From e4aac473708d259a77830d5f4c2c95f436d3df54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alf=20H=C3=B8gemark?= Date: Wed, 12 Feb 2014 18:09:53 +0100 Subject: [PATCH 1/7] logs.cgi: Add files for showing firewall blocks by country Add similair functionality as firewalllogip.dat and firewalllogport.dat, by listing the number of blocks per country, and provide a details link to show only the blocked ip addresses from the country. This is a preliminary prototype. --- html/cgi-bin/logs.cgi/firewalllogcountry.dat | 519 ++++++++++++++++++ .../logs.cgi/showrequestfromcountry.dat | 397 ++++++++++++++ 2 files changed, 916 insertions(+) create mode 100644 html/cgi-bin/logs.cgi/firewalllogcountry.dat create mode 100644 html/cgi-bin/logs.cgi/showrequestfromcountry.dat diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat new file mode 100644 index 000000000..ffd8cea83 --- /dev/null +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -0,0 +1,519 @@ +#!/usr/bin/perl +# +# SmoothWall CGIs +# +# This code is distributed under the terms of the GPL +# +# JC HERITIER +# page inspired from the initial firewalllog.dat +# +# Modified for IPFire by Christian Schmidt +# and Michael Tremer (www.ipfire.org) + +use strict; +use Geo::IP::PurePerl; +use Getopt::Std; + +# enable only the following on debugging purpose +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; + +use POSIX(); + +my %cgiparams=(); +my %settings=(); +my $pienumber; +my $otherspie; +my $showpie; +my $sortcolumn; +my $errormessage = ''; + +$cgiparams{'pienumber'} = 10; +$cgiparams{'otherspie'} = 1; +$cgiparams{'showpie'} = 1; +$cgiparams{'sortcolumn'} = 1; + +my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', + 'Sep', 'Oct', 'Nov', 'Dec' ); +my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'}, + $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'}, + $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'}, + $Lang::tr{'december'} ); + +my @now = localtime(); +my $dow = $now[6]; +my $doy = $now[7]; +my $tdoy = $now[7]; +my $year = $now[5]+1900; + +$cgiparams{'DAY'} = $now[3]; +$cgiparams{'MONTH'} = $now[4]; +$cgiparams{'ACTION'} = ''; + +&General::readhash("${General::swroot}/fwlogs/ipsettings", \%settings); +if ($settings{'pienumber'} != 0) { $cgiparams{'pienumber'} = $settings{'pienumber'} }; +if ($settings{'otherspie'} != 0) { $cgiparams{'otherspie'} = $settings{'otherspie'} }; +if ($settings{'showpie'} != 0) { $cgiparams{'showpie'} = $settings{'showpie'} }; +if ($settings{'sortcolumn'} != 0) { $cgiparams{'sortcolumn'} = $settings{'sortcolumn'} }; + +&Header::getcgihash(\%cgiparams); +if ($cgiparams{'pienumber'} != 0) { $settings{'pienumber'} = $cgiparams{'pienumber'} }; +if ($cgiparams{'otherspie'} != 0) { $settings{'otherspie'} = $cgiparams{'otherspie'} }; +if ($cgiparams{'showpie'} != 0) { $settings{'showpie'} = $cgiparams{'showpie'} }; +if ($cgiparams{'sortcolumn'} != 0) { $settings{'sortcolumn'} = $cgiparams{'sortcolumn'} }; + +if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) +{ + &General::writehash("${General::swroot}/fwlogs/ipsettings", \%settings); +} + +my $start = -1; +if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'}) +{ + my @temp = split(',',$ENV{'QUERY_STRING'}); + $start = $temp[0]; + $cgiparams{'MONTH'} = $temp[1]; + $cgiparams{'DAY'} = $temp[2]; +} + +if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) || + !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/)) +{ + $cgiparams{'DAY'} = $now[3]; + $cgiparams{'MONTH'} = $now[4]; +} +elsif($cgiparams{'ACTION'} eq '>>') +{ + my @temp_then=(); + my @temp_now = localtime(time); + $temp_now[4] = $cgiparams{'MONTH'}; + $temp_now[3] = $cgiparams{'DAY'}; + @temp_then = localtime(POSIX::mktime(@temp_now) + 86400); + ## Retrieve the same time on the next day - + ## 86400 seconds in a day + $cgiparams{'MONTH'} = $temp_then[4]; + $cgiparams{'DAY'} = $temp_then[3]; +} +elsif($cgiparams{'ACTION'} eq '<<') +{ + my @temp_then=(); + my @temp_now = localtime(time); + $temp_now[4] = $cgiparams{'MONTH'}; + $temp_now[3] = $cgiparams{'DAY'}; + @temp_then = localtime(POSIX::mktime(@temp_now) - 86400); + ## Retrieve the same time on the previous day - + ## 86400 seconds in a day + $cgiparams{'MONTH'} = $temp_then[4]; + $cgiparams{'DAY'} = $temp_then[3]; +} + +if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4])) +{ + my @then = (); + if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) || + ( $cgiparams{'MONTH'} > $now[4] ) ) { + @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 )); + } else { + @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 )); + } + $tdoy = $then[7]; + my $lastleap=($year-1)%4; + if ($tdoy>$doy) { + if ($lastleap == 0 && $tdoy < 60) { + $doy=$tdoy+366; + } else { + $doy=$doy+365; + } + } +} + +my $datediff=0; +my $dowd=0; +my $multifile=0; +if ($tdoy ne $doy) { + $datediff=int(($doy-$tdoy)/7); + $dowd=($doy-$tdoy)%7; + if (($dow-$dowd)<1) { + $datediff=$datediff+1; + } + if (($dow-$dowd)==0) { + $multifile=1; + } +} + +my $monthstr = $shortmonths[$cgiparams{'MONTH'}]; +my $longmonthstr = $longmonths[$cgiparams{'MONTH'}]; +my $day = $cgiparams{'DAY'}; +my $daystr=''; +if ($day <= 9) { + $daystr = " $day"; } +else { + $daystr = $day; +} + +my $skip=0; +my $filestr=''; +if ($datediff==0) { + $filestr="/var/log/messages"; +} else { + $filestr="/var/log/messages.