No, I think it is not worth it, because this is not a high performance
code path...
I thought there was more coming?
On Mon, 2013-03-25 at 21:50 +0100, Kay-Michael Köhler wrote:
> Y, the best way is to rewrite that part of the cgi from scratch,
> right, migrating sed and sort to perl map/sort statements (where
> memory and performace could be an issue on small appliances then), but
> the question is would it worth the energy when ipfire 3 is ahead. Tell
> me and i do that job for ipf2 with pure perl.
>
> In case someone is working with my patch at the moment, it would be a
> pleasure to receive any feedback.
>
>
> 2013/3/25 Michael Tremer <michael.tremer@ipfire.org>
> Hey,
>
> a shell script is not the best way how to sort things, but I
> think we
> can accept this because before the current version of the CGI
> file,
> there was a lot of sorting done with shell commands as well.
>
> I did not try to run your code, because I am waiting for the
> other "two
> more sorting options".
>
> Michael
>
> On Sat, 2013-03-23 at 09:38 +0100, Kay-Michael Köhler wrote:
> > I did some progress on sorting with connections.cgi and i
> want to
> > share with you guys.
> >
> >
> > To keep the sorting less time consuming and with a minimum
> memory
> > footprint, i added a bash script what is doing all the
> sorting and
> > removed the sort command from the piped command line.
> >
> >
> > Eight green arrows for sorting on source ip, source port,
> destination
> > ip and destination port will now appear on iptables
> connections
> > tracking WUI.
> >
> >
> > I will add two more sorting option later after finished some
> other
> > work for ipfire.
> >
> >
> > The bash script "consort.sh" goes to /usr/local/bin.
> >
> >
> > Ok, now the two diffs to the actual git
> >
> >
> > diff --git a/src/scripts/consort.sh b/src/scripts/consort.sh
> > new file mode 100755
> > index 0000000..1633beb
> > --- /dev/null
> > +++ b/src/scripts/consort.sh
> > @@ -0,0 +1,83 @@
> > +#/bin/bash
> >
> +###############################################################################
> > +#
> > #
> > +# IPFire.org - A linux based firewall
> > #
> > +# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org>
> > #
> > +#
> > #
> > +# This program is free software: you can redistribute it
> and/or
> > modify #
> > +# it under the terms of the GNU General Public License as
> published
> > by #
> > +# the Free Software Foundation, either version 3 of the
> License, or
> > #
> > +# (at your option) any later version.
> > #
> > +#
> > #
> > +# This program is distributed in the hope that it will be
> useful,
> > #
> > +# but WITHOUT ANY WARRANTY; without even the implied
> warranty of
> > #
> > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> the
> > #
> > +# GNU General Public License for more details.
> > #
> > +#
> > #
> > +# You should have received a copy of the GNU General Public
> License
> > #
> > +# along with this program. If not, see
> > <http://www.gnu.org/licenses/>. #
> > +#
> > #
> >
> +###############################################################################
> > +
> > +# sort conntrack table entries based on ip addresses
> > +# @parm sort field
> > +do_ip_sort() {
> > + sed \
> > + -r \
> > + 's/.*src=([0-9\.]+).*dst=([0-9\.]+).*src=.*/\'$1'#\0/'
> $FILE_NAME \
> > + | sort \
> > + -t. \
> > + -k 1,1n$SORT_ORDER -k 2,2n$SORT_ORDER -k 3,3n$SORT_ORDER
> -k 4,4n
> > $SORT_ORDER \
> > + | sed \
> > + -r \
> > + 's/.*#(.*)/\1/'
> > +}
> > +
> > +# sort conntrack table entries based on port addresses
> > +# @parm sort field
> > +do_port_sort() {
> > + sed \
> > + -r \
> > + 's/.*sport=([0-9]+).*dport=([0-9]+).*src=.*/\'$1'#\0/'
> $FILE_NAME \
> > + | sort \
> > + -t# \
> > + -k 1,1n$SORT_ORDER \
> > + | sed \
> > + -r \
> > + 's/.*#(.*)/\1/'
> > +}
> > +
> > +SORT_ORDER=
> > +FILE_NAME=
> > +
> > +if [ $# -lt 2 ]; then
> > + echo "Usage: consort <sort criteria
> > 1=srcIp,2=dstIp,3=srcPort,4=dstPort>
> <a=ascending,d=descending> [input
> > file]"
> > + echo " consort.sh 1 a.txt"
> > + echo " cat a.txt | consort 1"
> > + exit;
> > +fi
> > +
> > +if [[ 'a d A D' =~ $2 ]]; then
> > + if [[ 'd D' =~ $2 ]]; then
> > + SORT_ORDER=r
> > + fi
> > +else
> > + echo "Unknown sort order \"$2\""
> > + exit;
> > +fi
> > +
> > +if [ $# == 3 ]; then
> > + if [ ! -f $3 ]; then
> > + echo "File not found."
