$lines = 0;
foreach $_ (@log)
{
- /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses a bridge, PHYSIN= contains the relevant iface information
+ # otherwise use IN=
+ if ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $day = $1;
$day =~ tr / /0/;
my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
my $packet = $4;
my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstport);
- $iface=$1 if $packet =~ /IN=(\w+)/;
- $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
- $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1}
+ # Identify whether ipv4 or ipv6. Both are mutally exclusive.
+ if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr=$1 }
+ if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr=$1 }
+ if ($packet =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $dstaddr=$1 }
+ if ($packet =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $dstaddr=$1 }
$macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
$proto=$1 if $packet =~ /PROTO=(\w+)/;
$srcport=$1 if $packet =~ /SPT=(\d+)/;
if( $cgiparams{'otherspie'} != 0){$otherspie=$cgiparams{'otherspie'};}
if( $cgiparams{'showpie'} != 0){$showpie=$cgiparams{'showpie'};}
if( $cgiparams{'sortcolumn'} != 0){$sortcolumn=$cgiparams{'sortcolumn'};}
-
print <<END
</select>
</td>
foreach $_ (@log)
{
- /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, use PHYSIN for iface, otherwise IN
+ if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $packet = $4;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+ my $iface = '';
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
+ if ( $1 =~ /2./ ) { $iface=''; }
+ my $srcaddr = '';
+ # Find ipv4 and ipv6 addresses
+ if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr = $1 }
+ elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr = $1 }
if($iface eq $red_interface) {
+ # Traffic from red
if($srcaddr ne '') {
+ # srcaddr is set
my $ccode = $gi->country_code_by_name($srcaddr);
- if( $ccode eq '') {
+ if ($ccode eq '') {
$ccode = 'unknown';
}
$tabjc{$ccode} = $tabjc{$ccode} + 1 ;
}
}
else {
+ # Traffic not from red
if($iface ne '') {
$tabjc{$iface} = $tabjc{$iface} + 1 ;
if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
$linesjc++;
}
+ else {
+ # What to do with empty iface lines?
+ # This probably is traffic from ipfire itself (IN= OUT=XY)?
+ }
}
}
print "<img src='/graphs/fwlog-country$imagerandom.png'>";
print "</div>";
}
-
print <<END
<table width='100%' class='tbl'>
<tr>
$percent = $value[$s] * 100 / $linesjc;
$percent = sprintf("%.f", $percent);
$total = $total + $value[$s];
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
$color++;
print "<tr>";
print"<input type='hidden' name='country' value='$key[$s]'>";
print"<input type='submit' value='details'></form>";
}
-
- if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') {
+ elsif ($key[$s] eq 'unknown') {
+ print "unknown";
+ }
+ # Looks dangerous to use hardcoded interface names here. Probably needs fixing.
+ if ($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0' ) {
print "<td align='center' $col>$key[$s]</td>";
}
else {
if($cgiparams{'otherspie'} == 2 ){}
else{
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
$lines = 0;
foreach $_ (@log)
{
- if($_ =~ /SRC\=([\d\.]+)/){
+ # Extract ipv4 or ipv6 address
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
$tabjc{$1} = $tabjc{$1} + 1 ;
if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
$linesjc++;
$percent = $value[$s] * 100 / $linesjc;
$percent = sprintf("%.f", $percent);
$total = $total + $value[$s];
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
if($cgiparams{'otherspie'} == 2 ){}
else{
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
$percent = $value[$s] * 100 / $linesjc;
$percent = sprintf("%.f", $percent);
$total = $total + $value[$s];
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
if($cgiparams{'otherspie'} == 2 ){}
else{
- my $colorIndex = $color % 10;
- if($colorIndex == 0) {
- $colorIndex = 10;
- }
+ # colors are numbered 1 to 10
+ my $colorIndex = ($color % 10) + 1;
$col="bgcolor='$color{\"color$colorIndex\"}'";
print "<tr>";
{
while (<FILE>)
{
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- my $packet = $2;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+ # First check whether valid log line (date, day)
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ # If ipv6 uses bridge, then use PHYSIN otherwise use IN
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(PHYSIN=.*)$/) {}
+ elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {}
+ my $packet = $2;
+ my $iface = '';
+ my $srcaddr = '';
+ # If ipv6 uses bridge, use PHYSIN otherwise IN
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
+ # Extract ipv4 and ipv6 addresses
+ if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ $srcaddr = $1
+ };
if($iface eq $country) {