$datediff"; + $filestr = "$filestr.gz" if -f "$filestr.gz"; +} + +if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { + $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; + $skip=1; + # Note: This is in case the log does not exist for that date +} +my $lines = 0; +my @log=(); + +if (!$skip) +{ + while () + { + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { + $log[$lines] = $_; + $lines++; + } + } + close (FILE); +} + +$skip=0; +if ($multifile) { + $datediff=$datediff-1; + if ($datediff==0) { + $filestr="/var/log/messages"; + } else { + $filestr="/var/log/messages.$datediff"; + $filestr = "$filestr.gz" if -f "$filestr.gz"; + } + if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { + $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; + $skip=1; + } + if (!$skip) { + while () { + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { + $log[$lines] = $_; + $lines++; + } + } + close (FILE); + } +} + +my $MODNAME="fwlogs"; + +&Header::showhttpheaders(); +&Header::openpage($Lang::tr{'firewall log'}, 1, ''); +&Header::openbigbox('100%', 'left', '', $errormessage); + + +if ($errormessage) { + &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); + print "$errormessage \n"; + &Header::closebox(); +} + +&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:"); + +print < + + + + + + + + + + +
$Lang::tr{'month'}:  +  $Lang::tr{'day'}:  +
+ + + + +
$Lang::tr{'Number of IPs for the pie chart'}:
+ +END +; + +&Header::closebox(); + +&Header::openbox('100%', 'left', 'Firewall Logs'); +print "

$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines

"; + +my $linesjc = 0; +my %tabjc; + +my $gi = Geo::IP::PurePerl->new(); + +if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; }; +$lines = 0; +foreach $_ (@log) +{ + if($_ =~ /SRC\=([\d\.]+)/){ + my $srcaddr=$1; + my $ccode = $gi->country_code_by_name($srcaddr); + my $fcode; + + # TODO: should local IP adresses be include as unknown, or excluded from the statistics totally ? + # TODO: it would be nice to be able to group local IPs into "red", "green", "blue" etc + if( $ccode eq "") { + $ccode = "unknown"; + } + else { + $tabjc{$ccode} = $tabjc{$ccode} + 1 ; + if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } + $linesjc++; + } + } +} + +$pienumber = $lines; + +my @keytabjc = keys %tabjc; + +my @slice; +my $go; +my $nblinejc; + +if( $cgiparams{'linejc'} eq 'all' ){ $nblinejc = $linesjc; $go=1; } +if( ($cgiparams{'linejc'} != 0) && ($cgiparams{'linejc'} ne 'all') ){ $nblinejc = $cgiparams{'linejc'}; $go=1;} +if( $go != 1){ $nblinejc = 1000; } + +my @key; +my @value; +my $indice=0; +my @tabjc2; + +if ($sortcolumn == 1) +{ + @tabjc2 = sort { $b <=> $a } values (%tabjc); +} +else +{ + @tabjc2 = sort { $a <=> $b } keys (%tabjc); +} + +my $colour=1; + +############################################## +#pie chart generation +use GD::Graph::pie; +use GD::Graph::colour; +#ips sort by hits number +my $v; + +if ($sortcolumn == 1) +{ + for ($v=0;$v<$pienumber;$v++){ + findkey($tabjc2[$v]); + } +} +else +{ + foreach $v (@tabjc2) { + $key[$indice] = $v; + $value[$indice] = $tabjc{$v}; + $indice++; + } +} + +my @ips; +my @numb; + +@ips = @key; +@numb = @value; + +my $o; + +if($cgiparams{'otherspie'} == 2 ){} +else{ + my $numothers; + for($o=0;$o<$pienumber;$o++){ + $numothers = $numothers + $numb[$o]; + } + $numothers = $linesjc - $numothers; + if ($numothers > 0) { + $ips[$pienumber]="$Lang::tr{'otherip'}"; + $numb[$pienumber] = $numothers; + } +} + +my @data = (\@ips,\@numb); +use GD::Graph::colour qw( :files ); + +my $color=0; +my %color = (); +my %mainsettings = (); +&General::readhash("${General::swroot}/main/settings", \%mainsettings); +&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); + +if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) { + my $mygraph = GD::Graph::pie->new(500, 350); + $mygraph->set( + 'title' => '', + 'pie_height' => 50, + 'start_angle' => 89 + ) or warn $mygraph->error; + + $mygraph->set_value_font(GD::gdMediumBoldFont); + $mygraph->set( dclrs => [ "$color{'color1'}" , "$color{'color2'}" , "$color{'color3'}" , "$color{'color4'}" , "$color{'color5'}" , "$color{'color6'}" , "$color{'color7'}" , "$color{'color8'}" , "$color{'color9'}" , "$color{'color10'}" ] ); + my $myimage = $mygraph->plot(\@data) or die $mygraph->error; + + my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-ip*.png"); + unlink(@filenames); + my $imagerandom = rand(1000000); + my $imagename = "/srv/web/ipfire/html/graphs/fwlog-ip$imagerandom.png"; + open(FILE,">$imagename"); + print FILE $myimage->png; + close(FILE); + ##################################################### + print "
"; + print ""; + print "
