diff options
| author | NOYB <Al_Stu@Frontier.com> | 2015-12-17 21:53:13 -0800 |
|---|---|---|
| committer | NOYB <Al_Stu@Frontier.com> | 2016-01-06 13:38:26 -0800 |
| commit | 2fd8976f4d97f3f9e40f0ab0fc658be60548f716 (patch) | |
| tree | 1c82238d814ecfa3b98989be3e3dbc0a7788e5d5 /src | |
| parent | e418b7b672eab9d44651a70fc87f3df2c2b7b179 (diff) | |
| download | pfsense-2fd8976f4d97f3f9e40f0ab0fc658be60548f716.zip pfsense-2fd8976f4d97f3f9e40f0ab0fc658be60548f716.tar.gz | |
Status - System Logs - VPN
Revamp log file selection method to be consistent with the other system logs.
Add advanced filter section; only activated for the non-vpn.log files (needs testing with vpn.log file first, continue using dump_clog_vpn until tested).
Add manage log section
Diffstat (limited to 'src')
| -rw-r--r-- | src/etc/inc/filter_log.inc | 81 | ||||
| -rw-r--r-- | src/usr/local/www/status_logs_vpn.php | 765 |
2 files changed, 736 insertions, 110 deletions
diff --git a/src/etc/inc/filter_log.inc b/src/etc/inc/filter_log.inc index 1a34c03..cc8bd76 100644 --- a/src/etc/inc/filter_log.inc +++ b/src/etc/inc/filter_log.inc @@ -87,9 +87,10 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil else if ($logfile == "{$g['varlog_path']}/ipsec.log") { $logfile_type = "system"; } else if ($logfile == "{$g['varlog_path']}/ppp.log") { $logfile_type = "system"; } - else if ($logfile == "{$g['varlog_path']}/vpn.log") { $logfile_type = "tbd"; } - else if ($logfile == "{$g['varlog_path']}/poes.log") { $logfile_type = "tbd"; } - else if ($logfile == "{$g['varlog_path']}/l2tps.log") { $logfile_type = "tbd"; } +# Needs to be tested with a vpn.log file before enabling. +# else if ($logfile == "{$g['varlog_path']}/vpn.log") { $logfile_type = "vpn_login"; } + else if ($logfile == "{$g['varlog_path']}/poes.log") { $logfile_type = "vpn_service"; } + else if ($logfile == "{$g['varlog_path']}/l2tps.log") { $logfile_type = "vpn_service"; } else if ($logfile == "{$g['varlog_path']}/relayd.log") { $logfile_type = "system"; } else if ($logfile == "{$g['varlog_path']}/openvpn.log") { $logfile_type = "system"; } @@ -122,8 +123,21 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil else if ($logfile_type == 'system') { $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $log_message_pattern . "$"; } - else if ($logfile_type == 'tbd') { - $pattern = "^\(.*\)$"; + +# Needs to be tested with a vpn.log file before enabling. +# These regex patterns are nearly certain to be incorrect. +/* else if ($logfile_type == 'vpn_login') { + $action_pattern = "\(.*?\)"; + $type_pattern = "\(.*?\)"; + $ip_address_pattern = "\(.*?\)"; + $user_pattern = "\(.*?\)"; + $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $action_pattern . "\ +" . $type_pattern . "\ +" . $ip_address_pattern . "\ +" . $user_pattern . "$"; + } +*/ + else if ($logfile_type == 'vpn_service') { + $type_pattern = "\(.*?\):"; + $pid_pattern = "\(?:process\ +\([0-9:]*\)\)?"; + $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $type_pattern . "\ +" . $pid_pattern . "\ *" . $log_message_pattern . "$"; } else if ($logfile_type == 'unknown') { $pattern = "^" . $date_pattern . "\ +" . $log_message_pattern . "$"; @@ -154,11 +168,13 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil break; } - if ($logfile_type == 'firewall') { $flent = parse_firewall_log_line($logent); } - else if ($logfile_type == 'system') { $flent = parse_system_log_line($logent); } - else if ($logfile_type == 'tbd') { $flent = array(); } - else if ($logfile_type == 'unknown') { $flent = parse_unknown_log_line($logent); } - else { $flent = array(); } + if ($logfile_type == 'firewall') { $flent = parse_firewall_log_line($logent); } + else if ($logfile_type == 'system') { $flent = parse_system_log_line($logent); } +# Needs to be tested with a vpn.log file before enabling. +# else if ($logfile_type == 'vpn_login') { $flent = parse_vpn_login_log_line($logent); } + else if ($logfile_type == 'vpn_service') { $flent = parse_vpn_service_log_line($logent); } + else if ($logfile_type == 'unknown') { $flent = parse_unknown_log_line($logent); } + else { $flent = array(); } if (!$filterinterface || ($filterinterface == $flent['interface'])) { if ((($flent != "") && (!is_array($filtertext)) && (match_filter_line($flent, $filtertext))) || @@ -230,6 +246,51 @@ function in_arrayi($needle, $haystack) { return in_array(strtolower($needle), array_map('strtolower', $haystack)); } +function parse_vpn_login_log_line($line) { + global $config, $g, $pattern; + + $flent = array(); + $log_split = ""; + + if (!preg_match($pattern, $line, $log_split)) + return ""; + +# Needs to be tested with a vpn.log file before enabling. +# list($all, $flent['time'], $flent['host'], $flent['process'], $flent['pid'], $flent['action'], $flent['type'], $flent['ip_address'], $flent['user']) = $log_split; + + /* If there is time, action, user, and IP address fields, then the line should be usable/good */ + if (!( (trim($flent['time']) == "") && (trim($flent['action']) == "") && (trim($flent['user']) == "") && (trim($flent['ip_address']) == "") )) { + return $flent; + } else { + if($g['debug']) { + log_error(sprintf(gettext("There was a error parsing log entry: %s. Please report to mailing list or forum."), $line)); + } + return ""; + } +} + +function parse_vpn_service_log_line($line) { + global $config, $g, $pattern; + + $flent = array(); + $log_split = ""; + + if (!preg_match($pattern, $line, $log_split)) + return ""; + + list($all, $flent['time'], $flent['host'], $flent['type'], $flent['pid'], $flent['message']) = $log_split; + + /* If there is time, type, and message fields, then the line should be usable/good */ + if (!( (trim($flent['time']) == "") && (trim($flent['type']) == "") && (trim($flent['message']) == "") )) { + return $flent; + } else { + if($g['debug']) { + log_error(sprintf(gettext("There was a error parsing log entry: %s. Please report to mailing list or forum."), $line)); + } + return ""; + } +} + function parse_unknown_log_line($line) { global $config, $g, $pattern; diff --git a/src/usr/local/www/status_logs_vpn.php b/src/usr/local/www/status_logs_vpn.php index a1335e7..73470b2 100644 --- a/src/usr/local/www/status_logs_vpn.php +++ b/src/usr/local/www/status_logs_vpn.php @@ -1,4 +1,3 @@ -#!/usr/local/bin/php <?php /* status_logs_vpn.php @@ -65,162 +64,728 @@ ##|-PRIV -$vpns = array('poes' => 'PPPoE', 'l2tp' => 'L2TP'); - -$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("VPN")); require("guiconfig.inc"); +require_once("filter_log.inc"); require_once("vpn.inc"); -$nentries = $config['syslog']['nentries']; -if (!