From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 9a883f3f53819fcf0f7de3c6596451cfbc3bcd60
Date: Fri, 26 Apr 2013 12:25:05 +0200 [thread overview]
Message-ID: <20130426102505.B01C6200BD@argus.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 13549 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 9a883f3f53819fcf0f7de3c6596451cfbc3bcd60 (commit)
via 9b37e91ef6dfd93a257bf1ee802b1919e30d0f74 (commit)
from 9856eec1cc29874d162fa67c9e9e1173d120aba2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9a883f3f53819fcf0f7de3c6596451cfbc3bcd60
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Apr 26 12:24:40 2013 +0200
Add new connection sorting code to core update 68.
commit 9b37e91ef6dfd93a257bf1ee802b1919e30d0f74
Author: Kay-Michael Köhler <kay.michael.koehler(a)googlemail.com>
Date: Fri Apr 26 12:21:08 2013 +0200
Make connection tracking list sortable.
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/stage2 | 1 +
config/rootfiles/core/68/filelists/files | 2 +
html/cgi-bin/connections.cgi | 127 +++++++++++++++++++++++--
src/scripts/consort.sh | 158 +++++++++++++++++++++++++++++++
4 files changed, 281 insertions(+), 7 deletions(-)
create mode 100644 src/scripts/consort.sh
Difference in files:
diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2
index e10c649..1e91b37 100644
--- a/config/rootfiles/common/stage2
+++ b/config/rootfiles/common/stage2
@@ -71,6 +71,7 @@ usr/lib/libstdc++.so.6
#usr/local/bin/archive.files
usr/local/bin/backupiso
usr/local/bin/connscheduler
+usr/local/bin/consort.sh
usr/local/bin/dialctrl.pl
usr/local/bin/hddshutdown
usr/local/bin/httpscert
diff --git a/config/rootfiles/core/68/filelists/files b/config/rootfiles/core/68/filelists/files
index 274e4e1..ad6864a 100644
--- a/config/rootfiles/core/68/filelists/files
+++ b/config/rootfiles/core/68/filelists/files
@@ -1,11 +1,13 @@
etc/system-release
etc/issue
etc/modprobe.d/blacklist
+srv/web/ipfire/cgi-bin/connections.cgi
srv/web/ipfire/cgi-bin/services.cgi
srv/web/ipfire/html/themes/ipfire/include/style.css
srv/web/ipfire/html/themes/ipfire/include/functions.pl
srv/web/ipfire/html/themes/maniac/include/style.css
srv/web/ipfire/html/include/jquery-1.9.1.min.js
+usr/local/bin/consort.sh
var/ipfire/backup/include
var/ipfire/header.pl
var/ipfire/general-functions.pl
diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
index 1edf3e5..d566cf7 100644
--- a/html/cgi-bin/connections.cgi
+++ b/html/cgi-bin/connections.cgi
@@ -34,6 +34,31 @@ require "${General::swroot}/header.pl";
my $colour_multicast = "#A0A0A0";
+# sort arguments for connection tracking table
+# the sort field. eg. 1=src IP, 2=dst IP, 3=src port, 4=dst port
+my $SORT_FIELD = 0;
+# the sort order. (a)scending orr (d)escending
+my $SORT_ORDER = 0;
+# cgi query arguments
+my %cgiin;
+# debug mode
+my $debug = 0;
+
+# retrieve query arguments
+# note: let a-z A-Z and 0-9 pass as value only
+if (length ($ENV{'QUERY_STRING'}) > 0){
+ my $name;
+ my $value;
+ my $buffer = $ENV{'QUERY_STRING'};
+ my @pairs = split(/&/, $buffer);
+ foreach my $pair (@pairs){
+ ($name, $value) = split(/=/, $pair);
+ $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # e.g. "%20" => " "
+ $value =~ s/[^a-zA-Z0-9]*//g; # a-Z 0-9 will pass
+ $cgiin{$name} = $value;
+ }
+}
+
&Header::showhttpheaders();
my @network=();
@@ -43,12 +68,40 @@ my @colour=();
my %netsettings=();
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
+# output cgi query arrguments to browser on debug
+if ( $debug ){
+ &Header::openbox('100%', 'center', 'DEBUG');
+ my $debugCount = 0;
+ foreach my $line (sort keys %cgiin) {
+ print "$line = '$cgiin{$line}'<br />\n";
+ $debugCount++;
+ }
+ print " Count: $debugCount\n";
+ &Header::closebox();
+}
+
#workaround to suppress a warning when a variable is used only once
my @dummy = ( ${Header::table1colour} );
undef (@dummy);
-# Read the connection tracking table.