"; +} + +print < + + +Flag +Count +Percent + +END +; + +my $total=0; +my $show=0; + +my $s; +my $percent; + +for($s=0;$s<$lines;$s++) +{ + $show++; + $percent = $value[$s] * 100 / $linesjc; + $percent = sprintf("%.f", $percent); + $total = $total + $value[$s]; + if ( ($color % 10) == 1 ){print "\n";} + if ( ($color % 10) == 2 ){print "\n";} + if ( ($color % 10) == 3 ){print "\n";} + if ( ($color % 10) == 4 ){print "\n";} + if ( ($color % 10) == 5 ){print "\n";} + if ( ($color % 10) == 6 ){print "\n";} + if ( ($color % 10) == 7 ){print "\n";} + if ( ($color % 10) == 8 ){print "\n";} + if ( ($color % 10) == 9 ){print "\n";} + if ( ($color % 10) == 0 ){print "\n";} + + + $color++; + print "
"; + if ( $key[$s] ne "unknown" ){ + my $fcode = lc($key[$s]); + print "$key[$s]";} + else { + print "";} + print "$value[$s]"; + print "$percent"; + print ""; + } + +if($cgiparams{'otherspie'} == 2 ){} +else{ +if ( ($color % 10) == 1 ){print "\n";} +if ( ($color % 10) == 2 ){print "\n";} +if ( ($color % 10) == 3 ){print "\n";} +if ( ($color % 10) == 4 ){print "\n";} +if ( ($color % 10) == 5 ){print "\n";} +if ( ($color % 10) == 6 ){print "\n";} +if ( ($color % 10) == 7 ){print "\n";} +if ( ($color % 10) == 8 ){print "\n";} +if ( ($color % 10) == 9 ){print "\n";} +if ( ($color % 10) == 0 ){print "\n";} + +if ( $linesjc ne "0") +{ +my $dif; +$dif = $linesjc - $total; +$percent = $dif * 100 / $linesjc; +$percent = sprintf("%.f", $percent); +print < +Other country +$dif +$percent + +END +; +} +} +print < +END +; + +&Header::closebox(); +&Header::closebigbox(); +&Header::closepage(); + +sub findkey { + my $v; + foreach $v (@keytabjc) { + if ($tabjc{$v} eq $_[0]) { + delete $tabjc{$v}; + $key[$indice] = "$v"; + $value[$indice] = $_[0]; + $indice++; + last; + } + } +} +sub checkversion { + #Automatic Updates is disabled + return "0","0"; +} + diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat new file mode 100644 index 000000000..25a9f1578 --- /dev/null +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -0,0 +1,397 @@ +#!/usr/bin/perl +# SmoothWall CGIs +# +# This code is distributed under the terms of the GPL +# +# JC HERITIER +# page inspired from the initial firewalllog.dat +# +# Modified for IPFire by Christian Schmidt (www.ipfire.org) + +# enable only the following on debugging purpose +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; + +#use strict; +use Geo::IP::PurePerl; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; + +use POSIX(); + +#workaround to suppress a warning when a variable is used only once +my @dummy = ( ${Header::table2colour} ); +undef (@dummy); + +my %cgiparams=(); +my %logsettings=(); +my $errormessage = ''; + +my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', + 'Sep', 'Oct', 'Nov', 'Dec' ); +my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'}, + $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'}, + $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'}, + $Lang::tr{'december'} ); + +my @now = localtime(); +my $dow = $now[6]; +my $doy = $now[7]; +my $tdoy = $now[7]; +my $year = $now[5]+1900; + +$cgiparams{'DAY'} = $now[3]; +$cgiparams{'MONTH'} = $now[4]; +$cgiparams{'ACTION'} = ''; + +&Header::getcgihash(\%cgiparams); + +$logsettings{'LOGVIEW_REVERSE'} = 'off'; +&General::readhash("${General::swroot}/logging/settings", \%logsettings); + +my $start = -1; +if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'}) +{ + my @temp = split(',',$ENV{'QUERY_STRING'}); + $start = $temp[0]; + $cgiparams{'MONTH'} = $temp[1]; + $cgiparams{'DAY'} = $temp[2]; + $cgiparams{ip} = $temp[3]; +} + +if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) || + !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/)) +{ + $cgiparams{'DAY'} = $now[3]; + $cgiparams{'MONTH'} = $now[4]; +} +elsif($cgiparams{'ACTION'} eq '>>') +{ + my @temp_then=(); + my @temp_now = localtime(time); + $temp_now[4] = $cgiparams{'MONTH'}; + $temp_now[3] = $cgiparams{'DAY'}; + @temp_then = localtime(POSIX::mktime(@temp_now) + 86400); + ## Retrieve the same time on the next day - + ## 86400 seconds in a day + $cgiparams{'MONTH'} = $temp_then[4]; + $cgiparams{'DAY'} = $temp_then[3]; +} +elsif($cgiparams{'ACTION'} eq '<<') +{ + my @temp_then=(); + my @temp_now = localtime(time); + $temp_now[4] = $cgiparams{'MONTH'}; + $temp_now[3] = $cgiparams{'DAY'}; + @temp_then = localtime(POSIX::mktime(@temp_now) - 86400); + ## Retrieve the same time on the previous day - + ## 86400 seconds in a day + $cgiparams{'MONTH'} = $temp_then[4]; + $cgiparams{'DAY'} = $temp_then[3]; +} + +if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4])) +{ + my @then = (); + if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) || + ( $cgiparams{'MONTH'} > $now[4] ) ) { + @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 )); + } else { + @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 )); + } + $tdoy = $then[7]; + my $lastleap=($year-1)%4; + if ($tdoy>$doy) { + if ($lastleap == 0 && $tdoy < 60) { + $doy=$tdoy+366; + } else { + $doy=$doy+365; + } + } +} +my $datediff=0; +my $dowd=0; +my $multifile=0; +if ($tdoy ne $doy) { + $datediff=int(($doy-$tdoy)/7); + $dowd=($doy-$tdoy)%7; + if (($dow-$dowd)<1) { + $datediff=$datediff+1; + } + if (($dow-$dowd)==0) { + $multifile=1; + } +} + +my $monthstr = $shortmonths[$cgiparams{'MONTH'}]; +my $longmonthstr = $longmonths[$cgiparams{'MONTH'}]; +my $day = $cgiparams{'DAY'}; +my $daystr=''; +if ($day <= 9) { + $daystr = " $day"; } +else { + $daystr = $day; +} + +my $skip=0; +my $filestr=''; +if ($datediff==0) { + $filestr="/var/log/messages"; +} else { + $filestr="/var/log/messages.