summaryrefslogtreecommitdiffstats
path: root/src/etc
diff options
context:
space:
mode:
authorNOYB <Al_Stu@Frontier.com>2015-12-17 21:53:13 -0800
committerStephen Beaver <sbeaver@netgate.com>2016-01-07 13:29:28 -0500
commit68fdc24d8015015adc3346423ed78be949c8fbbe (patch)
tree23fd0ebd7aa9ef2816ee7f079122cd6bbb9949dd /src/etc
parentff8e3635b683fc789797d3755c9a05508343b5f0 (diff)
downloadpfsense-68fdc24d8015015adc3346423ed78be949c8fbbe.zip
pfsense-68fdc24d8015015adc3346423ed78be949c8fbbe.tar.gz
Status - System Logs - VPN
Revamp log file selection method to be consistent with the other system logs. Add advanced filter section; only activated for the non-vpn.log files (needs testing with vpn.log file first, continue using dump_clog_vpn until tested). Add manage log section
Diffstat (limited to 'src/etc')
-rw-r--r--src/etc/inc/filter_log.inc81
1 files changed, 71 insertions, 10 deletions
diff --git a/src/etc/inc/filter_log.inc b/src/etc/inc/filter_log.inc
index 1a34c03..cc8bd76 100644
--- a/src/etc/inc/filter_log.inc
+++ b/src/etc/inc/filter_log.inc
@@ -87,9 +87,10 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil
else if ($logfile == "{$g['varlog_path']}/ipsec.log") { $logfile_type = "system"; }
else if ($logfile == "{$g['varlog_path']}/ppp.log") { $logfile_type = "system"; }
- else if ($logfile == "{$g['varlog_path']}/vpn.log") { $logfile_type = "tbd"; }
- else if ($logfile == "{$g['varlog_path']}/poes.log") { $logfile_type = "tbd"; }
- else if ($logfile == "{$g['varlog_path']}/l2tps.log") { $logfile_type = "tbd"; }
+# Needs to be tested with a vpn.log file before enabling.
+# else if ($logfile == "{$g['varlog_path']}/vpn.log") { $logfile_type = "vpn_login"; }
+ else if ($logfile == "{$g['varlog_path']}/poes.log") { $logfile_type = "vpn_service"; }
+ else if ($logfile == "{$g['varlog_path']}/l2tps.log") { $logfile_type = "vpn_service"; }
else if ($logfile == "{$g['varlog_path']}/relayd.log") { $logfile_type = "system"; }
else if ($logfile == "{$g['varlog_path']}/openvpn.log") { $logfile_type = "system"; }
@@ -122,8 +123,21 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil
else if ($logfile_type == 'system') {
$pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $log_message_pattern . "$";
}
- else if ($logfile_type == 'tbd') {
- $pattern = "^\(.*\)$";
+
+# Needs to be tested with a vpn.log file before enabling.
+# These regex patterns are nearly certain to be incorrect.
+/* else if ($logfile_type == 'vpn_login') {
+ $action_pattern = "\(.*?\)";
+ $type_pattern = "\(.*?\)";
+ $ip_address_pattern = "\(.*?\)";
+ $user_pattern = "\(.*?\)";
+ $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $action_pattern . "\ +" . $type_pattern . "\ +" . $ip_address_pattern . "\ +" . $user_pattern . "$";
+ }
+*/
+ else if ($logfile_type == 'vpn_service') {
+ $type_pattern = "\(.*?\):";
+ $pid_pattern = "\(?:process\ +\([0-9:]*\)\)?";
+ $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $type_pattern . "\ +" . $pid_pattern . "\ *" . $log_message_pattern . "$";
}
else if ($logfile_type == 'unknown') {
$pattern = "^" . $date_pattern . "\ +" . $log_message_pattern . "$";
@@ -154,11 +168,13 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil
break;
}
- if ($logfile_type == 'firewall') { $flent = parse_firewall_log_line($logent); }
- else if ($logfile_type == 'system') { $flent = parse_system_log_line($logent); }
- else if ($logfile_type == 'tbd') { $flent = array(); }
- else if ($logfile_type == 'unknown') { $flent = parse_unknown_log_line($logent); }
- else { $flent = array(); }
+ if ($logfile_type == 'firewall') { $flent = parse_firewall_log_line($logent); }
+ else if ($logfile_type == 'system') { $flent = parse_system_log_line($logent); }
+# Needs to be tested with a vpn.log file before enabling.
+# else if ($logfile_type == 'vpn_login') { $flent = parse_vpn_login_log_line($logent); }
+ else if ($logfile_type == 'vpn_service') { $flent = parse_vpn_service_log_line($logent); }
+ else if ($logfile_type == 'unknown') { $flent = parse_unknown_log_line($logent); }
+ else { $flent = array(); }
if (!$filterinterface || ($filterinterface == $flent['interface'])) {
if ((($flent != "") && (!is_array($filtertext)) && (match_filter_line($flent, $filtertext))) ||
@@ -230,6 +246,51 @@ function in_arrayi($needle, $haystack) {
return in_array(strtolower($needle), array_map('strtolower', $haystack));
}
+function parse_vpn_login_log_line($line) {
+ global $config, $g, $pattern;
+
+ $flent = array();
+ $log_split = "";
+
+ if (!preg_match($pattern, $line, $log_split))
+ return "";
+
+# Needs to be tested with a vpn.log file before enabling.
+# list($all, $flent['time'], $flent['host'], $flent['process'], $flent['pid'], $flent['action'], $flent['type'], $flent['ip_address'], $flent['user']) = $log_split;
+
+ /* If there is time, action, user, and IP address fields, then the line should be usable/good */
+ if (!( (trim($flent['time']) == "") && (trim($flent['action']) == "") && (trim($flent['user']) == "") && (trim($flent['ip_address']) == "") )) {
+ return $flent;
+ } else {
+ if($g['debug']) {
+ log_error(sprintf(gettext("There was a error parsing log entry: %s. Please report to mailing list or forum."), $line));
+ }
+ return "";
+ }
+}
+
+function parse_vpn_service_log_line($line) {
+ global $config, $g, $pattern;
+
+ $flent = array();
+ $log_split = "";
+
+ if (!preg_match($pattern, $line, $log_split))
+ return "";
+
+ list($all, $flent['time'], $flent['host'], $flent['type'], $flent['pid'], $flent['message']) = $log_split;
+
+ /* If there is time, type, and message fields, then the line should be usable/good */
+ if (!( (trim($flent['time']) == "") && (trim($flent['type']) == "") && (trim($flent['message']) == "") )) {
+ return $flent;
+ } else {
+ if($g['debug']) {
+ log_error(sprintf(gettext("There was a error parsing log entry: %s. Please report to mailing list or forum."), $line));
+ }
+ return "";
+ }
+}
+
function parse_unknown_log_line($line) {
global $config, $g, $pattern;
OpenPOWER on IntegriCloud