$nentries) { - $nentries = 50; -} +/* +Build a list of allowed log files so we can reject others to prevent the page +from acting on unauthorized files. +*/ +$allowed_logs = array( + "vpn" => array("name" => "VPN Logins", + "shortcut" => "poes"), + "poes" => array("name" => "PPPoE Service", + "shortcut" => "poes"), + "l2tps" => array("name" => "L2TP Service", + "shortcut" => "l2tps"), +); -if (htmlspecialchars($_POST['vpntype'])) { - $vpntype = htmlspecialchars($_POST['vpntype']); -} elseif (htmlspecialchars($_GET['vpntype'])) { - $vpntype = htmlspecialchars($_GET['vpntype']); -} else { +// The logs to display are specified in a GET argument. Default to 'system' logs +if (!$_GET['logfile']) { + $logfile = 'vpn'; $vpntype = "poes"; -} -if (htmlspecialchars($_POST['mode'])) { - $mode = htmlspecialchars($_POST['mode']); -} elseif (htmlspecialchars($_GET['mode'])) { - $mode = htmlspecialchars($_GET['mode']); } else { - $mode = "login"; -} -switch ($vpntype) { - case 'poes': - $logname = "poes"; - break; - case 'l2tp': - $logname = "l2tps"; - break; + $logfile = $_GET['logfile']; + $vpntype = $_GET['vpntype']; + if (!array_key_exists($logfile, $allowed_logs)) { + /* Do not let someone attempt to load an unauthorized log. */ + $logfile = 'vpn'; + $vpntype = "poes"; + } } -if ($_POST['clear']) { - if ($mode != "raw") { - clear_log_file("/var/log/vpn.log"); - } else { - clear_log_file("/var/log/{$logname}.log"); +if ($vpntype == 'poes') { $allowed_logs['vpn']['name'] = "PPPoE Logins"; } +if ($vpntype == 'l2tp') { $allowed_logs['vpn']['name'] = "L2TP Logins"; } + +$vpn_logfile = "{$g['varlog_path']}/" . basename($logfile) . ".log"; + + +function getGETPOSTsettingvalue($settingname, $default) { + $settingvalue = $default; + if ($_GET[$settingname]) { + $settingvalue = $_GET[$settingname]; } + if ($_POST[$settingname]) { + $settingvalue = $_POST[$settingname]; + } + return $settingvalue; } -function dump_clog_vpn($logfile, $tail) { - global $g, $config, $vpntype; - $sor = isset($config['syslog']['reverse']) ? "-r" : ""; +$filtersubmit = getGETPOSTsettingvalue('filtersubmit', null); - $logarr = ""; +if ($filtersubmit) { + $filter_active = true; + $filtertext = getGETPOSTsettingvalue('filtertext', ""); + $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); +} - exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); +$filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null); - $rows = 0; - foreach ($logarr as $logent) { - $logent = preg_split("/\s+/", $logent, 6); - $llent = explode(",", $logent[5]); - $iftype = substr($llent[1], 0, 4); - if ($iftype != $vpntype) { - continue; +if ($filterlogentries_submit) { + $filter_active = true; + $filterfieldsarray = array(); + + $filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null); + $filterfieldsarray['type'] = getGETPOSTsettingvalue('filterlogentries_type', null); + $filterfieldsarray['pid'] = getGETPOSTsettingvalue('filterlogentries_pid', null); + $filterfieldsarray['message'] = getGETPOSTsettingvalue('filterlogentries_message', null); + $filterfieldsarray['action'] = getGETPOSTsettingvalue('filterlogentries_action', null); + $filterfieldsarray['user'] = getGETPOSTsettingvalue('filterlogentries_user', null); + $filterfieldsarray['ip_address'] = getGETPOSTsettingvalue('filterlogentries_ip_address', null); + $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); +} + + +# Manage Log - Code + +$specific_log = basename($logfile) . '_settings'; + +# All +$pconfig['cronorder'] = $config['syslog'][$specific_log]['cronorder']; +$pconfig['nentries'] = $config['syslog'][$specific_log]['nentries']; +$pconfig['logfilesize'] = $config['syslog'][$specific_log]['logfilesize']; +$pconfig['format'] = $config['syslog'][$specific_log]['format']; + +# System