$datediff"; + $filestr = "$filestr.gz" if -f "$filestr.gz"; +} + +if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { + $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; + $skip=1; + # Note: This is in case the log does not exist for that date +} +my $lines = 0; +my @log=(); +my $country = $cgiparams{country}; +my $gi = Geo::IP::PurePerl->new(); + +if (!$skip) +{ + while () + { + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { + if($_ =~ /SRC\=([\d\.]+)/){ + my $srcaddr=$1; + my $ccode = $gi->country_code_by_name($srcaddr); + if($ccode eq $country){ + $log[$lines] = $_; + $lines++; + } + } + } + } + close (FILE); +} + +$skip=0; +if ($multifile) { + $datediff=$datediff-1; + if ($datediff==0) { + $filestr="/var/log/messages"; + } else { + $filestr="/var/log/messages.$datediff"; + $filestr = "$filestr.gz" if -f "$filestr.gz"; + } + if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { + $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}"; + $skip=1; + } + if (!$skip) { + while () { + if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { + if($_ =~ /SRC\=([\d\.]+)/){ + my $srcaddr=$1; + my $ccode = $gi->country_code_by_name($srcaddr); + if($ccode eq $country){ + $log[$lines] = $_; + $lines++; + } + } + } + } + close (FILE); + } +} + +&Header::showhttpheaders(); +&Header::openpage($Lang::tr{'firewall log'}, 1, ''); +&Header::openbigbox('100%', 'left', '', $errormessage); + +if ($errormessage) { + &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); + print "$errormessage \n"; + &Header::closebox(); +} + +&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:"); + +print < + + + + + + + + + + + +
$Lang::tr{'month'}:  +  $Lang::tr{'day'}:  +
$Lang::tr{'source ip'}
+ +END +; + +&Header::closebox(); + +&Header::openbox('100%', 'left', $Lang::tr{'firewall log'}); +print "

$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines

"; + +if ($start == -1) { + $start = $lines - ${Header::viewsize}; } +if ($start >= $lines - ${Header::viewsize}) { $start = $lines - ${Header::viewsize}; }; +if ($start < 0) { $start = 0; } + +my $prev = $start - ${Header::viewsize}; +my $next = $start + ${Header::viewsize}; + +if ($prev < 0) { $prev = 0; } +if ($next >= $lines) { $next = -1 } +if ($start == 0) { $prev = -1; } + +if ($lines != 0) { &oldernewer(); } + +print < + +$Lang::tr{'time'} +$Lang::tr{'chain'} +$Lang::tr{'iface'} +$Lang::tr{'proto'} +$Lang::tr{'source'} +$Lang::tr{'src port'} +$Lang::tr{'destination'} +$Lang::tr{'dst port'} + +END +; + +my @slice = splice(@log, $start, ${Header::viewsize}); + +if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @slice = reverse @slice; } + +$lines = 0; +foreach $_ (@slice) +{ + $a = $_; + if($_ =~ /SRC\=([\d\.]+)/){ + my $srcaddr=$1; + my $ccode = $gi->country_code_by_name($srcaddr); + if($ccode eq $country){ + my $chain = ''; + my $in = '-'; my $out = '-'; + my $srcaddr = ''; my $dstaddr = ''; + my $protostr = ''; + my $srcport = ''; my $dstport = ''; + + $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; + my $timestamp = $1; my $chain = $2; my $packet = $3; + $timestamp =~ /(...) (..) (..:..:..)/; + my $month = $1; my $day = $2; my $time = $3; + + if ($a =~ /IN\=(\w+)/) { $iface = $1; } + if ($a =~ /OUT\=(\w+)/) { $out = $1; } + if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } + if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } + if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } + my $protostrlc = lc($protostr); + if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } + if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; } + + if ($lines % 2) { + print "\n"; } + else { + print "\n"; } + print <$time + $chain + $iface + $protostr + + + +
$srcaddr
+ + $srcport + + + +
$dstaddr
+ + $dstport + +END + ; + $lines++; + } + } +} + +print < +END +; + +&oldernewer(); + +&Header::closebox(); + +&Header::closebigbox(); + +&Header::closepage(); + +sub oldernewer +{ +print < + +END +; + +print ""; +if ($prev != -1) { + print "$Lang::tr{'older'}"; } +else { + print "$Lang::tr{'older'}"; } +print "\n"; + +print ""; +if ($next != -1) { + print "$Lang::tr{'newer'}"; } +else { + print "$Lang::tr{'newer'}"; } +print "\n"; + +print < + +END +; +} From f424897557ee41cd235ae293820a558c98e9caf2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alf=20H=C3=B8gemark?= Date: Sun, 16 Feb 2014 07:18:41 +0100 Subject: [PATCH 2/7] firewalllogcountry.dat: Use language strings and add to menu Add some language strings for the new firewalllogport.dat, and include html fixes done in firewalllogip.dat, which this file is based on. Also try to add the menu item to the sub menu, but that is currently not working. --- config/menu/70-log.menu | 5 + html/cgi-bin/logs.cgi/firewalllogcountry.dat | 96 ++++++++++---------- langs/de/cgi-bin/de.pl | 2 + langs/en/cgi-bin/en.pl | 4 +- 4 files changed, 58 insertions(+), 49 deletions(-) diff --git a/config/menu/70-log.menu b/config/menu/70-log.menu index 25ba090fc..08973de5a 100644 --- a/config/menu/70-log.menu +++ b/config/menu/70-log.menu @@ -33,6 +33,11 @@ 'title' => "$Lang::tr{'firewall logs port'}", 'enabled' => 1 }; + $sublogs->{'43.firewallcountry'} = {'caption' => $Lang::tr{'firewall logs country'}, + 'uri' => '/cgi-bin/logs.cgi/firewalllogcountry.dat', + 'title' => "$Lang::tr{'firewall logs country'}", + 'enabled' => 1 + }; $sublogs->{'50.ids'} = {'caption' => $Lang::tr{'ids logs'}, 'uri' => '/cgi-bin/logs.cgi/ids.dat', 'title' => "$Lang::tr{'ids logs'}", diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index ffd8cea83..6676f9cb7 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -221,7 +221,7 @@ if ($errormessage) { &Header::closebox(); } -&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:"); +&Header::openbox('100%', 'left', "$Lang::tr{'settings'}"); print < @@ -266,15 +266,15 @@ print < - + + + + $Lang::tr{'Number of Countries for the pie chart'}: + + - - - - -
$Lang::tr{'Number of IPs for the pie chart'}:
- + END ; @@ -285,7 +285,6 @@ print "

$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines

"; my $linesjc = 0; my %tabjc; - my $gi = Geo::IP::PurePerl->new(); if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; }; @@ -416,13 +415,13 @@ if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) { } print < - - -Flag -Count -Percent - + + + + + + + END ; @@ -431,6 +430,7 @@ my $show=0; my $s; my $percent; +my $col=""; for($s=0;$s<$lines;$s++) { @@ -438,42 +438,42 @@ for($s=0;$s<$lines;$s++) $percent = $value[$s] * 100 / $linesjc; $percent = sprintf("%.f", $percent); $total = $total + $value[$s]; - if ( ($color % 10) == 1 ){print "\n";} - if ( ($color % 10) == 2 ){print "\n";} - if ( ($color % 10) == 3 ){print "\n";} - if ( ($color % 10) == 4 ){print "\n";} - if ( ($color % 10) == 5 ){print "\n";} - if ( ($color % 10) == 6 ){print "\n";} - if ( ($color % 10) == 7 ){print "\n";} - if ( ($color % 10) == 8 ){print "\n";} - if ( ($color % 10) == 9 ){print "\n";} - if ( ($color % 10) == 0 ){print "\n";} - + if ( ($color % 10) == 1 ){print ""; $col="bgcolor='$color{'color1'}'";} + if ( ($color % 10) == 2 ){print ""; $col="bgcolor='$color{'color2'}'";} + if ( ($color % 10) == 3 ){print ""; $col="bgcolor='$color{'color3'}'";} + if ( ($color % 10) == 4 ){print ""; $col="bgcolor='$color{'color4'}'";} + if ( ($color % 10) == 5 ){print ""; $col="bgcolor='$color{'color5'}'";} + if ( ($color % 10) == 6 ){print ""; $col="bgcolor='$color{'color6'}'";} + if ( ($color % 10) == 7 ){print ""; $col="bgcolor='$color{'color7'}'";} + if ( ($color % 10) == 8 ){print ""; $col="bgcolor='$color{'color8'}'";} + if ( ($color % 10) == 9 ){print ""; $col="bgcolor='$color{'color9'}'";} + if ( ($color % 10) == 0 ){print ""; $col="bgcolor='$color{'color10'}'";} $color++; - print ""; + print ""; if ( $key[$s] ne "unknown" ){ my $fcode = lc($key[$s]); - print "";} + print "";} else { - print "";} - print ""; - print ""; - print ""; + print ""; } + print ""; + print ""; + print ""; +} if($cgiparams{'otherspie'} == 2 ){} else{ -if ( ($color % 10) == 1 ){print "\n";} -if ( ($color % 10) == 2 ){print "\n";} -if ( ($color % 10) == 3 ){print "\n";} -if ( ($color % 10) == 4 ){print "\n";} -if ( ($color % 10) == 5 ){print "\n";} -if ( ($color % 10) == 6 ){print "\n";} -if ( ($color % 10) == 7 ){print "\n";} -if ( ($color % 10) == 8 ){print "\n";} -if ( ($color % 10) == 9 ){print "\n";} -if ( ($color % 10) == 0 ){print "\n";} +if ( ($color % 10) == 1 ){print ""; $col="bgcolor='$color{'color1'}'";} +if ( ($color % 10) == 2 ){print ""; $col="bgcolor='$color{'color2'}'";} +if ( ($color % 10) == 3 ){print ""; $col="bgcolor='$color{'color3'}'";} +if ( ($color % 10) == 4 ){print ""; $col="bgcolor='$color{'color4'}'";} +if ( ($color % 10) == 5 ){print ""; $col="bgcolor='$color{'color5'}'";} +if ( ($color % 10) == 6 ){print ""; $col="bgcolor='$color{'color6'}'";} +if ( ($color % 10) == 7 ){print ""; $col="bgcolor='$color{'color7'}'";} +if ( ($color % 10) == 8 ){print ""; $col="bgcolor='$color{'color8'}'";} +if ( ($color % 10) == 9 ){print ""; $col="bgcolor='$color{'color9'}'";} +if ( ($color % 10) == 0 ){print ""; $col="bgcolor='$color{'color10'}'";} if ( $linesjc ne "0") { @@ -482,11 +482,11 @@ $dif = $linesjc - $total; $percent = $dif * 100 / $linesjc; $percent = sprintf("%.f", $percent); print < - - - - + + + + + END ; } diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index e951b68b5..700f41b3b 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -34,6 +34,7 @@ 'Level7 rule' => 'Level7-Regel', 'Local VPN IP' => 'Internes Netzwerk (GREEN)', 'MTU' => 'MTU Size', +'Number of Countries for the pie chart' => 'Anzahl der angezeigten Länder im Diagramm', 'Number of IPs for the pie chart' => 'Anzahl der angezeigten IPs im Diagramm', 'Number of Ports for the pie chart' => 'Anzahl der angezeigten Ports im Diagramm', 'OVPN' => 'OpenVPN', @@ -888,6 +889,7 @@ 'firewall log' => 'Firewall-Protokoll', 'firewall log viewer' => 'Betrachter der Firewall-Logdateien', 'firewall logs' => 'Firewall-Logdateien', +'firewall logs country' => 'Fw-Logdiagramme (Land)', 'firewall logs ip' => 'Fw-Logdiagramme (IP)', 'firewall logs port' => 'Fw-Logdiagramme (Port)', 