$skip) { >>>> while () { >>>> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=.*)$/) { >>>> - if($_ =~ /SRC\=([\d\.]+)/){ >>>> - if($1 eq $ip){ >>>> + if (($_ =~ >>>> /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a >>>> -fA >>>> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> + if($1 eq $ip){ >>>> $log[$lines] = $_; >>>> $lines++; >>>> - } >>>> - } >>>> + } >>>> + } >>>> } >>>> } >>>> close (FILE); >>>> @@ -293,7 +293,8 @@ $lines = 0; >>>> foreach $_ (@slice) >>>> { >>>> $a = $_; >>>> - if($_ =~ /SRC\=([\d\.]+)/){ >>>> + # Check whether valid ipv4 or ipv6 address >>>> + if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ >>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> if($1 eq $ip){ >>>> my $chain = ''; >>>> my $in = '-'; my $out = '-'; >>>> @@ -301,15 +302,19 @@ foreach $_ (@slice) >>>> my $protostr = ''; >>>> my $srcport = ''; my $dstport = ''; >>>> >>>> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; >>>> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN >>>> + if ($_ =~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(PHYSIN=.*)$/) >>>> {} >>>> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(IN=.*)$/) >>>> {} >>>> my $timestamp = $1; my $chain = $2; my $packet = $3; >>>> $timestamp =~ /(...) (..) (..:..:..)/; >>>> my $month = $1; my $day = $2; my $time = $3; >>>> >>>> - if ($a =~ /IN\=(\w+)/) { $iface = $1; } >>>> - if ($a =~ /OUT\=(\w+)/) { $out = $1; } >>>> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } >>>> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } >>>> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, >>>> otherwise >>>> use IN and OUT >>>> + if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ >>>> /IN=(\w+)/) { $iface = $1 } >>>> + if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ >>>> /OUT=(\w+)/) { $out = $1 } >>>> + # Detect ipv4 and ipv6 addresses >>>> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ >>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $srcaddr = >>>> $1; } >>>> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ >>>> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $dstaddr = >>>> $1; } >>>> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } >>>> my $protostrlc = lc($protostr); >>>> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } >>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat >>>> b/html/cgi >>>> -bin/logs.cgi/showrequestfromport.dat >>>> index ad9823c..af7779a 100644 >>>> --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat >>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat >>>> @@ -307,15 +307,19 @@ foreach $_ (@slice) >>>> my $protostr = ''; >>>> my $srcport = ''; my $dstport = ''; >>>> >>>> - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; >>>> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN >>>> + if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) >>>> {} >>>> + elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(IN=.*)$/) >>>> {} >>>> my $timestamp = $1; my $chain = $2; my $packet = $3; >>>> $timestamp =~ /(...) (..) (..:..:..)/; >>>> my $month = $1; my $day = $2; my $time = $3; my $iface; >>>> >>>> - if ($a =~ /IN\=(\w+)/) { $iface = $1; } >>>> - if ($a =~ /OUT\=(\w+)/) { $out = $1; } >>>> - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } >>>> - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } >>>> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, >>>> otherwise >>>> use IN and OUT >>>> + if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ >>>> /IN\=(\w+)/) { $iface = $1; } >>>> + if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ >>>> /OUT\=(\w+)/) { $out = $1; } >>>> + # Detect ipv4 and ipv6 addresses >>>> + if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ >>>> /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $srcaddr = >>>> $1; } >>>> + if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ >>>> /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $dstaddr = >>>> $1; } >>>> if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } >>>> my $protostrlc = lc($protostr); >>>> if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
$key[$s]