From mboxrd@z Thu Jan 1 00:00:00 1970 From: Rob Brewer To: development@lists.ipfire.org Subject: Re: GeoIP Blocked IPs not being logged Date: Sun, 10 Feb 2019 16:07:42 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8116206936447617677==" List-Id: --===============8116206936447617677== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Hi Michael Rob Brewer wrote: >> However, I do not think that this is a bad idea, but it should be >> configurable on the firewall options page. >> > Yes I was thinking that this could be easily select-able with an if > statement around the LOG line if required. > OK I've been working on your suggestion and have added an additional checkbox to the GeoIP Block of geoip-block.cgi to enable/disable logging. (patch: geoip-block.cgi) I have also reworked rules.pl to enable geoip-block logging from geo- block.cgi. (patch: rules2.pl) Rob --===============8116206936447617677== Content-Type: text/x-patch Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="geoip-block.cgi" MIME-Version: 1.0 LS0tIC9ob21lL3J3Yi9JUEZpcmUvaXBmaXJlLTIueC9idWlsZC9zcnYvd2ViL2lwZmlyZS9jZ2kt YmluL2dlb2lwLWJsb2NrLmNnaQkyMDE5LTAxLTMxIDE5OjE3OjQ4Ljk0ODY3NjkyOCArMDAwMAor KysgL2hvbWUvcndiL0lQRmlyZS9pcGZpcmUtMi54L2J1aWxkL3Nydi93ZWIvaXBmaXJlL2NnaS1i aW4vZ2VvaXAtYmxvY2suY2dpLmRldgkyMDE5LTAyLTEwIDE1OjI0OjU3LjE5MTkyMDA3OCArMDAw MApAQCAtNTksNiArNTksMTMgQEAKIAl9IGVsc2UgewogCQkkc2V0dGluZ3N7J0dFT0lQQkxPQ0tf RU5BQkxFRCd9ID0gIm9mZiI7CiAJfQorICAgICAgICAKKwkjICBjaGVjayBpZiBsb2dnaW5nIGlz IHJlcXVpcmVkCisJaWYgKGV4aXN0cyAkY2dpcGFyYW1zeydMT0dfRU5BQkxFRCd9KSB7CisJCSRz ZXR0aW5nc3snTE9HX0VOQUJMRUQnfSA9ICJvbiI7CisJfSBlbHNlIHsKKwkJJHNldHRpbmdzeydM T0dfRU5BQkxFRCd9ID0gIm9mZiI7CisJfSAgICAgICAgCiAKIAkjIExvb3AgdGhyb3VnaCBvdXIg bG9jYXRpb25zIGFycmF5IHRvIHByZXZlbnQgZnJvbQogCSMgbm9uIGV4aXN0aW5nIGNvdW50cmll cyBvciBjb2RlLgpAQCAtOTEsMjIgKzk4LDQxIEBACiB9CiAKICMgQ2hlY2tib3ggcHJlLXNlbGVj dGlvbi4KLW15ICRjaGVja2VkOworbXkgKCVjaGVja2VkLCVzZWxlY3RlZCk7CiBpZiAoJHNldHRp bmdzeydHRU9JUEJMT0NLX0VOQUJMRUQnfSBlcSAib24iKSB7Ci0JJGNoZWNrZWQgPSAiY2hlY2tl ZD0nY2hlY2tlZCciOwotfQorCSRjaGVja2VkeydHRU9JUEJMT0NLX0VOQUJMRUQnfXskc2V0dGlu Z3N7J0dFT0lQQkxPQ0tfRU5BQkxFJ319ID0gImNoZWNrZWQ9J2NoZWNrZWQnIjsKKwl9CisgICAg ICAgIAoraWYgKCRzZXR0aW5nc3snTE9HX0VOQUJMRUQnfSBlcSAib24iKSB7CisJJGNoZWNrZWR7 J0xPR19FTkFCTEVEJ317JHNldHRpbmdzeydMT0dfRU5BQkxFJ319ID0gImNoZWNrZWQ9J2NoZWNr ZWQnIjsKKwl9CisKKyRjaGVja2VkeydHRU9JUEJMT0NLX0VOQUJMRUQnfXsnb2ZmJ30gPSAnJzsK KyRjaGVja2VkeydHRU9JUEJMT0NLX0VOQUJMRUQnfXsnb24nfSA9ICcnOworJGNoZWNrZWR7J0dF