From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Eitelwein To: development@lists.ipfire.org Subject: Re: AW: Re: [PATCH 1/5] Enable correct display of ipv6 entries in Firewall log pages of web UI Date: Sat, 23 Jan 2016 11:50:41 +0100 Message-ID: In-Reply-To: <1453509785.585.68.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7823879588016397368==" List-Id: --===============7823879588016397368== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Thanks a lot.=20 Moving on to firewall configuration for IPv6 on the web GUI - who would be th= e right person to talk to in order to understand the architecture and structu= re of the code? Or do I need to reverse engineer the existing? Does it make sense to add this to ipfire2 or should I focus on ipfire3? Best regards Michael Liebe Gr=C3=BC=C3=9Fe, Michael > Am 23.01.2016 um 01:43 schrieb Michael Tremer : >=20 > Hi, >=20 > I merged these by pulling from your Git repository. >=20 > Please fix this email issue. >=20 >> On Fri, 2016-01-22 at 22:00 +0100, Matthias Fischer wrote: >>> On 22.01.2016 19:00, Michael Eitelwein wrote: >>>=20 >>>=20 >>>=20 >>> Hi >>> The patch itself is working on my machine without issues. If >>> Matthias did not observe any issues as well, than I would propose >>> to merge it into the next release. Please let me know if there is >>> anything I have to do to get them merged. >>> The problems of applying the patch were not further examined, as >>> Matthias was able to apply them in the end. Also they are now >>> available in git.ipfire.org, so they can be applied directly from >>> there. >>> Michael >>=20 >> Hi, >>=20 >> I just clicked through all '.dat'-files: I saw no problems. >>=20 >> Playing chicken: did anyone *else* test this? ;-) >=20 > I guess the answer is the usual one. >=20 >> Best, >> Matthias >>=20 >> P.S.: ME, while replying to "ALL", there is something weird with your >> email-address: it just says "michael", not "michael(a)eitelwein.net". I >> had to add your address manually from my addressbook. Bug or feature- >> mine or yours? >=20 > Yeah that is a misconfiguration in the email client. >=20 >>=20 >>> -------- Urspr=C3=BCngliche Nachricht -------- >>> Von: Michael Tremer =20 >>> Datum: 22.01.2016 01:59 (GMT+01:00)=20 >>> An: Michael Eitelwein , IPFire Development >>> List =20 >>> Cc: Matthias Fischer =20 >>> Betreff: Re: [PATCH 1/5] Enable correct display of ipv6 entries in >>> Firewall log pages of web UI=20 >>>=20 >>> Hi, >>>=20 >>> did you work out what the issue was with these emails? >>>=20 >>> Best, >>> -Michael >>>=20 >>>> On Sun, 2016-01-10 at 18:34 +0100, Michael Eitelwein wrote: >>>> 3 main changes: >>>> - Fill $iface and $out from PHYSIN and PHYSOUT when looking at >>>> bridged packets, othewerwise fill from IN and OUT >>>> - Recognize ipv4 and ipv6 address style for $srcaddr and >>>> $dstaddr >>>> - Match color coding of tables to pie charts >>>>=20 >>>> I am using the bridged ipv6 setup as proposed in the wiki. I do >>>> not >>>> think this breaks anything when not using ipv6. So it would be >>>> nice >>>> to include this even if ipv6 is not officially supported yet. It >>>> is >>>> quite useful when using the ipv6 setup. >>>>=20 >>>> Signed-off-by: Michael Eitelwein >>>>=20 >>>> --- >>>> html/cgi-bin/logs.cgi/firewalllog.dat | 14 ++-- >>>> html/cgi-bin/logs.cgi/firewalllogcountry.dat | 43 ++++++++- >>>> ---- >>>> html/cgi-bin/logs.cgi/firewalllogip.dat | 15 ++--- >>>> html/cgi-bin/logs.cgi/firewalllogport.dat | 12 ++-- >>>> html/cgi-bin/logs.cgi/showrequestfromcountry.dat | 81 >>>> +++++++++++++++++------- >>>> html/cgi-bin/logs.cgi/showrequestfromip.dat | 27 ++++---- >>>> html/cgi-bin/logs.cgi/showrequestfromport.dat | 14 ++-- >>>> 7 files changed, 131 insertions(+), 75 deletions(-) >>>>=20 >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi >>>> -bin/logs.cgi/firewalllog.dat >>>> index 5a584d6..42c9612 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllog.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllog.dat >>>> @@ -328,7 +328,10 @@ END >>>> $lines =3D 0; >>>> foreach $_ (@log) >>>> { >>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >>>> + # If ipv6 uses a bridge, PHYSIN=3D contains the relevant iface >>>> information >>>> + # otherwise use IN=3D >>>> + if ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ >>>> kernel:(.*)(PHYSIN=3D.*)$/) {} >>>> + elsif ($_ =3D~ /^... (..) (..:..:..) [\w\-]+ >>>> kernel:(.*)(IN=3D.*)$/) {} >>>> my $day =3D $1; >>>> $day =3D~ tr / /0/; >>>> my $time =3D $cgiparams{'DAY'} ? "$2" : "$day/$2" ; >>>> @@ -336,9 +339,12 @@ foreach $_ (@log) >>>> my $packet =3D $4; >>>>=20 >>>> my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, >>>> $srcport, >>>> $dstport); >>>> - $iface=3D$1 if $packet =3D~ /IN=3D(\w+)/; >>>> - $srcaddr=3D$1 if $packet =3D~ /SRC=3D([\d\.]+)/; >>>> - $dstaddr=3D$1 if $packet =3D~ /DST=3D([\d\.]+)/; >>>> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface=3D$1 } elsif >>>> ($packet >>>> =3D~ /IN=3D(\w+)/) { $iface =3D $1} >>>> + # Identify whether ipv4 or ipv6. Both are mutally >>>> exclusive. >>>> + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { >>>> $srcaddr=3D$1 } >>>> + if ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0 >>>> -9a-fA >>>> -F]{0,4})){2,7})/) { $srcaddr=3D$1 } >>>> + if ($packet =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { >>>> $dstaddr=3D$1 } >>>> + if ($packet =3D~ /DST\=3D(([0-9a-fA-F]{0,4})(\:([0 >>>> -9a-fA >>>> -F]{0,4})){2,7})/) { $dstaddr=3D$1 } >>>> $macaddr=3D$1 if $packet =3D~ /MAC=3D([\w+\:]+)/; >>>> $proto=3D$1 if $packet =3D~ /PROTO=3D(\w+)/; >>>> $srcport=3D$1 if $packet =3D~ /SPT=3D(\d+)/; >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat >>>> b/html/cgi >>>> -bin/logs.cgi/firewalllogcountry.dat >>>> index f998a62..2661ddd 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat >>>> @@ -261,7 +261,6 @@ if( $cgiparams{'pienumber'} !=3D >>>> 0){$pienumber=3D$cgiparams{'pienumber'};} >>>> if( $cgiparams{'otherspie'} !=3D >>>> 0){$otherspie=3D$cgiparams{'otherspie'};} >>>> if( $cgiparams{'showpie'} !=3D >>>> 0){$showpie=3D$cgiparams{'showpie'};} >>>> if( $cgiparams{'sortcolumn'} !=3D >>>> 0){$sortcolumn=3D$cgiparams{'sortcolumn'};} >>>> - >>>> print <>>> >>>> >>>> @@ -294,15 +293,24 @@ $lines =3D 0; >>>>=20 >>>> foreach $_ (@log) >>>> { >>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >>>> + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN >>>> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} >>>> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {} >>>> my $packet =3D $4; >>>> - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ >>>> $iface=3D"";} >>>> - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; >>>> + my $iface =3D ''; >>>> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($packet >>>> =3D~ >>>> /IN=3D(\w+)/) { $iface =3D $1 } >>>> + if ( $1 =3D~ /2./ ) { $iface=3D''; } >>>> + my $srcaddr =3D ''; >>>> + # Find ipv4 and ipv6 addresses >>>> + if ($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) { >>>> $srcaddr >>>> =3D $1 } >>>> + elsif ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/) { $srcaddr =3D $1 } >>>>=20 >>>> if($iface eq $red_interface) { >>>> + # Traffic from red >>>> if($srcaddr ne '') { >>>> + # srcaddr is set >>>> my $ccode =3D $gi->country_code_by_name($srcaddr); >>>> - if( $ccode eq '') { >>>> + if ($ccode eq '') { >>>> $ccode =3D 'unknown'; >>>> } >>>> $tabjc{$ccode} =3D $tabjc{$ccode} + 1 ; >>>> @@ -311,11 +319,16 @@ foreach $_ (@log) >>>> } >>>> } >>>> else { >>>> + # Traffic not from red >>>> if($iface ne '') { >>>> $tabjc{$iface} =3D $tabjc{$iface} + 1 ; >>>> if(($tabjc{$iface} =3D=3D 1) && ($lines < $pienumber)) { >>>> $lines >>>> =3D $lines + 1; } >>>> $linesjc++; >>>> } >>>> + else { >>>> + # What to do with empty iface lines? >>>> + # This probably is traffic from ipfire itself (IN=3D >>>> OUT=3DXY)? >>>> + } >>>> } >>>> } >>>>=20 >>>> @@ -423,7 +436,6 @@ if ($showpie !=3D 2 && $pienumber <=3D 50 && >>>> $pienumber !=3D 0) { >>>> print ">>> -country$imagerandom.png'>"; >>>> print ""; >>>> } >>>> - >>>> print <>>> >>>> >>>> @@ -448,10 +460,8 @@ for($s=3D0;$s<$lines;$s++) >>>> $percent =3D $value[$s] * 100 / $linesjc; >>>> $percent =3D sprintf("%.f", $percent); >>>> $total =3D $total + $value[$s]; >>>> - my $colorIndex =3D $color % 10; >>>> - if($colorIndex =3D=3D 0) { >>>> - $colorIndex =3D 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex =3D ($color % 10) + 1; >>>> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >>>> $color++; >>>> print ""; >>>> @@ -466,8 +476,11 @@ for($s=3D0;$s<$lines;$s++) >>>> print">>> value=3D'$key[$s]'>"; >>>> print""; >>>> } >>>> - >>>> - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq >>>> 'orange0') { >>>> + elsif ($key[$s] eq 'unknown') { >>>> + print "unknown"; >>>> + } >>>> + # Looks dangerous to use hardcoded interface names here. >>>> Probably >>>> needs fixing. >>>> + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq >>>> 'orange0' ) { >>>> print ""; >>>> } >>>> else { >>>> @@ -489,10 +502,8 @@ for($s=3D0;$s<$lines;$s++) >>>>=20 >>>> if($cgiparams{'otherspie'} =3D=3D 2 ){} >>>> else{ >>>> - my $colorIndex =3D $color % 10; >>>> - if($colorIndex =3D=3D 0) { >>>> - $colorIndex =3D 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex =3D ($color % 10) + 1; >>>> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >>>> print ""; >>>>=20 >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogip.dat b/html/cgi >>>> -bin/logs.cgi/firewalllogip.dat >>>> index 7d82d20..6fc3422 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllogip.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllogip.dat >>>> @@ -291,7 +291,8 @@ if ($pienumber =3D=3D -1 || $pienumber > $lines >>>> || >>>> $sortcolumn =3D=3D 2) { $pienumber =3D >>>> $lines =3D 0; >>>> foreach $_ (@log) >>>> { >>>> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >>>> + # Extract ipv4 or ipv6 address >>>> + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ >>>> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $tabjc{$1} =3D $tabjc{$1} + 1 ; >>>> if(($tabjc{$1} =3D=3D 1) && ($lines < $pienumber)) { $lines =3D >>>> $lines + 1; } >>>> $linesjc++; >>>> @@ -428,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) >>>> $percent =3D $value[$s] * 100 / $linesjc; >>>> $percent =3D sprintf("%.f", $percent); >>>> $total =3D $total + $value[$s]; >>>> - my $colorIndex =3D $color % 10; >>>> - if($colorIndex =3D=3D 0) { >>>> - $colorIndex =3D 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex =3D ($color % 10) + 1; >>>> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >>>> print ""; >>>>=20 >>>> @@ -459,10 +458,8 @@ for($s=3D0;$s<$lines;$s++) >>>>=20 >>>> if($cgiparams{'otherspie'} =3D=3D 2 ){} >>>> else{ >>>> - my $colorIndex =3D $color % 10; >>>> - if($colorIndex =3D=3D 0) { >>>> - $colorIndex =3D 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex =3D ($color % 10) + 1; >>>> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >>>> print ""; >>>>=20 >>>> diff --git a/html/cgi-bin/logs.cgi/firewalllogport.dat b/html/cgi >>>> -bin/logs.cgi/firewalllogport.dat >>>> index 5b0db62..583c1b3 100644 >>>> --- a/html/cgi-bin/logs.cgi/firewalllogport.dat >>>> +++ b/html/cgi-bin/logs.cgi/firewalllogport.dat >>>> @@ -429,10 +429,8 @@ for($s=3D0;$s<$lines;$s++) >>>> $percent =3D $value[$s] * 100 / $linesjc; >>>> $percent =3D sprintf("%.f", $percent); >>>> $total =3D $total + $value[$s]; >>>> - my $colorIndex =3D $color % 10; >>>> - if($colorIndex =3D=3D 0) { >>>> - $colorIndex =3D 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex =3D ($color % 10) + 1; >>>> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >>>> print ""; >>>>=20 >>>> @@ -446,10 +444,8 @@ for($s=3D0;$s<$lines;$s++) >>>>=20 >>>> if($cgiparams{'otherspie'} =3D=3D 2 ){} >>>> else{ >>>> - my $colorIndex =3D $color % 10; >>>> - if($colorIndex =3D=3D 0) { >>>> - $colorIndex =3D 10; >>>> - } >>>> + # colors are numbered 1 to 10 >>>> + my $colorIndex =3D ($color % 10) + 1; >>>> $col=3D"bgcolor=3D'$color{\"color$colorIndex\"}'"; >>>> print ""; >>>>=20 >>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> index 5283c42..0784ab9 100644 >>>> --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat >>>> @@ -158,23 +158,35 @@ if (!$skip) >>>> { >>>> while () >>>> { >>>> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=3D.*)$/) { >>>> - my $packet =3D $2; >>>> - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 >>>> =3D~ >>>> /2./ ){ $iface=3D"";} >>>> - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; >>>> + # First check whether valid log line (date, day) >>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=3D.*)$/) { >>>> + # If ipv6 uses bridge, then use PHYSIN otherwise use IN >>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(PHYSIN=3D.*)$/) {} >>>> + elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=3D.*)$/) {} >>>> + my $packet =3D $2; >>>> + my $iface =3D ''; >>>> + my $srcaddr =3D ''; >>>> + # If ipv6 uses bridge, use PHYSIN otherwise IN >>>> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif >>>> ($packet =3D~ /IN=3D(\w+)/) { $iface =3D $1 } >>>> + # Extract ipv4 and ipv6 addresses >>>> + if (($packet =3D~ >>>> /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) >>>> or ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/)) { >>>> + $srcaddr =3D $1 >>>> + }; >>>>=20 >>>> if($iface eq $country) { >>>> + # iface matches country code >>>> $log[$lines] =3D $_; >>>> $lines++; >>>> } >>>> elsif($srcaddr ne '') { >>>> + # or srcaddr matches country code >>>> my $ccode =3D $gi >>>> ->country_code_by_name($srcaddr); >>>> if($ccode eq $country){ >>>> $log[$lines] =3D $_; >>>> $lines++; >>>> } >>>> } >>>> - } >>>> + } >>>> } >>>> close (FILE); >>>> } >>>> @@ -194,16 +206,28 @@ if ($multifile) { >>>> } >>>> if (!$skip) { >>>> while () { >>>> - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=3D.*)$/) { >>>> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >>>> - my $srcaddr=3D$1; >>>> - my $ccode =3D $gi >>>> ->country_code_by_name($srcaddr); >>>> - if($ccode eq $country){ >>>> + # Check if valid log line (date, day) >>>> + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=3D.*)$/) { >>>> + my $iface =3D ''; >>>> + # If ipv6 uses bridge, then use PHYSIN >>>> otherwise >>>> IN >>>> + if ($_ =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } >>>> elsif >>>> ($_ =3D~ /IN=3D(\w+)/) { $iface =3D $1 } >>>> + >>>> + if($iface eq $country) { >>>> + # iface matches country code >>>> + $log[$lines] =3D $_; >>>> + $lines++; >>>> + } >>>> + # extract ipv4 and ipv6 address >>>> + elsif (($_ =3D~ >>>> /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\=3D(([0-9a >>>> -fA >>>> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> + my $srcaddr=3D$1; >>>> + my $ccode =3D $gi >>>> ->country_code_by_name($srcaddr); >>>> + if($ccode eq $country){ >>>> + # or srcaddr matches country code >>>> $log[$lines] =3D $_; >>>> $lines++; >>>> + } >>>> } >>>> - } >>>> - } >>>> + } >>>> } >>>> close (FILE); >>>> } >>>> @@ -308,32 +332,45 @@ $lines =3D 0; >>>> foreach $_ (@slice) >>>> { >>>> $a =3D $_; >>>> - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >>>> + # If ipv6 uses bridge, use PHYSIN otherwise use IN >>>> + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) {} >>>> + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) {}; >>>> my $packet =3D $4; >>>> - $packet =3D~ /IN=3D(\w+)/; my $iface=3D$1; if ( $1 =3D~ /2./ ){ >>>> $iface=3D"";} >>>> - $packet =3D~ /SRC=3D([\d\.]