{
# If ipv6 uses a bridge, PHYSIN= contains the relevant iface information
# otherwise use IN=
- if ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
- elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
+ my $packet = '';
+ if ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) { $packet = $5; }
+ elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) { $packet = $4; }
my $day = $1;
$day =~ tr / /0/;
my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
- my $comment = $3;
- my $packet = $4;
+ my $chain = $3;
my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstport);
- if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1}
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1; }
# Identify whether ipv4 or ipv6. Both are mutally exclusive.
- if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr=$1 }
- if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr=$1 }
- if ($packet =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $dstaddr=$1 }
- if ($packet =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $dstaddr=$1 }
+ if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr=$1; }
+ if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr=$1; }
+ if ($packet =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $dstaddr=$1; }
+ if ($packet =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $dstaddr=$1; }
$macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
$proto=$1 if $packet =~ /PROTO=(\w+)/;
$srcport=$1 if $packet =~ /SPT=(\d+)/;
print <<END
<td align='center' $col>$time</td>
- <td align='center' $col>$comment</td>
+ <td align='center' $col>$chain</td>
<td align='center' $col>$iface</td>
<td align='center' $col>$proto</td>
<td align='center' $col><a href='/cgi-bin/ipinfo.cgi?ip=$srcaddr'>$srcaddr</a><br /><a href='/cgi-bin/ipinfo.cgi?ip=$dstaddr'>$dstaddr</a></td>