lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 00:54:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

firewall: update filterlog reader slightly

Browse Source 
CARP in IPv4 and IPv6 uses the IP header's "ttl" or "hoplimit" so
that we use the same name for reading it to avoid duplication.
The values are the same in any case.

Change "flowlabel" to "flow" to avoid confusion with "label".

Change IP "version" to "ipversion" and consolidate CARP "version(2)"
into "version".
This commit is contained in:
Franco Fichtner 2021-07-23 08:12:53 +02:00
parent 1aeb520631
commit 538e2f04c2
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
View File

@ -1,5 +1,4 @@
{#
#
# Copyright (c) 2014-2021 Deciso B.V.
# All rights reserved.
#
@ -255,7 +254,7 @@
log_td.addClass('address');
log_td.data('address', record[column_name]);
if (record[column_name+'port'] !== undefined) {
if (record['version'] == 6) {
if (record['ipversion'] == 6) {
log_td.text('['+log_td.text()+']:'+record[column_name+'port']);
} else {
log_td.text(log_td.text()+':'+record[column_name+'port']);

14
src/opnsense/scripts/filter/read_log.py
View File

@ -43,16 +43,18 @@ from params import update_params
# define log layouts, every endpoint contains all options
# source : https://github.com/opnsense/ports/blob/master/opnsense/filterlog/files/description.txt
fields_general = 'rulenr,subrulenr,anchorname,rid,interface,reason,action,dir,version'.split(',')
fields_general = 'rulenr,subrulenr,anchorname,rid,interface,reason,action,dir,ipversion'.split(',')
fields_ipv4 = fields_general + 'tos,ecn,ttl,id,offset,ipflags,proto,protoname,length,src,dst'.split(',')
fields_ipv4_udp = fields_ipv4 + 'srcport,dstport,datalen'.split(',')
fields_ipv4_tcp = fields_ipv4 + 'srcport,dstport,datalen,tcpflags,seq,ack,urp,tcpopts'.split(',')
fields_ipv4_carp = fields_ipv4 + 'type,ttl,vhid,version,advskew,advbase'.split(',')
fields_ipv6 = fields_general + 'class,flowlabel,hlim,protoname,proto,payload-length,src,dst'.split(',')
fields_ipv6 = fields_general + 'class,flow,hoplimit,protoname,proto,length,src,dst'.split(',')
fields_ipv6_udp = fields_ipv6 + 'srcport,dstport,datalen'.split(',')
fields_ipv6_tcp = fields_ipv6 + 'srcport,dstport,datalen,tcpflags,seq,ack,urp,tcpopts'.split(',')
fields_ipv6_carp = fields_ipv6 + 'type,ttl,vhid,version2,advskew,advbase'.split(',')
fields_ipv6_carp = fields_ipv6 + 'type,hoplimit,vhid,version,advskew,advbase'.split(',')
# define hex digits
HEX_DIGITS = set("0123456789abcdef")
@ -138,8 +140,8 @@ if __name__ == '__main__':
if 'action' not in rule:
# not a filter log line, skip
continue
elif 'version' in rule:
if rule['version'] == '4':
elif 'ipversion' in rule:
if rule['ipversion'] == '4':
update_rule(rule, metadata, rulep, fields_ipv4)
if 'proto' in rule:
if rule['proto'] == '17': # UDP
@ -148,7 +150,7 @@ if __name__ == '__main__':
update_rule(rule, metadata, rulep, fields_ipv4_tcp)
elif rule['proto'] == '112': # CARP
update_rule(rule, metadata, rulep, fields_ipv4_carp)
elif rule['version'] == '6':
elif rule['ipversion'] == '6':
update_rule(rule, metadata, rulep, fields_ipv6)
if 'proto' in rule:
if rule['proto'] == '17': # UDP