-open(CONNTRACK, "/usr/local/bin/getconntracktable | sort -k 5,5 --numeric-sort --reverse |") or die "Unable to read conntrack table";
+# check sorting arguments
+if ( $cgiin{'sort_field'} ~~ [ '1','2','3','4','5','6','7','8','9' ] ) {
+ $SORT_FIELD = $cgiin{'sort_field'};
+
+ if ( $cgiin{'sort_order'} ~~ [ 'a','d','A','D' ] ) {
+ $SORT_ORDER = lc($cgiin{'sort_order'});
+ }
+}
+
+# Read and sort the connection tracking table
+# do sorting
+if ($SORT_FIELD and $SORT_ORDER) {
+ # field sorting when sorting arguments are sane
+ open(CONNTRACK, "/usr/local/bin/getconntracktable | /usr/local/bin/consort.sh $SORT_FIELD $SORT_ORDER |") or die "Unable to read conntrack table";
+} else {
+ # default sorting with no query arguments
+ open(CONNTRACK, "/usr/local/bin/getconntracktable | sort -k 5,5 --numeric-sort --reverse |") or die "Unable to read conntrack table";
+}
my @conntrack = <CONNTRACK>;
close(CONNTRACK);
@@ -263,21 +316,81 @@ print <<END;
<br>
END
+if ($SORT_FIELD and $SORT_ORDER) {
+ my @sort_field_name = (
+ $Lang::tr{'source ip'},
+ $Lang::tr{'destination ip'},
+ $Lang::tr{'source port'},
+ $Lang::tr{'destination port'},
+ $Lang::tr{'protocol'},
+ $Lang::tr{'connection'}.' '.$Lang::tr{'status'},
+ $Lang::tr{'expires'}.' ('.$Lang::tr{'seconds'}.')',
+ $Lang::tr{'download'},
+ $Lang::tr{'upload'}
+ );
+ my $sort_order_name;
+ if (lc($SORT_ORDER) eq "a") {
+ $sort_order_name = $Lang::tr{'sort ascending'};
+ } else {
+ $sort_order_name = $Lang::tr{'sort descending'};
+ }
+
+print <<END
+ <div style="font-weight:bold;margin:10px;font-size: 70%">
+ $sort_order_name: $sort_field_name[$SORT_FIELD-1]
+ </div>
+END
+;
+}
+
# Print table header.
print <<END;
<table width='100%'>
- <tr>
+ <tr valign="top"">
<th align='center'>
- $Lang::tr{'protocol'}
+ <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+ </th>
+ <th align='center' colspan="2">
+ <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+
+ <a href="?sort_field=3&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=3&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+ </th>
+ <th align='center' colspan="2">
+ <a href="?sort_field=2&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=2&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+
+ <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
</th>
<th align='center'>
- $Lang::tr{'source ip and port'}
+ <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+
+ <a href="?sort_field=9&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=9&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+ </th>
+ <th align='center'>
+ <a href="?sort_field=6&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=6&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
</th>
- <th> </th>
<th align='center'>
+ <a href="?sort_field=7&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+ <a href="?sort_field=7&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+ </th>
+ </tr>
+ <tr valign="top"">
+ <th align='center'>
+ $Lang::tr{'protocol'}
+ </th>
+ <th align='center' colspan="2">
+ $Lang::tr{'source ip and port'}
+ </th>
+ <th align='center' colspan="2">
$Lang::tr{'dest ip and port'}
</th>
- <th> </th>
<th align='center'>
$Lang::tr{'download'} /
<br>$Lang::tr{'upload'}
diff --git a/src/scripts/consort.sh b/src/scripts/consort.sh