+)/; my $srcaddr=3D$1; >>>> + my $iface =3D ''; >>>> + # If ipv6 uses bridge, use PHYSIN otherwise use IN >>>> + if ($packet =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($packet >>>> =3D~ >>>> /IN=3D(\w+)/) { $iface =3D $1 } >>>> + if ( $1 =3D~ /2./ ){ $iface=3D"";} >>>> + my $srcaddr =3D ''; >>>> + # Extract ipv4 and ipv6 addresses >>>> + if (($packet =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or >>>> ($packet =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/)) >>>> { >>>> + $srcaddr =3D $1 >>>> + }; >>>>=20 >>>> if($iface eq $country || $srcaddr ne '') { >>>> - my $ccode; >>>> + my $ccode=3D''; >>>> if($iface ne $country) { >>>> $ccode =3D $gi->country_code_by_name($srcaddr); >>>> } >>>> if($iface eq $country || $ccode eq $country) { >>>> - my $chain =3D ''; >>>> + my $chain =3D ''; >>>> my $in =3D '-'; my $out =3D '-'; >>>> my $srcaddr =3D ''; my $dstaddr =3D ''; >>>> my $protostr =3D ''; >>>> my $srcport =3D ''; my $dstport =3D ''; >>>>=20 >>>> - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >>>> + # If ipv6 uses bridge, the use PHYSIN otherwise use IN >>>> + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(PHYSIN=3D.*)$/) {} >>>> + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/) >>>> {} >>>> my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; >>>> $timestamp =3D~ /(...) (..) (..:..:..)/; >>>> my $month =3D $1; my $day =3D $2; my $time =3D $3; >>>>=20 >>>> - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } >>>> - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } >>>> - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } >>>> - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } >>>> + # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise >>>> use >>>> IN and OUT >>>> + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($a =3D~ >>>> /IN=3D(\w+)/) { $iface =3D $1 } >>>> + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1 } elsif ($a =3D~ >>>> /OUT=3D(\w+)/) { $out =3D $1 } >>>> + # Extract ipv4 and ipv6 addresses >>>> + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a >>>> =3D~ >>>> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $srcaddr =3D >>>> $1; } >>>> + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a >>>> =3D~ >>>> /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $dstaddr =3D >>>> $1; } >>>> if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } >>>> my $protostrlc =3D lc($protostr); >>>> if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } >>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromip.dat >>>> b/html/cgi >>>> -bin/logs.cgi/showrequestfromip.dat >>>> index 09a60b5..94e795c 100644 >>>> --- a/html/cgi-bin/logs.cgi/showrequestfromip.dat >>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromip.dat >>>> @@ -155,7 +155,7 @@ if (!$skip) >>>> while () >>>> { >>>> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=3D.*)$/) { >>>> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >>>> + if (($_ =3D~ >>>> /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) >>>> or ($_ =3D~ /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA >>>> -F]{0,4})){2,7})/)) { >>>> if($1 eq $ip){ >>>> $log[$lines] =3D $_; >>>> $lines++; >>>> @@ -182,12 +182,12 @@ if ($multifile) { >>>> if (!$skip) { >>>> while () { >>>> if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ >>>> kernel:.*(IN=3D.*)$/) { >>>> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >>>> - if($1 eq $ip){ >>>> + if (($_ =3D~ >>>> /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ /SRC\=3D(([0-9a >>>> -fA >>>> -F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> + if($1 eq $ip){ >>>> $log[$lines] =3D $_; >>>> $lines++; >>>> - } >>>> - } >>>> + } >>>> + } >>>> } >>>> } >>>> close (FILE); >>>> @@ -293,7 +293,8 @@ $lines =3D 0; >>>> foreach $_ (@slice) >>>> { >>>> $a =3D $_; >>>> - if($_ =3D~ /SRC\=3D([\d\.]