> > + exit;
> > + fi
> > + FILE_NAME=$3
> > +fi
> > +
> > +if [[ '1 2' =~ $1 ]]; then
> > + do_ip_sort $1
> > +elif [[ '3 4' =~ $1 ]]; then
> > + do_port_sort $(($1-2))
> > +else
> > + echo "Unknown sort criteria \"$1\""
> > +fi
> >
> >
> >
> >
> > diff --git a/html/cgi-bin/connections.cgi
> > b/html/cgi-bin/connections.cgi
> > index 1edf3e5..0c20957 100644
> > --- a/html/cgi-bin/connections.cgi
> > +++ b/html/cgi-bin/connections.cgi
> > @@ -34,6 +34,31 @@
> >
> > my $colour_multicast = "#A0A0A0";
> >
> > +# sort arguments for connection tracking table
> > +# the sort field. eg. 1=src IP, 2=dst IP, 3=src port, 4=dst
> port
> > +my $SORT_FIELD = 0;
> > +# the sort order. (a)scending orr (d)escending
> > +my $SORT_ORDER = 0;
> > +# cgi query arguments
> > +my %cgiin;
> > +# debug mode
> > +my $debug = 0;
> > +
> > +# retrieve query arguments
> > +# note: let a-z A-Z and 0-9 pass as value only
> > +if (length ($ENV{'QUERY_STRING'}) > 0){
> > + my $name;
> > + my $value;
> > + my $buffer = $ENV{'QUERY_STRING'};
> > + my @pairs = split(/&/, $buffer);
> > + foreach my $pair (@pairs){
> > + ($name, $value) = split(/=/, $pair);
> > + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",
> hex($1))/eg; # e.g.
> > "%20" => " "
> > + $value =~ s/[^a-zA-Z0-9]*//g; # a-Z 0-9 will pass
> > + $cgiin{$name} = $value;
> > + }
> > +}
> > +
> > &Header::showhttpheaders();
> >
> > my @network=();
> > @@ -43,12 +68,43 @@
> > my %netsettings=();
> > &General::readhash("${General::swroot}/ethernet/settings",
> \%
> > netsettings);
> >
> > +# output cgi query arrguments to browser on debug
> > +if ( $debug ){
> > + &Header::openbox('100%', 'center', 'DEBUG');
> > + my $debugCount = 0;
> > + foreach my $line (sort keys %cgiin) {
> > + print "$line = '$cgiin{$line}'<br />\n";
> > + $debugCount++;
> > + }
> > + print " Count: $debugCount\n";
> > + &Header::closebox();
> > +}
> > +
> > #workaround to suppress a warning when a variable is used
> only once
> > my @dummy = ( ${Header::table1colour} );
> > undef (@dummy);
> >
> > -# Read the connection tracking table.
> > -open(CONNTRACK, "/usr/local/bin/getconntracktable | sort -k
> 5,5
> > --numeric-sort --reverse |") or die "Unable to read
> conntrack table";
> > +
> > +
> > +# check sorting arguments
> > +if ( $cgiin{'sort_field'} ~~ [ '1','2','3','4' ] ) {
> > + $SORT_FIELD = $cgiin{'sort_field'};
> > +
> > + if ( $cgiin{'sort_order'} ~~ [ 'a','d','A','D' ] ) {
> > + $SORT_ORDER = lc($cgiin{'sort_order'});
> > + }
> > +}
> > +
> > +# Read and sort the connection tracking table
> > +# do sorting
> > +if ($SORT_FIELD and $SORT_ORDER) {
> > + # field sorting when sorting arguments are sane
> > + open(CONNTRACK, "/usr/local/bin/getconntracktable
> > | /usr/local/bin/consort.sh $SORT_FIELD $SORT_ORDER |") or
> die "Unable
> > to read conntrack table";
> > +} else {
> > + # default sorting with no query arguments
> > + open(CONNTRACK, "/usr/local/bin/getconntracktable | sort
> -k 5,5
> > --numeric-sort --reverse |") or die "Unable to read
> conntrack table";
> > +}
> > +
> > my @conntrack = <CONNTRACK>;
> > close(CONNTRACK);
> >
> > @@ -263,21 +319,49 @@
> > <br>
> > END
> >
> > +if ($SORT_FIELD and $SORT_ORDER) {
> > + my @sort_field_name = (
> > + $Lang::tr{'source ip'},
> > + $Lang::tr{'destination ip'},
> > + $Lang::tr{'source port'},
> > + $Lang::tr{'destination port'}
> > + );
> > + my $sort_order_name;
> > + if (lc($SORT_ORDER) eq "a") {
> > + $sort_order_name = $Lang::tr{'sort ascending'};
> > + } else {
> > + $sort_order_name = $Lang::tr{'sort descending'};
> > + }
> > +
> > +print <<END
> > + <div style="font-weight:bold;margin:10px;font-size: 80%">
> > + $sort_order_name: $sort_field_name[$SORT_FIELD-1]
> > + </div>
> > +END
> > +;
> > +}
> > +
> > # Print table header.