+ # iface matches country code
$log[$lines] = $_;
$lines++;
}
elsif($srcaddr ne '') {
+ # or srcaddr matches country code
my $ccode = $gi->country_code_by_name($srcaddr);
if($ccode eq $country){
$log[$lines] = $_;
$lines++;
}
}
- }
+ }
}
close (FILE);
}
}
if (!$skip) {
while (<FILE>) {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
- my $srcaddr=$1;
- my $ccode = $gi->country_code_by_name($srcaddr);
- if($ccode eq $country){
+ # Check if valid log line (date, day)
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ my $iface = '';
+ # If ipv6 uses bridge, then use PHYSIN otherwise IN
+ if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($_ =~ /IN=(\w+)/) { $iface = $1 }
+
+ if($iface eq $country) {
+ # iface matches country code
+ $log[$lines] = $_;
+ $lines++;
+ }
+ # extract ipv4 and ipv6 address
+ elsif (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ my $srcaddr=$1;
+ my $ccode = $gi->country_code_by_name($srcaddr);
+ if($ccode eq $country){
+ # or srcaddr matches country code
$log[$lines] = $_;
$lines++;
+ }
}
- }
- }
+ }
}
close (FILE);
}
foreach $_ (@slice)
{
$a = $_;
- /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, use PHYSIN otherwise use IN
+ if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {};
my $packet = $4;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+ my $iface = '';
+ # If ipv6 uses bridge, use PHYSIN otherwise use IN
+ if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
+ if ( $1 =~ /2./ ){ $iface="";}
+ my $srcaddr = '';
+ # Extract ipv4 and ipv6 addresses
+ if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ $srcaddr = $1
+ };
if($iface eq $country || $srcaddr ne '') {
- my $ccode;
+ my $ccode='';
if($iface ne $country) {
$ccode = $gi->country_code_by_name($srcaddr);
}
if($iface eq $country || $ccode eq $country) {
- my $chain = '';
+ my $chain = '';
my $in = '-'; my $out = '-';
my $srcaddr = ''; my $dstaddr = '';
my $protostr = '';
my $srcport = ''; my $dstport = '';
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, the use PHYSIN otherwise use IN
+ if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3;
- if ($a =~ /IN\=(\w+)/) { $iface = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
+ # If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use IN and OUT
+ if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ /IN=(\w+)/) { $iface = $1 }
+ if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ /OUT=(\w+)/) { $out = $1 }
+ # Extract ipv4 and ipv6 addresses
+ if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
+ if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
my $protostrlc = lc($protostr);
if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
while (<FILE>)
{
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
if($1 eq $ip){
$log[$lines] = $_;
$lines++;
if (!$skip) {
while (<FILE>) {
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
- if($1 eq $ip){
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
+ if($1 eq $ip){
$log[$lines] = $_;
$lines++;
- }
- }
+ }
+ }
}
}
close (FILE);
foreach $_ (@slice)
{
$a = $_;
- if($_ =~ /SRC\=([\d\.]+)/){
+ # Check whether valid ipv4 or ipv6 address
+ if (($_ =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($_ =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
if($1 eq $ip){
my $chain = '';
my $in = '-'; my $out = '-';
my $protostr = '';
my $srcport = ''; my $dstport = '';
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
+ if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3;
- if ($a =~ /IN\=(\w+)/) { $iface = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
+ # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
+ if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ /IN=(\w+)/) { $iface = $1 }
+ if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ /OUT=(\w+)/) { $out = $1 }
+ # Detect ipv4 and ipv6 addresses
+ if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
+ if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
my $protostrlc = lc($protostr);
if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
my $protostr = '';
my $srcport = ''; my $dstport = '';
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
+ if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3; my $iface;
- if ($a =~ /IN\=(\w+)/) { $iface = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
+ # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
+ if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ /IN\=(\w+)/) { $iface = $1; }
+ if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ /OUT\=(\w+)/) { $out = $1; }
+ # Detect ipv4 and ipv6 addresses
+ if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
+ if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
my $protostrlc = lc($protostr);
if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
projects / people / meitelwein / ipfire-2.x.git / commitdiff
