From 891ba055f2ece97941bfe3801ec4e33114b583d1 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Thu, 25 Feb 2016 11:22:19 +0100 Subject: [PATCH] guardian.cgi: Use "getipstat" binary. Rework the GetBlockedHosts() to use the "getipstat" binary instead of the not longer available "guardianctrl" binary. Signed-off-by: Stefan Schantl --- html/cgi-bin/guardian.cgi | 55 ++++++++++++++++++++++++++------------- 1 file changed, 37 insertions(+), 18 deletions(-) diff --git a/html/cgi-bin/guardian.cgi b/html/cgi-bin/guardian.cgi index 5fadc4562d..1941ff4878 100644 --- a/html/cgi-bin/guardian.cgi +++ b/html/cgi-bin/guardian.cgi @@ -652,30 +652,49 @@ sub daemonstats() { } sub GetBlockedHosts() { - # Create new, empty array. my @hosts; # Lauch helper to get chains from iptables. - open(FILE, "/usr/local/bin/guardianctrl get-chain |"); - - # Read file line by line and print out the elements. - foreach my $line () { - - # Skip descriptive lines. - next if ($line =~ /^Chain/); - next if ($line =~ /^ pkts/); - - # Generate array, based on the line content (seperator is a single or multiple space's) - my @comps = split(/\s{1,}/, $line); - my ($lead, $pkts, $bytes, $target, $prot, $opt, $in, $out, $source, $destination) = @comps; + system('/usr/local/bin/getipstat'); + + # Open temporary file which contains the chains and rules. + open (FILE, '/srv/web/ipfire/html/iptables.txt'); + + # Loop through the entire file. + while () { + my $line = $_; + + # Search for the guardian chain and extract + # the lines between it and the next empty line + # which is placed before the next firewall + # chain starts. + if ($line =~ /^Chain GUARDIAN/ .. /^\s*$/) { + # Skip descriptive lines. + next if ($line =~ /^Chain/); + next if ($line =~ /^ pkts/); + + # Generate array, based on the line content (seperator is a single or multiple space's) + my @comps = split(/\s{1,}/, $line); + my ($lead, $pkts, $bytes, $target, $prot, $opt, $in, $out, $source, $destination) = @comps; + + # Assign different variable names. + my $blocked_host = $source; + + # Add host to our hosts array. + if ($blocked_host) { + push(@hosts, $blocked_host); + } + } + } - # Assign different variable names. - my $blocked_host = $source; + # Close filehandle. + close(FILE); - # Add host to our hosts array. - push(@hosts, $blocked_host); - } + # Remove recently created temporary files of the "getipstat" binary. + system(rm -f "/srv/web/ipfire/html/iptables.txt"); + system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt"); + system(rm -f "/srv/web/ipfire/html/iptablesnat.txt"); # Convert entries, sort them, write back and store the sorted entries into new array. my @sorted = map { $_->[0] } -- 2.39.5