firewalllogcountry.dat: Show green0,blue0, and orange0 as countries

It makes sense to see how many fire wall logs entries are dropped from the interfaces green0, blue0, and orange0, so this is displayed as a country. The showrequestfromcountry.dat also supports filtering based on the interface.
2026-04-12 20:16:49 +02:00 · 2014-02-22 08:03:59 +01:00
parent c438fb070e
commit fde47f5aef
2 changed files with 48 additions and 22 deletions
--- a/html/cgi-bin/logs.cgi/firewalllogcountry.dat
+++ b/html/cgi-bin/logs.cgi/firewalllogcountry.dat
@@ -291,20 +291,27 @@ if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber =
 $lines = 0;
 foreach $_ (@log)
 {
-  if($_ =~  /SRC\=([\d\.]+)/){
-    my $srcaddr=$1;
-    my $ccode = $gi->country_code_by_name($srcaddr);
-    my $fcode;
+  /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+  my $packet = $4;
+  $packet =~ /IN=(\w+)/;       my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
+  $packet =~ /SRC=([\d\.]+)/;  my $srcaddr=$1;

-    # TODO: should local IP adresses be include as unknown, or excluded from the statistics totally ?
-    # TODO: it would be nice to be able to group local IPs into "red", "green", "blue" etc
-    if( $ccode eq "") {
-        $ccode = "unknown";
+  if($iface eq 'red0') {
+    if($srcaddr ne '') {
+      my $ccode = $gi->country_code_by_name($srcaddr);
+      if( $ccode eq '') {
+          $ccode = 'unknown';
+      }
+      $tabjc{$ccode} = $tabjc{$ccode} + 1 ;
+      if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
+      $linesjc++;
    }
-    else {
-       $tabjc{$ccode} = $tabjc{$ccode} + 1 ;
-       if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
-       $linesjc++;
+  }
+  else {
+    if($iface ne '') {
+        $tabjc{$iface} = $tabjc{$iface} + 1 ;
+        if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
+        $linesjc++;
    }
  }
 }
@@ -451,11 +458,16 @@ for($s=0;$s<$lines;$s++)
  
  $color++;
  print "<td align='center' $col><form method='post' action='showrequestfromcountry.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='country' value='$key[$s]'> <input type='submit' value='details'></form></td>";
-  if ( $key[$s] ne "unknown" ){
-      my $fcode = lc($key[$s]);
-      print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$key[$s]' title='$key[$s]'></a></TD>";} 
+  if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') {
+      print "<td align='center' $col>$key[$s]</td>";
+  }
  else {
-      print "<td align='center' $col></td>";
+      if($key[$s] ne 'unknown' ) {
+          my $fcode = lc($key[$s]);
+          print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$key[$s]' title='$key[$s]'></a></td>";}
+      else {
+          print "<td align='center' $col>$key[$s]</td>";
+      }
  }
  print "<td align='center' $col>$value[$s]</td>";
  print "<td align='center' $col>$percent</td>";
--- a/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
+++ b/html/cgi-bin/logs.cgi/showrequestfromcountry.dat
@@ -159,8 +159,15 @@ if (!$skip)
    while (<FILE>)
    {
 	 	if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
-            if($_ =~  /SRC\=([\d\.]+)/){
-                my $srcaddr=$1;
+            my $packet = $2;
+            $packet =~ /IN=(\w+)/;       my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
+            $packet =~ /SRC=([\d\.]+)/;  my $srcaddr=$1;
+
+            if($iface eq $country) {
+                $log[$lines] = $_;
+                $lines++;
+            }
+            elsif($srcaddr ne '') {
                my $ccode = $gi->country_code_by_name($srcaddr);
                if($ccode eq $country){
                    $log[$lines] = $_;
@@ -301,10 +308,17 @@ $lines = 0;
 foreach $_ (@slice)
 {
  $a = $_;
-  if($_ =~  /SRC\=([\d\.]+)/){
-    my $srcaddr=$1;
-    my $ccode = $gi->country_code_by_name($srcaddr);
-    if($ccode eq $country){
+  /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+  my $packet = $4;
+  $packet =~ /IN=(\w+)/;       my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
+  $packet =~ /SRC=([\d\.]+)/;  my $srcaddr=$1;
+
+  if($iface eq $country || $srcaddr ne '') {
+    my $ccode;
+    if($iface ne $country) {
+      $ccode = $gi->country_code_by_name($srcaddr);
+    }
+    if($iface eq $country || $ccode eq $country) {
 	  my $chain = '';
      my $in = '-'; my $out = '-';
      my $srcaddr = ''; my $dstaddr = '';