From fde47f5aef2aa779350cec85b5c19327fa36b938 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Alf=20H=C3=B8gemark?= Date: Sat, 22 Feb 2014 08:03:59 +0100 Subject: [PATCH] firewalllogcountry.dat: Show green0,blue0, and orange0 as countries It makes sense to see how many fire wall logs entries are dropped from the interfaces green0, blue0, and orange0, so this is displayed as a country. The showrequestfromcountry.dat also supports filtering based on the interface. --- html/cgi-bin/logs.cgi/firewalllogcountry.dat | 46 ++++++++++++------- .../logs.cgi/showrequestfromcountry.dat | 26 ++++++++--- 2 files changed, 49 insertions(+), 23 deletions(-) diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index 6676f9cb76..123e85571f 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -291,20 +291,27 @@ if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines = 0; foreach $_ (@log) { - if($_ =~ /SRC\=([\d\.]+)/){ - my $srcaddr=$1; - my $ccode = $gi->country_code_by_name($srcaddr); - my $fcode; - - # TODO: should local IP adresses be include as unknown, or excluded from the statistics totally ? - # TODO: it would be nice to be able to group local IPs into "red", "green", "blue" etc - if( $ccode eq "") { - $ccode = "unknown"; + /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; + my $packet = $4; + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} + $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; + + if($iface eq 'red0') { + if($srcaddr ne '') { + my $ccode = $gi->country_code_by_name($srcaddr); + if( $ccode eq '') { + $ccode = 'unknown'; + } + $tabjc{$ccode} = $tabjc{$ccode} + 1 ; + if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } + $linesjc++; } - else { - $tabjc{$ccode} = $tabjc{$ccode} + 1 ; - if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } - $linesjc++; + } + else { + if($iface ne '') { + $tabjc{$iface} = $tabjc{$iface} + 1 ; + if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } + $linesjc++; } } } @@ -451,11 +458,16 @@ for($s=0;$s<$lines;$s++) $color++; print "
"; - if ( $key[$s] ne "unknown" ){ - my $fcode = lc($key[$s]); - print "$key[$s]";} + if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') { + print "$key[$s]"; + } else { - print ""; + if($key[$s] ne 'unknown' ) { + my $fcode = lc($key[$s]); + print "$key[$s]";} + else { + print "$key[$s]"; + } } print "$value[$s]"; print "$percent"; diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat index c842116188..5283c426b8 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -159,8 +159,15 @@ if (!$skip) while () { if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { - if($_ =~ /SRC\=([\d\.]+)/){ - my $srcaddr=$1; + my $packet = $2; + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} + $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; + + if($iface eq $country) { + $log[$lines] = $_; + $lines++; + } + elsif($srcaddr ne '') { my $ccode = $gi->country_code_by_name($srcaddr); if($ccode eq $country){ $log[$lines] = $_; @@ -301,10 +308,17 @@ $lines = 0; foreach $_ (@slice) { $a = $_; - if($_ =~ /SRC\=([\d\.]+)/){ - my $srcaddr=$1; - my $ccode = $gi->country_code_by_name($srcaddr); - if($ccode eq $country){ + /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; + my $packet = $4; + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} + $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; + + if($iface eq $country || $srcaddr ne '') { + my $ccode; + if($iface ne $country) { + $ccode = $gi->country_code_by_name($srcaddr); + } + if($iface eq $country || $ccode eq $country) { my $chain = ''; my $in = '-'; my $out = '-'; my $srcaddr = ''; my $dstaddr = ''; -- 2.39.2