'firewall rules' => 'Firewallregeln', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index d8cfdc771..6a7835275 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -34,6 +34,7 @@ 'Level7 rule' => 'Level7 rule', 'Local VPN IP' => 'Internal Network (GREEN):', 'MTU' => 'MTU size:', +'Number of Countries for the pie chart' => 'Number of Countries for the pie chart', 'Number of IPs for the pie chart' => 'Number of IPs for the pie chart', 'Number of Ports for the pie chart' => 'Number of ports for the pie chart', 'OVPN' => 'OpenVPN', @@ -911,11 +912,12 @@ 'firewall graphs' => 'Firewall Graphs', 'firewall hits' => 'Total number of firewall hits for', 'firewall hits per' => 'firewallhits per', +'firewall logs' => 'Firewall Logs', 'firewall log' => 'Firewall log', 'firewall log viewer' => 'Firewall Log Viewer', -'firewall logs' => 'Firewall Logs', 'firewall logs ip' => 'Fw-Loggraphs (IP)', 'firewall logs port' => 'Fw-Loggraphs (Port)', +'firewall logs country' => 'Fw-Loggraphs (Country)', 'firewall rules' => 'Firewall Rules', 'firewallhits' => 'firewallhits', 'firmware' => 'Firmware', From bde7a7d296b2d0ab165687d9c46dcf67caf955a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alf=20H=C3=B8gemark?= Date: Mon, 17 Feb 2014 20:05:00 +0100 Subject: [PATCH 3/7] showrequestfromcountry.dat: Use language string, and fix links Define language key for input field. Fix links for older and newer links. Indentation fixes. The code is a copy from showrequestfromip.dat, ideally we should have merged all three showrequestfrom*.dat files into one file, but I do not do that now, because it would really require a rewrite of most of the logic, and I understand that one does not want to do such changes in 2.x. --- .../logs.cgi/showrequestfromcountry.dat | 147 +++++++++--------- langs/de/cgi-bin/de.pl | 1 + langs/en/cgi-bin/en.pl | 1 + 3 files changed, 76 insertions(+), 73 deletions(-) diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat index 25a9f1578..c84211618 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -58,7 +58,7 @@ if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'}) $start = $temp[0]; $cgiparams{'MONTH'} = $temp[1]; $cgiparams{'DAY'} = $temp[2]; - $cgiparams{ip} = $temp[3]; + $cgiparams{country} = $temp[3]; } if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) || @@ -156,8 +156,8 @@ my $gi = Geo::IP::PurePerl->new(); if (!$skip) { - while () - { + while () + { if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { if($_ =~ /SRC\=([\d\.]+)/){ my $srcaddr=$1; @@ -252,7 +252,7 @@ print < - +
$Lang::tr{'country'}Count$Lang::tr{'percentage'}
$key[$s]$key[$s]$value[$s]$percent
$value[$s]$percent
Other country$dif$percent
$Lang::tr{'other countries'}$dif$percent
$Lang::tr{'source ip'}
$Lang::tr{'source ip country'}
@@ -279,17 +279,17 @@ if ($start == 0) { $prev = -1; } if ($lines != 0) { &oldernewer(); } print < - -$Lang::tr{'time'} -$Lang::tr{'chain'} -$Lang::tr{'iface'} -$Lang::tr{'proto'} -$Lang::tr{'source'} -$Lang::tr{'src port'} -$Lang::tr{'destination'} -$Lang::tr{'dst port'} - + + + + + + + + + + + END ; @@ -305,57 +305,57 @@ foreach $_ (@slice) my $srcaddr=$1; my $ccode = $gi->country_code_by_name($srcaddr); if($ccode eq $country){ - my $chain = ''; - my $in = '-'; my $out = '-'; - my $srcaddr = ''; my $dstaddr = ''; - my $protostr = ''; - my $srcport = ''; my $dstport = ''; + my $chain = ''; + my $in = '-'; my $out = '-'; + my $srcaddr = ''; my $dstaddr = ''; + my $protostr = ''; + my $srcport = ''; my $dstport = ''; - $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; - my $timestamp = $1; my $chain = $2; my $packet = $3; - $timestamp =~ /(...) (..) (..:..:..)/; - my $month = $1; my $day = $2; my $time = $3; + $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; + my $timestamp = $1; my $chain = $2; my $packet = $3; + $timestamp =~ /(...) (..) (..:..:..)/; + my $month = $1; my $day = $2; my $time = $3; - if ($a =~ /IN\=(\w+)/) { $iface = $1; } - if ($a =~ /OUT\=(\w+)/) { $out = $1; } - if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } - if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } - if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } - my $protostrlc = lc($protostr); - if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } - if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; } + if ($a =~ /IN\=(\w+)/) { $iface = $1; } + if ($a =~ /OUT\=(\w+)/) { $out = $1; } + if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; } + if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; } + if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; } + my $protostrlc = lc($protostr); + if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; } + if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; } - if ($lines % 2) { - print "\n"; } - else { - print "\n"; } - print <$time - - - - - - - - + if ($lines % 2) { + print "\n"; } + else { + print "\n"; } + print <$time + + + + + + + + END ; - $lines++; + $lines++; } } } print < +
$Lang::tr{'time'}$Lang::tr{'chain'}$Lang::tr{'iface'}$Lang::tr{'proto'}$Lang::tr{'source'}$Lang::tr{'src port'}$Lang::tr{'destination'}$Lang::tr{'dst port'}
$chain$iface$protostr - - -
$srcaddr
- 		$srcport - - -
$dstaddr
- 		$dstport
$chain$iface$protostr + + +
$srcaddr
+ 		$srcport + + +
$dstaddr
+ 		$dstport
END ; @@ -369,29 +369,30 @@ END sub oldernewer { -print < - + print < + END ; -print ""; -if ($prev != -1) { - print "$Lang::tr{'older'}"; } -else { - print "$Lang::tr{'older'}"; } -print "\n"; + print ""; + if ($prev != -1) { + print "$Lang::tr{'older'}"; } + else { + print "$Lang::tr{'older'}"; } + print "\n"; -print ""; -if ($next != -1) { - print "$Lang::tr{'newer'}"; } -else { - print "$Lang::tr{'newer'}"; } -print "\n"; + print ""; + if ($next != -1) { + print "$Lang::tr{'newer'}"; } + else { + print "$Lang::tr{'newer'}"; } + print "\n"; print < - + + END ; } + diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 700f41b3b..11e8370a7 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1907,6 +1907,7 @@ 'source ip' => 'Quell-IP-Adresse', 'source ip and port' => 'Quell-IP:Port', 'source ip bad' => 'Ungültige Quell-IP-Adresse.', +'source ip country' => 'Quell-IP-Adresse Land', 'source ip in use' => 'Benutzte Quell-IP:', 'source ip or net' => 'Quellen-IP oder Netz', 'source net' => 'Quell-Netz', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 6a7835275..450842880 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1942,6 +1942,7 @@ 'source ip' => 'Source IP', 'source ip and port' => 'Source IP: Port', 'source ip bad' => 'Not a valid IP address or a network address.', +'source ip country' => 'Source IP Country', 'source ip in use' => 'Source IP in use:', 'source ip or net' => 'Source IP or Net', 'source net' => 'Source Net', From c438fb070e42080e86da5de68f0a6700960ef2d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alf=20H=C3=B8gemark?= Date: Mon, 17 Feb 2014 20:13:53 +0100 Subject: [PATCH 4/7] en.pl: Trivial sorting of a key --- langs/en/cgi-bin/en.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 450842880..3f1065f49 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -912,9 +912,9 @@ 'firewall graphs' => 'Firewall Graphs', 'firewall hits' => 'Total number of firewall hits for', 'firewall hits per' => 'firewallhits per', -'firewall logs' => 'Firewall Logs', 'firewall log' => 'Firewall log', 'firewall log viewer' => 'Firewall Log Viewer', +'firewall logs' => 'Firewall Logs', 'firewall logs ip' => 'Fw-Loggraphs (IP)', 'firewall logs port' => 'Fw-Loggraphs (Port)', 'firewall logs country' => 'Fw-Loggraphs (Country)', From fde47f5aef2aa779350cec85b5c19327fa36b938 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alf=20H=C3=B8gemark?= Date: Sat, 22 Feb 2014 08:03:59 +0100 Subject: [PATCH 5/7] firewalllogcountry.dat: Show green0,blue0, and orange0 as countries It makes sense to see how many fire wall logs entries are dropped from the interfaces green0, blue0, and orange0, so this is displayed as a country. The showrequestfromcountry.dat also supports filtering based on the interface. --- html/cgi-bin/logs.cgi/firewalllogcountry.dat | 44 ++++++++++++------- .../logs.cgi/showrequestfromcountry.dat | 26 ++++++++--- 2 files changed, 48 insertions(+), 22 deletions(-) diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index 6676f9cb7..123e85571 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -291,20 +291,27 @@ if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines = 0; foreach $_ (@log) { - if($_ =~ /SRC\=([\d\.]+)/){ - my $srcaddr=$1; - my $ccode = $gi->country_code_by_name($srcaddr); - my $fcode; + /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; + my $packet = $4; + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} + $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; - # TODO: should local IP adresses be include as unknown, or excluded from the statistics totally ? - # TODO: it would be nice to be able to group local IPs into "red", "green", "blue" etc - if( $ccode eq "") { - $ccode = "unknown"; + if($iface eq 'red0') { + if($srcaddr ne '') { + my $ccode = $gi->country_code_by_name($srcaddr); + if( $ccode eq '') { + $ccode = 'unknown'; + } + $tabjc{$ccode} = $tabjc{$ccode} + 1 ; + if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } + $linesjc++; } - else { - $tabjc{$ccode} = $tabjc{$ccode} + 1 ; - if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } - $linesjc++; + } + else { + if($iface ne '') { + $tabjc{$iface} = $tabjc{$iface} + 1 ; + if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; } + $linesjc++; } } } @@ -451,11 +458,16 @@ for($s=0;$s<$lines;$s++) $color++; print "
"; - if ( $key[$s] ne "unknown" ){ - my $fcode = lc($key[$s]); - print "$key[$s]";} + if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') { + print "$key[$s]"; + } else { - print ""; + if($key[$s] ne 'unknown' ) { + my $fcode = lc($key[$s]); + print "$key[$s]";} + else { + print "$key[$s]"; + } } print "$value[$s]"; print "$percent"; diff --git a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat index c84211618..5283c426b 100644 --- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat +++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat @@ -159,8 +159,15 @@ if (!$skip) while () { if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) { - if($_ =~ /SRC\=([\d\.]+)/){ - my $srcaddr=$1; + my $packet = $2; + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} + $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; + + if($iface eq $country) { + $log[$lines] = $_; + $lines++; + } + elsif($srcaddr ne '') { my $ccode = $gi->country_code_by_name($srcaddr); if($ccode eq $country){ $log[$lines] = $_; @@ -301,10 +308,17 @@ $lines = 0; foreach $_ (@slice) { $a = $_; - if($_ =~ /SRC\=([\d\.]+)/){ - my $srcaddr=$1; - my $ccode = $gi->country_code_by_name($srcaddr); - if($ccode eq $country){ + /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/; + my $packet = $4; + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} + $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; + + if($iface eq $country || $srcaddr ne '') { + my $ccode; + if($iface ne $country) { + $ccode = $gi->country_code_by_name($srcaddr); + } + if($iface eq $country || $ccode eq $country) { my $chain = ''; my $in = '-'; my $out = '-'; my $srcaddr = ''; my $dstaddr = ''; From 06f320318f4bed98f57bb7dd8b00f538dc24ecbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alf=20H=C3=B8gemark?= Date: Sat, 22 Feb 2014 17:31:44 +0100 Subject: [PATCH 6/7] firewalllogcountry.dat: Simplify code for table background color --- html/cgi-bin/logs.cgi/firewalllogcountry.dat | 38 ++++++++------------ 1 file changed, 15 insertions(+), 23 deletions(-) diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index 123e85571..198e239de 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -416,9 +416,9 @@ if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) { print FILE $myimage->png; close(FILE); ##################################################### - print "
"; + print "
"; print ""; - print "
"; + print ""; } print <"; $col="bgcolor='$color{'color1'}'";} - if ( ($color % 10) == 2 ){print ""; $col="bgcolor='$color{'color2'}'";} - if ( ($color % 10) == 3 ){print ""; $col="bgcolor='$color{'color3'}'";} - if ( ($color % 10) == 4 ){print ""; $col="bgcolor='$color{'color4'}'";} - if ( ($color % 10) == 5 ){print ""; $col="bgcolor='$color{'color5'}'";} - if ( ($color % 10) == 6 ){print ""; $col="bgcolor='$color{'color6'}'";} - if ( ($color % 10) == 7 ){print ""; $col="bgcolor='$color{'color7'}'";} - if ( ($color % 10) == 8 ){print ""; $col="bgcolor='$color{'color8'}'";} - if ( ($color % 10) == 9 ){print ""; $col="bgcolor='$color{'color9'}'";} - if ( ($color % 10) == 0 ){print ""; $col="bgcolor='$color{'color10'}'";} - + my $colorIndex = $color % 10; + if($colorIndex == 0) { + $colorIndex = 10; + } + $col="bgcolor='$color{\"color$colorIndex\"}'"; $color++; + print ""; + print "
"; if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') { print "$key[$s]"; @@ -476,16 +472,12 @@ for($s=0;$s<$lines;$s++) if($cgiparams{'otherspie'} == 2 ){} else{ -if ( ($color % 10) == 1 ){print ""; $col="bgcolor='$color{'color1'}'";} -if ( ($color % 10) == 2 ){print ""; $col="bgcolor='$color{'color2'}'";} -if ( ($color % 10) == 3 ){print ""; $col="bgcolor='$color{'color3'}'";} -if ( ($color % 10) == 4 ){print ""; $col="bgcolor='$color{'color4'}'";} -if ( ($color % 10) == 5 ){print ""; $col="bgcolor='$color{'color5'}'";} -if ( ($color % 10) == 6 ){print ""; $col="bgcolor='$color{'color6'}'";} -if ( ($color % 10) == 7 ){print ""; $col="bgcolor='$color{'color7'}'";} -if ( ($color % 10) == 8 ){print ""; $col="bgcolor='$color{'color8'}'";} -if ( ($color % 10) == 9 ){print ""; $col="bgcolor='$color{'color9'}'";} -if ( ($color % 10) == 0 ){print ""; $col="bgcolor='$color{'color10'}'";} + my $colorIndex = $color % 10; + if($colorIndex == 0) { + $colorIndex = 10; + } + $col="bgcolor='$color{\"color$colorIndex\"}'"; + print ""; if ( $linesjc ne "0") { From fff2be22a4f97ff5b0479b1f261e783b2737ee92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alf=20H=C3=B8gemark?= Date: Sat, 1 Mar 2014 15:00:51 +0100 Subject: [PATCH 7/7] firewalllogcountry.dat: Fix filename for piechart image --- html/cgi-bin/logs.cgi/firewalllogcountry.dat | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/html/cgi-bin/logs.cgi/firewalllogcountry.dat b/html/cgi-bin/logs.cgi/firewalllogcountry.dat index 198e239de..af1427908 100644 --- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat +++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat @@ -408,16 +408,16 @@ if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) { $mygraph->set( dclrs => [ "$color{'color1'}" , "$color{'color2'}" , "$color{'color3'}" , "$color{'color4'}" , "$color{'color5'}" , "$color{'color6'}" , "$color{'color7'}" , "$color{'color8'}" , "$color{'color9'}" , "$color{'color10'}" ] ); my $myimage = $mygraph->plot(\@data) or die $mygraph->error; - my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-ip*.png"); + my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-country*.png"); unlink(@filenames); my $imagerandom = rand(1000000); - my $imagename = "/srv/web/ipfire/html/graphs/fwlog-ip$imagerandom.png"; + my $imagename = "/srv/web/ipfire/html/graphs/fwlog-country$imagerandom.png"; open(FILE,">$imagename"); print FILE $myimage->png; close(FILE); ##################################################### print "
"; - print ""; + print ""; print "
"; }