new file mode 100644
index 0000000..1682f7a
--- /dev/null
+++ b/src/scripts/consort.sh
@@ -0,0 +1,158 @@
+#/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2013 IPFire Team <info(a)ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+# sort conntrack table entries based on ip addresses
+# @parm sort field
+do_ip_sort() {
+ sed \
+ -r \
+ 's/.*src=([0-9\.]+).*dst=([0-9\.]+).*src=.*/\'$1'#\0/' $FILE_NAME \
+ | sort \
+ -t. \
+ -k 1,1n$SORT_ORDER -k 2,2n$SORT_ORDER -k 3,3n$SORT_ORDER -k 4,4n$SORT_ORDER \
+ | sed \
+ -r \
+ 's/.*#(.*)/\1/'
+}
+
+# sort conntrack table entries based on port addresses
+# @parm sort field
+do_port_sort() {
+ sed \
+ -r \
+ 's/.*sport=([0-9]+).*dport=([0-9]+).*src=.*/\'$1'#\0/' $FILE_NAME \
+ | sort \
+ -t# \
+ -k 1,1n$SORT_ORDER \
+ | sed \
+ -r \
+ 's/.*#(.*)/\1/'
+}
+
+# sort conntrack table entries based on protocol
+do_protocol_sort() {
+ sed \
+ -r \
+ 's/^[0-9a-zA-Z]+[ ]+[0-9]+[ ]+([a-zA-Z0-9]+)/\1#\0/' $FILE_NAME \
+ | sort \
+ -t# \
+ -k 1,1$SORT_ORDER \
+ | sed \
+ -r \
+ 's/.*#(.*)/\1/'
+}
+
+# sort conntrack table entries based on connection status
+do_status_sort() {
+ sed \
+ -r \
+ 's/^[0-9a-zA-Z]+[ ]+[0-9]+[ ]+[a-zA-Z0-9]+[ ]+[0-9]+[ ]+[0-9]+[ ]+([a-zA-Z_0-9]+)[ ]+|^[0-9a-zA-Z]+[ ]+[0-9]+[ ]+[a-zA-Z0-9]+[ ]+[0-9]+[ ]+[0-9]+([ ]+)/\1#\0/' $FILE_NAME \
+ | sort \
+ -t# \
+ -k 1,1$SORT_ORDER \
+ | sed \
+ -r \
+ 's/.*#(.*)/\1/'
+}
+
+# sort conntrack table entries based on connection time to life
+do_ttl_sort() {
+ sed \
+ -r \
+ 's/^[0-9a-zA-Z]+[ ]+[0-9]+[ ]+[a-zA-Z0-9]+[ ]+[0-9]+[ ]+([0-9]+)[ ]+/\1#\0/' $FILE_NAME \
+ | sort \
+ -t# \
+ -k 1,1n$SORT_ORDER \
+ | sed \
+ -r \
+ 's/.*#(.*)/\1/'
+}
+
+# sort conntrack table entries based on downloaded bytes
+do_downloaded_bytes_sort() {
+ sed \
+ -r \
+ 's/.*src=.*bytes=([0-9]+).*src=/\1#\0/' $FILE_NAME \
+ | sort \
+ -t# \
+ -k 1,1n$SORT_ORDER \
+ | sed \
+ -r \
+ 's/.*#(.*)/\1/'
+}
+
+# sort conntrack table entries based on uploaded bytes
+do_uploaded_bytes_sort() {
+ sed \
+ -r \
+ 's/.*src=.*bytes=([0-9]+).*/\1#\0/' $FILE_NAME \
+ | sort \
+ -t# \
+ -k 1,1n$SORT_ORDER \
+ | sed \
+ -r \
+ 's/.*#(.*)/\1/'
+}
+
+SORT_ORDER=
+FILE_NAME=
+
+if [ $# -lt 2 ]; then
+ echo "Usage: consort <sort criteria 1=srcIp,2=dstIp,3=srcPort,4=dstPort,5=protocol,6=connection status> <a=ascending,d=descending> [input file]"
+ echo " consort.sh 1 a a.txt"
+ echo " cat a.txt | consort 1 d"
+ exit;
+fi
+
+if [[ 'a d A D' =~ $2 ]]; then
+ if [[ 'd D' =~ $2 ]]; then
+ SORT_ORDER=r
+ fi
+else
+ echo "Unknown sort order \"$2\""
+ exit;
+fi
+
+if [ $# == 3 ]; then
+ if [ ! -f $3 ]; then
+ echo "File not found."
+ exit;
+ fi
+ FILE_NAME=$3
+fi
+
+if [[ '1 2' =~ $1 ]]; then
+ do_ip_sort $1
+elif [[ '3 4' =~ $1 ]]; then
+ do_port_sort $(($1-2))
+elif [[ '5' =~ $1 ]]; then
+ do_protocol_sort
+elif [[ '6' =~ $1 ]]; then
+ do_status_sort
+elif [[ '7' =~ $1 ]]; then
+ do_ttl_sort
+elif [[ '8' =~ $1 ]]; then
+ do_downloaded_bytes_sort
+elif [[ '9' =~ $1 ]]; then
+ do_uploaded_bytes_sort
+else
+ echo "Unknown sort criteria \"$1\""
+fi
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2013-04-26 10:25 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130426102505.B01C6200BD@argus.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox