webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-19 15:32:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed detection of firewall chain when bridge is used for ipv6

Browse Source 
Signed-off-by: Michael Eitelwein <michael@eitelwein.net>
This commit is contained in:
Michael Eitelwein
2016-01-07 19:40:24 +01:00
parent a249e865bd
commit 1b5b6c91da
5 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
html/cgi-bin/logs.cgi/firewalllog.dat
View File

@@ -339,7 +339,7 @@ foreach $_ (@log)
my $chain = $3;
my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstport);
if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1; }
if ($packet =~ /PHYSIN=(\w+)/) { $iface=$1; } elsif ($packet =~ /IN=(\w+)/) { $iface = $1; }
# Identify whether ipv4 or ipv6. Both are mutally exclusive.
if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr=$1; }
if ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr=$1; }

8
html/cgi-bin/logs.cgi/firewalllogcountry.dat
View File

@@ -294,16 +294,16 @@ $lines = 0;
foreach $_ (@log)
{
# If ipv6 uses bridge, use PHYSIN for iface, otherwise IN
if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $packet = $4;
my $iface = '';
if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1; } elsif ($packet =~ /IN=(\w+)/) { $iface = $1; }
if ( $1 =~ /2./ ) { $iface=''; }
my $srcaddr = '';
# Find ipv4 and ipv6 addresses
if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr = $1 }
elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr = $1 }
if ($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) { $srcaddr = $1; }
elsif ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/) { $srcaddr = $1; }
if($iface eq $red_interface) {
# Traffic from red

22
html/cgi-bin/logs.cgi/showrequestfromcountry.dat
View File

@@ -161,16 +161,16 @@ if (!$skip)
# First check whether valid log line (date, day)
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
# If ipv6 uses bridge, then use PHYSIN otherwise use IN
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(PHYSIN=.*)$/) {}
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(PHYSIN=.*)$/) {}
elsif (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {}
my $packet = $2;
my $iface = '';
my $srcaddr = '';
# If ipv6 uses bridge, use PHYSIN otherwise IN
if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1; } elsif ($packet =~ /IN=(\w+)/) { $iface = $1; }
# Extract ipv4 and ipv6 addresses
if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
$srcaddr = $1
$srcaddr = $1;
};
if($iface eq $country) {
@@ -210,7 +210,7 @@ if ($multifile) {
if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
my $iface = '';
# If ipv6 uses bridge, then use PHYSIN otherwise IN
if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($_ =~ /IN=(\w+)/) { $iface = $1 }
if ($_ =~ /PHYSIN=(\w+)/) { $iface = $1; } elsif ($_ =~ /IN=(\w+)/) { $iface = $1; }
if($iface eq $country) {
# iface matches country code
@@ -333,17 +333,17 @@ foreach $_ (@slice)
{
$a = $_;
# If ipv6 uses bridge, use PHYSIN otherwise use IN
if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
if (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(PHYSIN=.*)$/) {}
elsif (/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {};
my $packet = $4;
my $iface = '';
# If ipv6 uses bridge, use PHYSIN otherwise use IN
if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($packet =~ /IN=(\w+)/) { $iface = $1 }
if ( $1 =~ /2./ ){ $iface="";}
if ($packet =~ /PHYSIN=(\w+)/) { $iface = $1; } elsif ($packet =~ /IN=(\w+)/) { $iface = $1; }
if ( $1 =~ /2./ ){ $iface=""; }
my $srcaddr = '';
# Extract ipv4 and ipv6 addresses
if (($packet =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($packet =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) {
$srcaddr = $1
$srcaddr = $1;
};
if($iface eq $country || $srcaddr ne '') {
@@ -359,15 +359,15 @@ foreach $_ (@slice)
my $srcport = ''; my $dstport = '';
# If ipv6 uses bridge, the use PHYSIN otherwise use IN
if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3;
# If ipv6 uses bridge, use PHYSIN and PHYSOUT, otherwise use IN and OUT
if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ /IN=(\w+)/) { $iface = $1 }
if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ /OUT=(\w+)/) { $out = $1 }
if ($a =~ /PHYSIN=(\w+)/) { $iface = $1; } elsif ($a =~ /IN=(\w+)/) { $iface = $1; }
if ($a =~ /PHYSOUT=(\w+)/) { $out = $1; } elsif ($a =~ /OUT=(\w+)/) { $out = $1; }
# Extract ipv4 and ipv6 addresses
if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }

6
html/cgi-bin/logs.cgi/showrequestfromip.dat
View File

@@ -303,15 +303,15 @@ foreach $_ (@slice)
my $srcport = ''; my $dstport = '';
# If ipv6 uses bridge, the use PHYSIN, otherwise use IN
if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3;
# If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
if ($a =~ /PHYSIN=(\w+)/) { $iface = $1 } elsif ($a =~ /IN=(\w+)/) { $iface = $1 }
if ($a =~ /PHYSOUT=(\w+)/) { $out = $1 } elsif ($a =~ /OUT=(\w+)/) { $out = $1 }
if ($a =~ /PHYSIN=(\w+)/) { $iface = $1; } elsif ($a =~ /IN=(\w+)/) { $iface = $1; }
if ($a =~ /PHYSOUT=(\w+)/) { $out = $1; } elsif ($a =~ /OUT=(\w+)/) { $out = $1; }
# Detect ipv4 and ipv6 addresses
if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }

6
html/cgi-bin/logs.cgi/showrequestfromport.dat
View File

@@ -308,15 +308,15 @@ foreach $_ (@slice)
my $srcport = ''; my $dstport = '';
# If ipv6 uses bridge, the use PHYSIN, otherwise use IN
if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
if ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)(PHYSIN=.*)$/) {}
elsif ($_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/) {}
my $timestamp = $1; my $chain = $2; my $packet = $3;
$timestamp =~ /(...) (..) (..:..:..)/;
my $month = $1; my $day = $2; my $time = $3; my $iface;
# If ipv6 uses bridge, the use PHYSIN and PHYSOUT, otherwise use IN and OUT
if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ /IN\=(\w+)/) { $iface = $1; }
if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ /OUT\=(\w+)/) { $out = $1; }
if ($a =~ /PHYSIN\=(\w+)/) { $iface = $1; } elsif ($a =~ /IN\=(\w+)/) { $iface = $1; }
if ($a =~ /PHYSOUT\=(\w+)/) { $out = $1; } elsif ($a =~ /OUT\=(\w+)/) { $out = $1; }
# Detect ipv4 and ipv6 addresses
if (($a =~ /SRC\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /SRC\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $srcaddr = $1; }
if (($a =~ /DST\=(([\d]{1,3})(\.([\d]{1,3})){3})/) or ($a =~ /DST\=(([0-9a-fA-F]{0,4})(\:([0-9a-fA-F]{0,4})){2,7})/)) { $dstaddr = $1; }