X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Flogs.cgi%2Ffirewalllogcountry.dat;h=949f2599daade08aa40d9285a3c754bccf419c95;hp=af142790870b24eebcb8edc80cbce4415149f195;hb=00793c27c929b68a21c4ef07044fbbb68942a192;hpb=080568824d60c86189a49d272a390f81c86a0eba diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index af14279087..949f2599da 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -8,10 +8,9 @@ # page inspired from the initial firewalllog.dat # # Modified for IPFire by Christian Schmidt -# and Michael Tremer (www.ipfire.org) +# and Michael Tremer (www.ipfire.org) use strict; -use Geo::IP::PurePerl; use Getopt::Std; # enable only the following on debugging purpose @@ -19,6 +18,7 @@ use Getopt::Std; #use CGI::Carp 'fatalsToBrowser'; require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/geoip-functions.pl"; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; @@ -38,11 +38,11 @@ $cgiparams{'showpie'} = 1; $cgiparams{'sortcolumn'} = 1; my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', - 'Sep', 'Oct', 'Nov', 'Dec' ); + 'Sep', 'Oct', 'Nov', 'Dec' ); my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'}, - $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'}, - $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'}, - $Lang::tr{'december'} ); + $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'}, + $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'}, + $Lang::tr{'december'} ); my @now = localtime(); my $dow = $now[6]; @@ -68,81 +68,81 @@ if ($cgiparams{'sortcolumn'} != 0) { $settings{'sortcolumn'} = $cgiparams{'sortc if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) { - &General::writehash("${General::swroot}/fwlogs/ipsettings", \%settings); + &General::writehash("${General::swroot}/fwlogs/ipsettings", \%settings); } my $start = -1; if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'}) { - my @temp = split(',',$ENV{'QUERY_STRING'}); - $start = $temp[0]; - $cgiparams{'MONTH'} = $temp[1]; - $cgiparams{'DAY'} = $temp[2]; + my @temp = split(',',$ENV{'QUERY_STRING'}); + $start = $temp[0]; + $cgiparams{'MONTH'} = $temp[1]; + $cgiparams{'DAY'} = $temp[2]; } if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) || !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/)) { - $cgiparams{'DAY'} = $now[3]; - $cgiparams{'MONTH'} = $now[4]; + $cgiparams{'DAY'} = $now[3]; + $cgiparams{'MONTH'} = $now[4]; } elsif($cgiparams{'ACTION'} eq '>>') { - my @temp_then=(); - my @temp_now = localtime(time); - $temp_now[4] = $cgiparams{'MONTH'}; - $temp_now[3] = $cgiparams{'DAY'}; - @temp_then = localtime(POSIX::mktime(@temp_now) + 86400); - ## Retrieve the same time on the next day - - ## 86400 seconds in a day - $cgiparams{'MONTH'} = $temp_then[4]; - $cgiparams{'DAY'} = $temp_then[3]; + my @temp_then=(); + my @temp_now = localtime(time); + $temp_now[4] = $cgiparams{'MONTH'}; + $temp_now[3] = $cgiparams{'DAY'}; + @temp_then = localtime(POSIX::mktime(@temp_now) + 86400); + ## Retrieve the same time on the next day - + ## 86400 seconds in a day + $cgiparams{'MONTH'} = $temp_then[4]; + $cgiparams{'DAY'} = $temp_then[3]; } elsif($cgiparams{'ACTION'} eq '<<') { - my @temp_then=(); - my @temp_now = localtime(time); - $temp_now[4] = $cgiparams{'MONTH'}; - $temp_now[3] = $cgiparams{'DAY'}; - @temp_then = localtime(POSIX::mktime(@temp_now) - 86400); - ## Retrieve the same time on the previous day - - ## 86400 seconds in a day - $cgiparams{'MONTH'} = $temp_then[4]; - $cgiparams{'DAY'} = $temp_then[3]; + my @temp_then=(); + my @temp_now = localtime(time); + $temp_now[4] = $cgiparams{'MONTH'}; + $temp_now[3] = $cgiparams{'DAY'}; + @temp_then = localtime(POSIX::mktime(@temp_now) - 86400); + ## Retrieve the same time on the previous day - + ## 86400 seconds in a day + $cgiparams{'MONTH'} = $temp_then[4]; + $cgiparams{'DAY'} = $temp_then[3]; } if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4])) { - my @then = (); - if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) || - ( $cgiparams{'MONTH'} > $now[4] ) ) { - @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 )); - } else { - @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 )); - } - $tdoy = $then[7]; - my $lastleap=($year-1)%4; - if ($tdoy>$doy) { - if ($lastleap == 0 && $tdoy < 60) { - $doy=$tdoy+366; - } else { - $doy=$doy+365; - } - } + my @then = (); + if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) || + ( $cgiparams{'MONTH'} > $now[4] ) ) { + @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 )); + } else { + @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 )); + } + $tdoy = $then[7]; + my $lastleap=($year-1)%4; + if ($tdoy>$doy) { + if ($lastleap == 0 && $tdoy < 60) { + $doy=$tdoy+366; + } else { + $doy=$doy+365; + } + } } my $datediff=0; my $dowd=0; my $multifile=0; if ($tdoy ne $doy) { - $datediff=int(($doy-$tdoy)/7); - $dowd=($doy-$tdoy)%7; - if (($dow-$dowd)<1) { - $datediff=$datediff+1; - } - if (($dow-$dowd)==0) { - $multifile=1; - } + $datediff=int(($doy-$tdoy)/7); + $dowd=($doy-$tdoy)%7; + if (($dow-$dowd)<1) { + $datediff=$datediff+1; + } + if (($dow-$dowd)==0) { + $multifile=1; + } } my $monthstr = $shortmonths[$cgiparams{'MONTH'}]; @@ -150,75 +150,76 @@ my $longmonthstr = $longmonths[$cgiparams{'MONTH'}]; my $day = $cgiparams{'DAY'}; my $daystr=''; if ($day <= 9) { - $daystr = " $day"; } + $daystr = " $day"; +} else { - $daystr = $day; + $daystr = $day; } my $skip=0; my $filestr=''; if ($datediff==0) { - $filestr="/var/log/messages"; + $filestr="/var/log/messages"; } else { - $filestr="/var/log/messages.$datediff"; - $filestr = "$filestr.gz" if -f "$filestr.gz"; + $filestr="/var/log/messages.$datediff"; + $filestr = "$filestr.gz" if -f "$filestr.gz"; } if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { - $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; - $skip=1; - # Note: This is in case the log does not exist for that date + $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; + $skip=1; + # Note: This is in case the log does not exist for that date } my $lines = 0; my @log=(); if (!$skip) { - while () - { - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { - $log[$lines] = $_; - $lines++; - } - } - close (FILE); + while () + { + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { + $log[$lines] = $_; + $lines++; + } + } + close (FILE); } $skip=0; if ($multifile) { - $datediff=$datediff-1; - if ($datediff==0) { - $filestr="/var/log/messages"; - } else { - $filestr="/var/log/messages.$datediff"; - $filestr = "$filestr.gz" if -f "$filestr.gz"; - } - if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { - $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; - $skip=1; - } - if (!$skip) { - while () { - if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { - $log[$lines] = $_; - $lines++; - } - } - close (FILE); - } + $datediff=$datediff-1; + if ($datediff==0) { + $filestr="/var/log/messages"; + } else { + $filestr="/var/log/messages.$datediff"; + $filestr = "$filestr.gz" if -f "$filestr.gz"; + } + if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { + $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; + $skip=1; + } + if (!$skip) { + while () { + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { + $log[$lines] = $_; + $lines++; + } + } + close (FILE); + } } my $MODNAME="fwlogs"; &Header::showhttpheaders(); -&Header::openpage($Lang::tr{'firewall log'}, 1, ''); +&Header::openpage($Lang::tr{'firewall log country'}, 1, ''); &Header::openbigbox('100%', 'left', '', $errormessage); if ($errormessage) { - &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); - print "$errormessage \n"; - &Header::closebox(); + &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); + print "$errormessage \n"; + &Header::closebox(); } &Header::openbox('100%', 'left', "$Lang::tr{'settings'}"); @@ -227,40 +228,39 @@ print < - - + - - + + @@ -280,40 +280,55 @@ END &Header::closebox(); -&Header::openbox('100%', 'left', 'Firewall Logs'); +&Header::openbox('100%', 'left', $Lang::tr{'firewall graph country'}); print "

$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines

"; +my $red_interface = &General::get_red_interface(); my $linesjc = 0; my %tabjc; -my $gi = Geo::IP::PurePerl->new(); if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; }; $lines = 0; + foreach $_ (@log) { - /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; - my $packet = $4; - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} - $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; - - if($iface eq 'red0') { - if($srcaddr ne '') { - my $ccode = $gi->country_code_by_name($srcaddr); - if( $ccode eq '') { - $ccode = 'unknown'; - } - $tabjc{$ccode} = $tabjc{$ccode} + 1 ; - if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } - $linesjc++; - } - } - else { - if($iface ne '') { - $tabjc{$iface} = $tabjc{$iface} + 1 ; - if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } - $linesjc++; - } - } + # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN + if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {} + elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {} + my $packet = $4; + my $iface = ''; + if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1; } elsif ($packet =~ /IN=(\w+)/) { $iface = $1; } + if ( $1 =~ /2./ ) { $iface=''; } + my $srcaddr = ''; + # Find ipv4 and ipv6 addresses + if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr = $1; } + elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr = $1; } + + if($iface eq $red_interface) { + # Traffic from red + if($srcaddr ne '') { + # srcaddr is set + my $ccode = &GeoIP::lookup($srcaddr); + if ($ccode eq '') { + $ccode = 'unknown'; + } + $tabjc{$ccode} = $tabjc{$ccode} + 1; + if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } + $linesjc++; + } + } + else { + # Traffic not from red + if($iface ne '') { + $tabjc{$iface} = $tabjc{$iface} + 1 ; + if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } + $linesjc++; + } + else { + # What to do with empty iface lines? + # This probably is traffic from ipfire itself (IN= OUT=XY)? + } + } } $pienumber = $lines; @@ -333,13 +348,11 @@ my @value; my $indice=0; my @tabjc2; -if ($sortcolumn == 1) -{ - @tabjc2 = sort { $b <=> $a } values (%tabjc); +if ($sortcolumn == 1) { + @tabjc2 = sort { $b <=> $a } values (%tabjc); } -else -{ - @tabjc2 = sort { $a <=> $b } keys (%tabjc); +else { + @tabjc2 = sort { $a <=> $b } keys (%tabjc); } my $colour=1; @@ -351,19 +364,17 @@ use GD::Graph::colour; #ips sort by hits number my $v; -if ($sortcolumn == 1) -{ - for ($v=0;$v<$pienumber;$v++){ - findkey($tabjc2[$v]); - } +if ($sortcolumn == 1) { + for ($v=0;$v<$pienumber;$v++){ + findkey($tabjc2[$v]); + } } -else -{ - foreach $v (@tabjc2) { - $key[$indice] = $v; - $value[$indice] = $tabjc{$v}; - $indice++; - } +else { + foreach $v (@tabjc2) { + $key[$indice] = $v; + $value[$indice] = $tabjc{$v}; + $indice++; + } } my @ips; @@ -376,15 +387,15 @@ my $o; if($cgiparams{'otherspie'} == 2 ){} else{ - my $numothers; - for($o=0;$o<$pienumber;$o++){ - $numothers = $numothers + $numb[$o]; - } - $numothers = $linesjc - $numothers; - if ($numothers > 0) { - $ips[$pienumber]="$Lang::tr{'otherip'}"; - $numb[$pienumber] = $numothers; - } + my $numothers; + for($o=0;$o<$pienumber;$o++){ + $numothers = $numothers + $numb[$o]; + } + $numothers = $linesjc - $numothers; + if ($numothers > 0) { + $ips[$pienumber]="$Lang::tr{'otherip'}"; + $numb[$pienumber] = $numothers; + } } my @data = (\@ips,\@numb); @@ -397,30 +408,29 @@ my %mainsettings = (); &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) { - my $mygraph = GD::Graph::pie->new(500, 350); - $mygraph->set( - 'title' => '', - 'pie_height' => 50, - 'start_angle' => 89 - ) or warn $mygraph->error; - - $mygraph->set_value_font(GD::gdMediumBoldFont); - $mygraph->set( dclrs => [ "$color{'color1'}" , "$color{'color2'}" , "$color{'color3'}" , "$color{'color4'}" , "$color{'color5'}" , "$color{'color6'}" , "$color{'color7'}" , "$color{'color8'}" , "$color{'color9'}" , "$color{'color10'}" ] ); - my $myimage = $mygraph->plot(\@data) or die $mygraph->error; - - my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-country*.png"); - unlink(@filenames); - my $imagerandom = rand(1000000); - my $imagename = "/srv/web/ipfire/html/graphs/fwlog-country$imagerandom.png"; - open(FILE,">$imagename"); - print FILE $myimage->png; - close(FILE); - ##################################################### - print "