+)/){ >>>> + # Check whether valid ipv4 or ipv6 address >>>> + if (($_ =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =3D~ >>>> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> if($1 eq $ip){ >>>> my $chain =3D ''; >>>> my $in =3D '-'; my $out =3D '-'; >>>> @@ -301,15 +302,19 @@ foreach $_ (@slice) >>>> my $protostr =3D ''; >>>> my $srcport =3D ''; my $dstport =3D ''; >>>>=20 >>>> - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >>>> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN >>>> + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(PHYSIN=3D.*)$/) >>>> {} >>>> + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(IN=3D.*)$/) >>>> {} >>>> my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; >>>> $timestamp =3D~ /(...) (..) (..:..:..)/; >>>> my $month =3D $1; my $day =3D $2; my $time =3D $3; >>>>=20 >>>> - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } >>>> - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } >>>> - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } >>>> - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } >>>> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, >>>> otherwise >>>> use IN and OUT >>>> + if ($a =3D~ /PHYSIN=3D(\w+)/) { $iface =3D $1 } elsif ($a =3D~ >>>> /IN=3D(\w+)/) { $iface =3D $1 } >>>> + if ($a =3D~ /PHYSOUT=3D(\w+)/) { $out =3D $1 } elsif ($a =3D~ >>>> /OUT=3D(\w+)/) { $out =3D $1 } >>>> + # Detect ipv4 and ipv6 addresses >>>> + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >>>> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $srcaddr =3D >>>> $1; } >>>> + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >>>> /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $dstaddr =3D >>>> $1; } >>>> if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } >>>> my $protostrlc =3D lc($protostr); >>>> if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } >>>> diff --git a/html/cgi-bin/logs.cgi/showrequestfromport.dat >>>> b/html/cgi >>>> -bin/logs.cgi/showrequestfromport.dat >>>> index ad9823c..af7779a 100644 >>>> --- a/html/cgi-bin/logs.cgi/showrequestfromport.dat >>>> +++ b/html/cgi-bin/logs.cgi/showrequestfromport.dat >>>> @@ -307,15 +307,19 @@ foreach $_ (@slice) >>>> my $protostr =3D ''; >>>> my $srcport =3D ''; my $dstport =3D ''; >>>>=20 >>>> - $_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=3D.*)$/; >>>> + # If ipv6 uses bridge, the use PHYSIN, otherwise use IN >>>> + if ($_ =3D~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=3D.*)$/) >>>> {} >>>> + elsif ($_ =3D~ /(^.* ..:..:..) [\w\-]+ >>>> kernel:(.*)(IN=3D.*)$/) >>>> {} >>>> my $timestamp =3D $1; my $chain =3D $2; my $packet =3D $3; >>>> $timestamp =3D~ /(...) (..) (..:..:..)/; >>>> my $month =3D $1; my $day =3D $2; my $time =3D $3; my $iface; >>>>=20 >>>> - if ($a =3D~ /IN\=3D(\w+)/) { $iface =3D $1; } >>>> - if ($a =3D~ /OUT\=3D(\w+)/) { $out =3D $1; } >>>> - if ($a =3D~ /SRC\=3D([\d\.]+)/) { $srcaddr =3D $1; } >>>> - if ($a =3D~ /DST\=3D([\d\.]+)/) { $dstaddr =3D $1; } >>>> + # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, >>>> otherwise >>>> use IN and OUT >>>> + if ($a =3D~ /PHYSIN\=3D(\w+)/) { $iface =3D $1; } elsif ($a =3D~ >>>> /IN\=3D(\w+)/) { $iface =3D $1; } >>>> + if ($a =3D~ /PHYSOUT\=3D(\w+)/) { $out =3D $1; } elsif ($a =3D~ >>>> /OUT\=3D(\w+)/) { $out =3D $1; } >>>> + # Detect ipv4 and ipv6 addresses >>>> + if (($a =3D~ /SRC\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >>>> /SRC\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $srcaddr =3D >>>> $1; } >>>> + if (($a =3D~ /DST\=3D(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =3D~ >>>> /DST\=3D(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { >>>> $dstaddr =3D >>>> $1; } >>>> if ($a =3D~ /PROTO\=3D(\w+)/) { $protostr =3D $1; } >>>> my $protostrlc =3D lc($protostr); >>>> if ($a =3D~ /SPT\=3D([\d\.]+)/){ $srcport =3D $1; } --===============7823879588016397368==--
$key[$s]