#
# This code is distributed under the terms of the GPL
#
-# JC HERITIER
+# JC HERITIER
# page inspired from the initial firewalllog.dat
#
# Modified for IPFire by Christian Schmidt (www.ipfire.org)
#Aug 28 14:54:30 shite kernel: IN=ppp0 OUT= MAC= SRC=213.48.150.1
#DST=213.208.115.234 LEN=110 TOS=0x00 PREC=0x00 TTL=60 ID=30699 DF PROTO=TCP
-#SPT=6667 DPT=62593 WINDOW=2505 RES=0x00 ACK PSH URGP=0
+#SPT=6667 DPT=62593 WINDOW=2505 RES=0x00 ACK PSH URGP=0
use strict;
}
elsif($cgiparams{'ACTION'} eq '>>')
{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
+ my @temp_then=();
+ my @temp_now = localtime(time);
+ $temp_now[4] = $cgiparams{'MONTH'};
+ $temp_now[3] = $cgiparams{'DAY'};
+ @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
+ ## Retrieve the same time on the next day -
+ ## 86400 seconds in a day
+ $cgiparams{'MONTH'} = $temp_then[4];
+ $cgiparams{'DAY'} = $temp_then[3];
}
elsif($cgiparams{'ACTION'} eq '<<')
{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
+ my @temp_then=();
+ my @temp_now = localtime(time);
+ $temp_now[4] = $cgiparams{'MONTH'};
+ $temp_now[3] = $cgiparams{'DAY'};
+ @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
+ ## Retrieve the same time on the previous day -
+ ## 86400 seconds in a day
+ $cgiparams{'MONTH'} = $temp_then[4];
+ $cgiparams{'DAY'} = $temp_then[3];
}
if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
{
- my @then = ();
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
- } else {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
- }
- $tdoy = $then[7];
- my $lastleap=($year-1)%4;
- if ($tdoy>$doy) {
- if ($lastleap == 0 && $tdoy < 60) {
- $doy=$tdoy+366;
- } else {
- $doy=$doy+365;
- }
- }
+ my @then = ();
+ if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
+ ( $cgiparams{'MONTH'} > $now[4] ) ) {
+ @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
+ } else {
+ @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
+ }
+ $tdoy = $then[7];
+ my $lastleap=($year-1)%4;
+ if ($tdoy>$doy) {
+ if ($lastleap == 0 && $tdoy < 60) {
+ $doy=$tdoy+366;
+ } else {
+ $doy=$doy+365;
+ }
+ }
}
my $datediff=0;
my $dowd=0;
my $multifile=0;
if ($tdoy ne $doy) {
- $datediff=int(($doy-$tdoy)/7);
- $dowd=($doy-$tdoy)%7;
- if (($dow-$dowd)<1) {
- $datediff=$datediff+1;
- }
- if (($dow-$dowd)==0) {
- $multifile=1;
- }
+ $datediff=int(($doy-$tdoy)/7);
+ $dowd=($doy-$tdoy)%7;
+ if (($dow-$dowd)<1) {
+ $datediff=$datediff+1;
+ }
+ if (($dow-$dowd)==0) {
+ $multifile=1;
+ }
}
my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
my $skip=0;
my $filestr='';
if ($datediff==0) {
- $filestr="/var/log/messages";
+ $filestr="/var/log/messages";
} else {
$filestr="/var/log/messages.$datediff";
$filestr = "$filestr.gz" if -f "$filestr.gz";
}
if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- # Note: This is in case the log does not exist for that date
+ $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
+ $skip=1;
+ # Note: This is in case the log does not exist for that date
}
my $lines = 0;
my @log=();
if (!$skip)
{
- while (<FILE>)
- {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /DPT\=([\d\.]+)/){
- if($1 eq $port){
- $log[$lines] = $_;
- $lines++;
- }
- }
+ while (<FILE>)
+ {
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ if($_ =~ /DPT\=([\d\.]+)/){
+ if($1 eq $port){
+ $log[$lines] = $_;
+ $lines++;
+ }
+ }
}
}
- close (FILE);
+ close (FILE);
}
$skip=0;
if ($multifile) {
- $datediff=$datediff-1;
- if ($datediff==0) {
- $filestr="/var/log/messages";
- } else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- }
- if (!$skip) {
+ $datediff=$datediff-1;
+ if ($datediff==0) {
+ $filestr="/var/log/messages";
+ } else {
+ $filestr="/var/log/messages.$datediff";
+ $filestr = "$filestr.gz" if -f "$filestr.gz";
+ }
+ if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
+ $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
+ $skip=1;
+ }
+ if (!$skip) {
while (<FILE>) {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /DPT\=([\d\.]+)/){
- if($1 eq $port){
- $log[$lines] = $_;
- $lines++;
- }
- }
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ if($_ =~ /DPT\=([\d\.]+)/){
+ if($1 eq $port){
+ $log[$lines] = $_;
+ $lines++;
+ }
+ }
}
}
close (FILE);
}
&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'firewall log'}, 1, '');
+&Header::openpage($Lang::tr{'firewall log port'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
if ($errormessage) {
<select name='DAY'>
END
;
-for ($day = 1; $day <= 31; $day++)
+for ($day = 1; $day <= 31; $day++)
{
print "\t<option ";
if ($day == $cgiparams{'DAY'}) {
&Header::closebox();
-&Header::openbox('100%', 'left', $Lang::tr{'firewall log'});
+&Header::openbox('100%', 'left', $Lang::tr{'firewall log port'});
print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
if ($start == -1) {
- $start = $lines - ${Header::viewsize}; }
+ $start = $lines - ${Header::viewsize};
+}
if ($start >= $lines - ${Header::viewsize}) { $start = $lines - ${Header::viewsize}; };
if ($start < 0) { $start = 0; }
$lines = 0;
foreach $_ (@slice)
{
- $a = $_;
- if($_ =~ /DPT\=([\d\.]+)/){
- if($1 eq $port){
- my $chain = '';
- my $in = '-'; my $out = '-';
- my $srcaddr = ''; my $dstaddr = '';
- my $protostr = '';
- my $srcport = ''; my $dstport = '';
-
- # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
- if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
- elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
- my $timestamp = $1; my $chain = $2; my $packet = $3;
- $timestamp =~ /(...) (..) (..:..:..)/;
- my $month = $1; my $day = $2; my $time = $3; my $iface;
-
- # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
- if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ /IN\=(\w+)/) { $iface = $1; }
- if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ /OUT\=(\w+)/) { $out = $1; }
- # Detect ipv4 and ipv6 addresses
- if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
- if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
- if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
- my $protostrlc = lc($protostr);
- if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
- if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; }
-
- if ($lines % 2) {
- print "<tr bgcolor='${Header::table1colour}'>\n"; }
- else {
- print "<tr bgcolor='${Header::table2colour}'>\n"; }
- print <<END
- <td align='center'>$time</td>
- <td align='center'>$chain</td>
- <td align='center'>$iface</td>
- <td align='center'>$protostr</td>
- <td align='center'>
- <table width='100%' cellpadding='0' cellspacing='0'><tr>
- <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$srcaddr'>$srcaddr</a></td>
- </tr></table>
- </td>
- <td align='center'>$srcport</td>
- <td align='center'>
- <table width='100%' cellpadding='0' cellspacing='0'><tr>
- <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$dstaddr'>$dstaddr</a></td>
- </tr></table>
- </td>
- <td align='center'>$dstport</td>
-</tr>
+ $a = $_;
+ if($_ =~ /DPT\=([\d\.]+)/){
+ if($1 eq $port){
+ my $chain = '';
+ my $in = '-';
+ my $out = '-';
+ my $srcaddr = '';
+ my $dstaddr = '';
+ my $protostr = '';
+ my $srcport = '';
+ my $dstport = '';
+
+ # If ipv6 uses bridge, the use PHYSIN, otherwise use IN
+ if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
+ elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
+ my $timestamp = $1; my $chain = $2; my $packet = $3;
+ $timestamp =~ /(...) (..) (..:..:..)/;
+ my $month = $1; my $day = $2; my $time = $3; my $iface;
+
+ # If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
+ if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ /IN\=(\w+)/) { $iface = $1; }
+ if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ /OUT\=(\w+)/) { $out = $1; }
+ # Detect ipv4 and ipv6 addresses
+ if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
+ if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }
+ if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
+ my $protostrlc = lc($protostr);
+ if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
+ if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; }
+
+ if ($lines % 2) {
+ print "<tr bgcolor='${Header::table1colour}'>\n";
+ }
+ else {
+ print "<tr bgcolor='${Header::table2colour}'>\n";
+ }
+ print <<END
+ <td align='center'>$time</td>
+ <td align='center'>$chain</td>
+ <td align='center'>$iface</td>
+ <td align='center'>$protostr</td>
+ <td align='center'>
+ <table width='100%' cellpadding='0' cellspacing='0'><tr>
+ <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$srcaddr'>$srcaddr</a></td>
+ </tr></table>
+ </td>
+ <td align='center'>$srcport</td>
+ <td align='center'>
+ <table width='100%' cellpadding='0' cellspacing='0'><tr>
+ <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$dstaddr'>$dstaddr</a></td>
+ </tr></table>
+ </td>
+ <td align='center'>$dstport</td>
+ </tr>
END
- ;
- $lines++;
- }
- }
+ ;
+ $lines++;
+ }
+ }
}
print <<END
&oldernewer();
+ print"<table width='100%'><tr><td align='center'><a href='/cgi-bin/logs.cgi/firewalllogport.dat'><img src='/images/back.png' alt='$Lang::tr{'back'}' title='$Lang::tr{'back'}' /></a></td></tr></table>";
+
&Header::closebox();
&Header::closebigbox();
sub oldernewer
{
-print <<END
-<table width='100%'>
-<tr>
+ print <<END
+ <table width='100%'>
+ <tr>
END
-;
+ ;
-print "<td align='center' width='50%'>";
-if ($prev != -1) {
- print "<a href='/cgi-bin/logs.cgi/showrequestfromport.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{port}'>$Lang::tr{'older'}</a>"; }
-else {
- print "$Lang::tr{'older'}"; }
-print "</td>\n";
+ print "<td align='center' width='50%'>";
+ if ($prev != -1) {
+ print "<a href='/cgi-bin/logs.cgi/showrequestfromport.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{port}'>$Lang::tr{'older'}</a>";
+ }
+ else {
+ print "$Lang::tr{'older'}";
+ }
+ print "</td>\n";
-print "<td align='center' width='50%'>";
-if ($next != -1) {
- print "<a href='/cgi-bin/logs.cgi/showrequestfromport.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{port}'>$Lang::tr{'newer'}</a>"; }
-else {
- print "$Lang::tr{'newer'}"; }
-print "</td>\n";
+ print "<td align='center' width='50%'>";
+ if ($next != -1) {
+ print "<a href='/cgi-bin/logs.cgi/showrequestfromport.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{port}'>$Lang::tr{'newer'}</a>";
+ }
+ else {
+ print "$Lang::tr{'newer'}";
+ }
+ print "</td>\n";
-print <<END
-</tr>
-</table>
+ print <<END
+ </tr>
+ </table>
END
-;
+ ;
}