From patchwork Fri Feb 28 11:27:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 8485 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Z5Glx4y4cz3xGq for ; Sun, 2 Mar 2025 09:26:21 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Z5Gls6Xxlz2Hr; Sun, 2 Mar 2025 09:26:17 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Z5Gls5ZSmz34Zx; Sun, 2 Mar 2025 09:26:17 +0000 (UTC) Received: by mail02.haj.ipfire.org (Postfix, from userid 109) id 4Z5Gln6lPrz35ZV; Sun, 2 Mar 2025 10:10:14 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Z45Xq2rV3z347H for ; Fri, 28 Feb 2025 11:27:39 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4Z45Xp52kHzPV; Fri, 28 Feb 2025 11:27:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1740742058; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=Wh87z1rRwTFTAF4luQKlsCkdkgVuWalEKZHabOAikSY=; b=XC2OU/t4vCfz/uMrzl0lFLCh9iJEbNxNbD9y7miw85cz1M6MZy12O4cEwe7Qwpo4zHrirM HhbpcEj/gvqzAkDMw70goitYfMnk4PbHh7vU1xRBVSKgCQhrNWFQU29kosbEj+M6jQ12wh T7rAdQhqcWa9qZF2RFc50pdUc0OeVtFxbxwyYInB6qPt7FTewOavtiK26K0E5+0+aNJABl pvh9O9vwYlGxE1DST2sG80lcA/M4M7iuo/EoAIRlXf4o/aUpNfg4RKEjTHPEmYtf3ft9E5 W6zX8cKxh3/kF91HgbokZGSaYoyHi/oTIP5GDtfTug1BV+smp7ceyTZkREjt4w== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1740742058; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=Wh87z1rRwTFTAF4luQKlsCkdkgVuWalEKZHabOAikSY=; b=HwhzdkzMF9p1+LDsf4YJ4I+9EeUZDxpiNTHwYlIRHbrem2jwWzxtP13cLvW5HwDg+wNIuK 4uXjsg8OUn3ImtBg== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] firewallog.dat: Fix bug13068 - remove blocklist entries from firewall log Date: Fri, 28 Feb 2025 12:27:31 +0100 Message-ID: <20250228112731.5437-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: J4GEKWVCFUEBBOHTC4L5M4SZOI2E7J56 X-Message-ID-Hash: J4GEKWVCFUEBBOHTC4L5M4SZOI2E7J56 X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - The blocklist log entries are also under kernel: and so currently also show up in the firewall logs as well as in the ip blocklist logs menus. If there are a lot of blocklist entries it can make it very difficult to go through the firewall logs. - This bugfix excxludes any kernel: log entries that have a chain starting with BLKLST. - Tested out on physical and vm IPFire systems. Fixes: bug13068 Tested-by: Adolf Belka Signed-off-by: Adolf Belka --- html/cgi-bin/logs.cgi/firewalllog.dat | 30 ++++++++++++++------------- 1 file changed, 16 insertions(+), 14 deletions(-) mode change 100644 => 100755 html/cgi-bin/logs.cgi/firewalllog.dat diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat old mode 100644 new mode 100755 index 01dcdc7d4..aafbe3db7 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -176,23 +176,25 @@ while ($gzindex >=0 && $loop) { READ:while () { my $line = $_; if ($line =~ /^${monthstr} ${daystr} ..:..:.. [\w\-]+ kernel:.*IN=.*$/) { - # when standart viewing, just keep in memory the correct slice - # it starts a '$start' and size is $viewport - # If export, then keep all lines... - if ($cgiparams{'ACTION'} eq $Lang::tr{'export'}){ - $log[$lines++] = "$line"; - } else { - if ($lines++ < ($start + $Header::viewsize)) { - push(@log,"$line"); - if (@log > $Header::viewsize) { - shift (@log); + unless ($line =~ /^${monthstr} ${daystr} ..:..:.. [\w\-]+ kernel:\sBLKLST.*IN=.*$/) { + # when standart viewing, just keep in memory the correct slice + # it starts a '$start' and size is $viewport + # If export, then keep all lines... + if ($cgiparams{'ACTION'} eq $Lang::tr{'export'}){ + $log[$lines++] = "$line"; + } else { + if ($lines++ < ($start + $Header::viewsize)) { + push(@log,"$line"); + if (@log > $Header::viewsize) { + shift (@log); + } + #} else { dont do this optimisation, need to count lines ! + # $datetime = $maxtime; # we have read viewsize lines, stop main loop + # last READ; # exit read file } - #} else { dont do this optimisation, need to count lines ! - # $datetime = $maxtime; # we have read viewsize lines, stop main loop - # last READ; # exit read file } + $search_for_end = 1; # we find the start of slice, can look for end now } - $search_for_end = 1; # we find the start of slice, can look for end now } else { if ($search_for_end == 1) { #finish read files when date is over (test month equality only)