> > print <<END;
> > <table width='100%'>
> > - <tr>
> > + <tr valign="top"">
> > <th align='center'>
> > $Lang::tr{'protocol'}
> > </th>
> > - <th align='center'>
> > + <th align='center' colspan="2">
> > + <a href="?sort_field=1&sort_order=d"><img
> style="width:10px"
> > src="/images/up.gif"></a>
> > + <a href="?sort_field=1&sort_order=a"><img
> style="width:10px"
> > src="/images/down.gif"></a>
> > $Lang::tr{'source ip and port'}
> > + <a href="?sort_field=3&sort_order=d"><img
> style="width:10px"
> > src="/images/up.gif"></a>
> > + <a href="?sort_field=3&sort_order=a"><img
> style="width:10px"
> > src="/images/down.gif"></a>
> > </th>
> > - <th> </th>
> > - <th align='center'>
> > + <th align='center' colspan="2">
> > + <a href="?sort_field=2&sort_order=d"><img
> style="width:10px"
> > src="/images/up.gif"></a>
> > + <a href="?sort_field=2&sort_order=a"><img
> style="width:10px"
> > src="/images/down.gif"></a>
> > $Lang::tr{'dest ip and port'}
> > + <a href="?sort_field=4&sort_order=d"><img
> style="width:10px"
> > src="/images/up.gif"></a>
> > + <a href="?sort_field=4&sort_order=a"><img
> style="width:10px"
> > src="/images/down.gif"></a>
> > </th>
> > - <th> </th>
> > <th align='center'>
> > $Lang::tr{'download'} /
> > <br>$Lang::tr{'upload'}
> >
> >
> >
> >
> > 2013/3/10 Michael Tremer <michael.tremer@ipfire.org>
> > Hi,
> >
> > sure, this is fine with me. Just try to make the
> sorting
> > process
> > efficient so that even ten thousands of connections
> are
> > properly
> > displayed.
> >
> > -Michael
> >
> > On Sun, 2013-03-10 at 17:01 +0100, Kay-Michael
> Köhler wrote:
> > > Hello everyone
> > >
> > >
> > > i'm going to start development on connections.cgi
> to have
> > some kind of
> > > sorting at "iptables connection
> > tracking" (status->connections)
> > >
> > >
> > > I think it is a good idea to have the following
> (asc/desc)
> > sort
> > > options:
> > >
> > >
> > > "Protocol"
> > > "Source IP:Port"
> > > "Destination IP Port"
> > > "Connection status"
> > >
> > >
> > > If you guys agree it would be a please for me to
> share and
> > post the
> > > patch here when i'm done.
> > >
> > >
> > > Regards
> > >
> > >
> > > Kay-Michael
> >
> > > _______________________________________________
> > > Development mailing list
> > > Development@lists.ipfire.org
> > >
> http://lists.ipfire.org/mailman/listinfo/development
> >
> > _______________________________________________
> > Development mailing list
> > Development@lists.ipfire.org
> > http://lists.ipfire.org/mailman/listinfo/development
> >
> >
>
>
>
>
> _______________________________________________
> Development mailing list
> Development@lists.ipfire.org
> http://lists.ipfire.org/mailman/listinfo/development
_______________________________________________
Development mailing list
Development@lists.ipfire.org
http://lists.ipfire.org/mailman/listinfo/development