diff --git a/src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt b/src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
index 2b85ad27b..e58056d96 100644
--- a/src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
+++ b/src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
@@ -211,6 +211,7 @@ POSSIBILITY OF SUCH DAMAGE.
| {{ lang._('Source') }} |
{{ lang._('Destination') }} |
{{ lang._('Proto') }} |
+ {{ lang._('Label') }} |
|
diff --git a/src/opnsense/scripts/filter/read_log.py b/src/opnsense/scripts/filter/read_log.py
index 208ac5c89..a44f6f958 100755
--- a/src/opnsense/scripts/filter/read_log.py
+++ b/src/opnsense/scripts/filter/read_log.py
@@ -33,6 +33,8 @@ import sys
import md5
import argparse
import ujson
+import tempfile
+import subprocess
sys.path.insert(0, "/usr/local/opnsense/site-python")
from log_helper import reverse_log_reader, fetch_clog
from params import update_params
@@ -64,12 +66,31 @@ def update_rule(target, metadata_target, ruleparts, spec):
# full spec
metadata_target['__spec__'] = spec
+def fetch_rules_descriptions():
+ """ Fetch rule descriptions from the current running config if available
+ :return : rule details per line number
+ """
+ result = dict()
+ if os.path.isfile('/tmp/rules.debug'):
+ with tempfile.NamedTemporaryFile() as output_stream:
+ subprocess.call(['/sbin/pfctl', '-vvPnf', '/tmp/rules.debug'], stdout=output_stream, stderr=open(os.devnull, 'wb'))
+ output_stream.seek(0)
+ for line in output_stream.read().strip().split('\n'):
+ if line.startswith('@'):
+ line_id = line.split()[0][1:]
+ result[line_id] = {'label': ''.join(line.split(' label ')[-1:]).strip()[1:-1]}
+ return result
+
+
if __name__ == '__main__':
# read parameters
parameters = {'limit': '0', 'digest': ''}
update_params(parameters)
parameters['limit'] = int(parameters['limit'])
+ # parse current running config
+ running_conf_descr = fetch_rules_descriptions()
+
result = list()
for record in reverse_log_reader(fetch_clog(filter_log)):
if record['line'].find('filterlog') > -1:
@@ -104,6 +125,8 @@ if __name__ == '__main__':
update_rule(rule, metadata, rulep, fields_ipv6_carp)
rule.update(metadata)
+ if 'rulenr' in rule and rule['rulenr'] in running_conf_descr:
+ rule['label'] = running_conf_descr[rule['rulenr']]['label']
result.append(rule)
# handle exit criteria, row limit or last digest