"; - print ""; - print "
"; + my $mygraph = GD::Graph::pie->new(500, 350); + $mygraph->set( + 'title' => '', + 'pie_height' => 50, + 'start_angle' => 89 + ) or warn $mygraph->error; + + $mygraph->set_value_font(GD::gdMediumBoldFont); + $mygraph->set( dclrs => [ "$color{'color1'}" , "$color{'color2'}" , "$color{'color3'}" , "$color{'color4'}" , "$color{'color5'}" , "$color{'color6'}" , "$color{'color7'}" , "$color{'color8'}" , "$color{'color9'}" , "$color{'color10'}" ] ); + my $myimage = $mygraph->plot(\@data) or die $mygraph->error; + + my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-country*.png"); + unlink(@filenames); + my $imagerandom = rand(1000000); + my $imagename = "/srv/web/ipfire/html/graphs/fwlog-country$imagerandom.png"; + open(FILE,">$imagename"); + print FILE $myimage->png; + close(FILE); + ##################################################### + print "
"; + print ""; + print "
"; } - print < @@ -441,59 +451,72 @@ my $col=""; for($s=0;$s<$lines;$s++) { - $show++; - $percent = $value[$s] * 100 / $linesjc; - $percent = sprintf("%.f", $percent); - $total = $total + $value[$s]; - my $colorIndex = $color % 10; - if($colorIndex == 0) { - $colorIndex = 10; - } - $col="bgcolor='$color{\"color$colorIndex\"}'"; - $color++; - print ""; - - print ""; - if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') { - print ""; - } - else { - if($key[$s] ne 'unknown' ) { - my $fcode = lc($key[$s]); - print "";} - else { - print ""; - } - } - print ""; - print ""; - print ""; + $show++; + $percent = $value[$s] * 100 / $linesjc; + $percent = sprintf("%.f", $percent); + $total = $total + $value[$s]; + # colors are numbered 1 to 10 + my $colorIndex = ($color % 10) + 1; + $col="bgcolor='$color{\"color$colorIndex\"}'"; + $color++; + print ""; + + print ""; + } + else { + my $fcode = lc($key[$s]); + + # Get flag icon for of the country. + my $flag_icon = &GeoIP::get_flag_icon($fcode); + + if($flag_icon) { + print ""; + } else { + print ""; + } + } + print ""; + print ""; + print ""; } if($cgiparams{'otherspie'} == 2 ){} else{ - my $colorIndex = $color % 10; - if($colorIndex == 0) { - $colorIndex = 10; - } - $col="bgcolor='$color{\"color$colorIndex\"}'"; - print ""; - -if ( $linesjc ne "0") -{ -my $dif; -$dif = $linesjc - $total; -$percent = $dif * 100 / $linesjc; -$percent = sprintf("%.f", $percent); -print < - - - - + # colors are numbered 1 to 10 + my $colorIndex = ($color % 10) + 1; + $col="bgcolor='$color{\"color$colorIndex\"}'"; + print ""; + + if ( $linesjc ne "0") + { + my $dif; + $dif = $linesjc - $total; + $percent = $dif * 100 / $linesjc; + $percent = sprintf("%.f", $percent); + print < + + + + END -; -} + ; + } } print < @@ -505,19 +528,19 @@ END &Header::closepage(); sub findkey { - my $v; - foreach $v (@keytabjc) { - if ($tabjc{$v} eq $_[0]) { - delete $tabjc{$v}; - $key[$indice] = "$v"; - $value[$indice] = $_[0]; - $indice++; - last; - } - } + my $v; + foreach $v (@keytabjc) { + if ($tabjc{$v} eq $_[0]) { + delete $tabjc{$v}; + $key[$indice] = "$v"; + $value[$indice] = $_[0]; + $indice++; + last; + } + } } sub checkversion { - #Automatic Updates is disabled - return "0","0"; + #Automatic Updates is disabled + return "0","0"; }
$Lang::tr{'month'}:  - $Lang::tr{'month'}:  +  $Lang::tr{'day'}:  - +  $Lang::tr{'day'}:  +
$key[$s]$key[$s]$key[$s]$value[$s]$percent
"; + + # Dont show details button for "unknown" location. + if ($key[$s] ne 'unknown') { + print"
"; + print""; + print""; + print""; + print"
"; + } + elsif ($key[$s] eq 'unknown') { + print "unknown"; + } + # Looks dangerous to use hardcoded interface names here. Probably needs fixing. + if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0' ) { + print "		$key[$s]$key[$s]$key[$s]$value[$s]$percent
$Lang::tr{'other countries'}$dif$percent
$Lang::tr{'other countries'}$dif$percent