General (main) Specific +$pconfig['loglighttpd'] = !isset($config['syslog']['nologlighttpd']); + +$save_settings = getGETPOSTsettingvalue('save_settings', null); + +if ($save_settings) { + + # All + $cronorder = getGETPOSTsettingvalue('cronorder', null); + $nentries = getGETPOSTsettingvalue('nentries', null); + $logfilesize = getGETPOSTsettingvalue('logfilesize', null); + $format = getGETPOSTsettingvalue('format', null); + + # System General (main) Specific + $loglighttpd = getGETPOSTsettingvalue('loglighttpd', null); + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + # All + if (isset($nentries) && (strlen($nentries) > 0)) { + if (!is_numeric($nentries) || ($nentries < 5) || ($nentries > 2000)) { + $input_errors[] = gettext("Number of log entries to show must be between 5 and 2000."); } - echo "<tr>\n"; - echo "<td>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n"; + } - if ($llent[0] == "login") { - echo "<td><i class=\"fa fa-arrow-left\" alt=\"in\"></i></td>\n"; - } else { - echo "<td><i class=\"fa fa-arrow-right\" alt=\"out\"></i></td>\n"; + if (isset($logfilesize) && (strlen($logfilesize) > 0)) { + if (!is_numeric($logfilesize) || ($logfilesize < 100000)) { + $input_errors[] = gettext("Log file size must be numeric and greater than or equal to 100000."); } + } - echo "<td>" . htmlspecialchars($llent[3]) . "</td>\n"; - echo "<td>" . htmlspecialchars($llent[2]) . " </td>\n"; - echo "</tr>\n"; + if (!$input_errors) { + + # Clear out the specific log settings and leave only the applied settings to override the general logging options (global) settings. + unset($config['syslog'][$specific_log]); + + # All + if ($cronorder != '') { # if not using the general logging options setting (global) + $config['syslog'][$specific_log]['cronorder'] = $cronorder; + } + + if (isset($nentries) && (strlen($nentries) > 0)) { + $config['syslog'][$specific_log]['nentries'] = (int)$nentries; + } + + if (isset($logfilesize) && (strlen($logfilesize) > 0)) { + $config['syslog'][$specific_log]['logfilesize'] = (int)$logfilesize; + } + + if ($format != '') { # if not using the general logging options setting (global) + $config['syslog'][$specific_log]['format'] = $format; + } + + # System General (main) Specific + if ($logfile == 'system') { + $oldnologlighttpd = isset($config['syslog']['nologlighttpd']); + $config['syslog']['nologlighttpd'] = $loglighttpd ? false : true; + } + + + write_config($desc = "Log Display Settings Saved: " . gettext($allowed_logs[$logfile]["name"])); + + $retval = 0; + $savemsg = get_std_save_message($retval); + + # System General (main) Specific + if ($logfile == 'system') { + if ($oldnologlighttpd !== isset($config['syslog']['nologlighttpd'])) { + ob_flush(); + flush(); + log_error(gettext("webConfigurator configuration has changed. Restarting webConfigurator.")); + send_event("service restart webgui"); + $savemsg .= "<br />" . gettext("WebGUI process is restarting."); + } + } } - return($rows); } + +# Formatted/Raw Display +if ($config['syslog'][$specific_log]['format'] == 'formatted') { + $rawfilter = false; +} else if ($config['syslog'][$specific_log]['format'] == 'raw') { + $rawfilter = true; +} else { # Use the general logging options setting (global). + $rawfilter = isset($config['syslog']['rawfilter']); +} + + +isset($config['syslog'][$specific_log]['nentries']) ? $nentries = $config['syslog'][$specific_log]['nentries'] : $nentries = $config['syslog']['nentries']; + +# Override Display Quantity +if ($filterlogentries_qty) { + $nentries = $filterlogentries_qty; +} + +if (!