diff options
| author | NOYB <Al_Stu@Frontier.com> | 2016-01-06 09:57:01 -0800 |
|---|---|---|
| committer | Stephen Beaver <sbeaver@netgate.com> | 2016-01-07 13:29:29 -0500 |
| commit | f372bd5b992b3a3b4e18a73bcaa13bd19a228a1a (patch) | |
| tree | d1f15d20f8a439f2078dc05bb0c72aa25e6953fb /src/etc/inc/filter_log.inc | |
| parent | 9f466a1d13dcc0d4fe55532f81107653a4f6a20e (diff) | |
| download | pfsense-f372bd5b992b3a3b4e18a73bcaa13bd19a228a1a.zip pfsense-f372bd5b992b3a3b4e18a73bcaa13bd19a228a1a.tar.gz | |
Fixed up for vpn.log filtering.
Diffstat (limited to 'src/etc/inc/filter_log.inc')
| -rw-r--r-- | src/etc/inc/filter_log.inc | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/src/etc/inc/filter_log.inc b/src/etc/inc/filter_log.inc index cc8bd76..d216083 100644 --- a/src/etc/inc/filter_log.inc +++ b/src/etc/inc/filter_log.inc @@ -87,8 +87,7 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil else if ($logfile == "{$g['varlog_path']}/ipsec.log") { $logfile_type = "system"; } else if ($logfile == "{$g['varlog_path']}/ppp.log") { $logfile_type = "system"; } -# Needs to be tested with a vpn.log file before enabling. -# else if ($logfile == "{$g['varlog_path']}/vpn.log") { $logfile_type = "vpn_login"; } + else if ($logfile == "{$g['varlog_path']}/vpn.log") { $logfile_type = "vpn_login"; } else if ($logfile == "{$g['varlog_path']}/poes.log") { $logfile_type = "vpn_service"; } else if ($logfile == "{$g['varlog_path']}/l2tps.log") { $logfile_type = "vpn_service"; } @@ -124,16 +123,13 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $log_message_pattern . "$"; } -# Needs to be tested with a vpn.log file before enabling. -# These regex patterns are nearly certain to be incorrect. -/* else if ($logfile_type == 'vpn_login') { + else if ($logfile_type == 'vpn_login') { $action_pattern = "\(.*?\)"; $type_pattern = "\(.*?\)"; $ip_address_pattern = "\(.*?\)"; $user_pattern = "\(.*?\)"; - $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $action_pattern . "\ +" . $type_pattern . "\ +" . $ip_address_pattern . "\ +" . $user_pattern . "$"; + $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pattern . "\ +" . $action_pattern . "\,\ *" . $type_pattern . "\,\ *" . $ip_address_pattern . "\,\ *" . $user_pattern . "$"; } -*/ else if ($logfile_type == 'vpn_service') { $type_pattern = "\(.*?\):"; $pid_pattern = "\(?:process\ +\([0-9:]*\)\)?"; @@ -170,8 +166,7 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil if ($logfile_type == 'firewall') { $flent = parse_firewall_log_line($logent); } else if ($logfile_type == 'system') { $flent = parse_system_log_line($logent); } -# Needs to be tested with a vpn.log file before enabling. -# else if ($logfile_type == 'vpn_login') { $flent = parse_vpn_login_log_line($logent); } + else if ($logfile_type == 'vpn_login') { $flent = parse_vpn_login_log_line($logent); } else if ($logfile_type == 'vpn_service') { $flent = parse_vpn_service_log_line($logent); } else if ($logfile_type == 'unknown') { $flent = parse_unknown_log_line($logent); } else { $flent = array(); } @@ -255,8 +250,7 @@ function parse_vpn_login_log_line($line) { if (!preg_match($pattern, $line, $log_split)) return ""; -# Needs to be tested with a vpn.log file before enabling. -# list($all, $flent['time'], $flent['host'], $flent['process'], $flent['pid'], $flent['action'], $flent['type'], $flent['ip_address'], $flent['user']) = $log_split; + list($all, $flent['time'], $flent['host'], $flent['process'], $flent['action'], $flent['type'], $flent['ip_address'], $flent['user']) = $log_split; /* If there is time, action, user, and IP address fields, then the line should be usable/good */ if (!( (trim($flent['time']) == "") && (trim($flent['action']) == "") && (trim($flent['user']) == "") && (trim($flent['ip_address']) == "") )) { |