T0lQQkxPQ0tfRU5BQkxFRCd9eyRzZXR0aW5nc3snR0VPSVBCTE9DS19FTkFCTEVEJ319ID0gImNo ZWNrZWQ9J2NoZWNrZWQnIjsJCisJCisJCiskY2hlY2tlZHsnTE9HX0VOQUJMRUQnfXsnb2ZmJ30g PSAnJzsKKyRjaGVja2VkeydMT0dfRU5BQkxFRCd9eydvbid9ID0gJyc7CiskY2hlY2tlZHsnTE9H X0VOQUJMRUQnfXskc2V0dGluZ3N7J0xPR19FTkFCTEVEJ319ID0gImNoZWNrZWQ9J2NoZWNrZWQn IjsKIAogIyBQcmludCBib3ggdG8gZW5hYmxlL2Rpc2FibGUgZ2VvaXBibG9jay4KIHByaW50Ijxm b3JtIG1ldGhvZD0nUE9TVCcgYWN0aW9uPSckRU5WeydTQ1JJUFRfTkFNRSd9Jz5cbiI7CiAKICZI ZWFkZXI6Om9wZW5ib3goJzEwMCUnLCAnY2VudGVyJywgJExhbmc6OnRyeydnZW9pcGJsb2NrJ30p OworCisjIExvZyBlbmFibGVkIGNoZWNrYm94IGFkZGVkIHRvIGVuYWJsZSBnZW9pcCBydWxlcyBs b2dnaW5nCiBwcmludCA8PEVORDsKIAk8dGFibGUgd2lkdGg9Jzk1JSc+CiAJCTx0cj4KIAkJCTx0 ZCB3aWR0aD0nMjUlJyBjbGFzcz0nYmFzZSc+JExhbmc6OnRyeydnZW9pcGJsb2NrIGVuYWJsZSBm ZWF0dXJlJ30KLQkJCTx0ZD48aW5wdXQgdHlwZT0nY2hlY2tib3gnIG5hbWU9J0dFT0lQQkxPQ0tf RU5BQkxFRCcgJGNoZWNrZWQ+PC90ZD4KKwkJCTx0ZD48aW5wdXQgdHlwZT0nY2hlY2tib3gnIG5h bWU9J0dFT0lQQkxPQ0tfRU5BQkxFRCcgJGNoZWNrZWR7J0dFT0lQQkxPQ0tfRU5BQkxFRCd9eydv bid9PjwvdGQ+CiAJCTwvdHI+CiAJCTx0cj4KKwkJCTx0ZCB3aWR0aD0nMjUlJyBjbGFzcz0nYmFz ZSc+JExhbmc6OnRyeydsb2cgZW5hYmxlZCd9CisJCQk8dGQ+PGlucHV0IHR5cGU9J2NoZWNrYm94 JyBuYW1lPSdMT0dfRU5BQkxFRCcgJGNoZWNrZWR7J0xPR19FTkFCTEVEJ317J29uJ30+PC90ZD4K KyAgICAgICAgICAgICAgICA8L3RyPgorCQk8dHI+CiAJCQk8dGQgY29sc3Bhbj0nMic+PGJyPjwv dGQ+CiAJCTwvdHI+CiAJPC90YWJsZT4KCg== --===============8116206936447617677== Content-Type: application/x-perl Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rules2.pl" MIME-Version: 1.0 LS0tIC9ob21lL3J3Yi9JUEZpcmUvaXBmaXJlLTIueC9idWlsZC91c3IvbGliL2ZpcmV3YWxsL3J1 bGVzLnBsLm9yaWcJMjAxOS0wMi0wNCAyMDo1OTozNC42NzcxNDM0OTYgKzAwMDAKKysrIC9ob21l L3J3Yi9JUEZpcmUvaXBmaXJlLTIueC9idWlsZC91c3IvbGliL2ZpcmV3YWxsL3J1bGVzLnBsCTIw MTktMDItMTAgMTU6Mzc6MDYuMDcxMTkyOTE0ICswMDAwCkBAIC02MDksNyArNjA5LDExIEBACiAJ IyBpcyBlbmFibGVkLgogCWZvcmVhY2ggbXkgJGxvY2F0aW9uIChAbG9jYXRpb25zKSB7CiAJCWlm KGV4aXN0cyAkZ2VvaXBzZXR0aW5nc3skbG9jYXRpb259ICYmICRnZW9pcHNldHRpbmdzeyRsb2Nh dGlvbn0gZXEgIm9uIikgewotCQkJcnVuKCIkSVBUQUJMRVMgLUEgR0VPSVBCTE9DSyAtbSBnZW9p cCAtLXNyYy1jYyAkbG9jYXRpb24gLWogRFJPUCIpOworICAgICAgICAjIGFkZCBsb2dnaW5nIHJ1 bGVzIGZvciBnZW9pcCAKKwkJaWYgKCRnZW9pcHNldHRpbmdzeydMT0dfRU5BQkxFRCd9IGVxICJv biIpIHsgIAorCQlydW4oIiRJUFRBQkxFUyAtQSBHRU9JUEJMT0NLIC1tIGdlb2lwIC0tc3JjLWNj ICRsb2NhdGlvbiAtaiBMT0cgLS1sb2ctcHJlZml4ICdHRU9JUEJMT0NLLSRsb2NhdGlvbiAnIik7 CisJCX0KKwkJcnVuKCIkSVBUQUJMRVMgLUEgR0VPSVBCTE9DSyAtbSBnZW9pcCAtLXNyYy1jYyAk bG9jYXRpb24gLWogRFJPUCIpOwogCQl9CiAJfQogfQo= --===============8116206936447617677==--