$nentries || !is_numeric($nentries)) { + $nentries = 50; +} + +if ($_POST['clear']) { + clear_log_file($system_logfile); +} + +if ($filtertext) { + $filtertextmeta="?filtertext=$filtertext"; +} + +/* Setup shortcuts if they exist */ + +if (!empty($allowed_logs[$logfile]["shortcut"])) { + $shortcut_section = $allowed_logs[$logfile]["shortcut"]; +} + + +#$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("VPN")); +$pgtitle = array(gettext("Status"), gettext("System logs"), gettext($allowed_logs[$logfile]["name"])); include("head.inc"); +if (!$input_errors && $savemsg) { + print_info_box($savemsg); + $manage_log_active = false; +} + + $tab_array = array(); -$tab_array[] = array(gettext("System"), false, "status_logs.php"); -$tab_array[] = array(gettext("Firewall"), false, "status_logs_filter.php"); -$tab_array[] = array(gettext("DHCP"), false, "status_logs.php?logfile=dhcpd"); -$tab_array[] = array(gettext("Portal Auth"), false, "status_logs.php?logfile=portalauth"); -$tab_array[] = array(gettext("IPsec"), false, "status_logs.php?logfile=ipsec"); -$tab_array[] = array(gettext("PPP"), false, "status_logs.php?logfile=ppp"); -$tab_array[] = array(gettext("VPN"), true, "status_logs_vpn.php"); -$tab_array[] = array(gettext("Load Balancer"), false, "status_logs.php?logfile=relayd"); -$tab_array[] = array(gettext("OpenVPN"), false, "status_logs.php?logfile=openvpn"); -$tab_array[] = array(gettext("NTP"), false, "status_logs.php?logfile=ntpd"); +$tab_array[] = array(gettext("System"), ($logfile == 'system'), "status_logs.php"); +$tab_array[] = array(gettext("Firewall"), ($logfile == 'filter'), "status_logs_filter.php"); +$tab_array[] = array(gettext("DHCP"), ($logfile == 'dhcpd'), "status_logs.php?logfile=dhcpd"); +$tab_array[] = array(gettext("Portal Auth"), ($logfile == 'portalauth'), "status_logs.php?logfile=portalauth"); +$tab_array[] = array(gettext("IPsec"), ($logfile == 'ipsec'), "status_logs.php?logfile=ipsec"); +$tab_array[] = array(gettext("PPP"), ($logfile == 'ppp'), "status_logs.php?logfile=ppp"); +$tab_array[] = array(gettext("VPN"), ($logfile == 'vpn'), "status_logs_vpn.php"); +$tab_array[] = array(gettext("Load Balancer"), ($logfile == 'relayd'), "status_logs.php?logfile=relayd"); +$tab_array[] = array(gettext("OpenVPN"), ($logfile == 'openvpn'), "status_logs.php?logfile=openvpn"); +$tab_array[] = array(gettext("NTP"), ($logfile == 'ntpd'), "status_logs.php?logfile=ntpd"); $tab_array[] = array(gettext("Settings"), false, "status_logs_settings.php"); display_top_tabs($tab_array); $tab_array = array(); $tab_array[] = array(gettext("PPPoE Logins"), - (($vpntype == "poes") && ($mode != "raw")), - "/status_logs_vpn.php?vpntype=poes"); -$tab_array[] = array(gettext("PPPoE Raw"), - (($vpntype == "poes") && ($mode == "raw")), - "/status_logs_vpn.php?vpntype=poes&mode=raw"); + (($logfile == 'vpn') && ($vpntype == "poes")), + "/status_logs_vpn.php?logfile=vpn&vpntype=poes"); +$tab_array[] = array(gettext("PPPoE Service"), + (($logfile == 'poes') && ($vpntype == "poes")), + "/status_logs_vpn.php?logfile=poes&vpntype=poes"); $tab_array[] = array(gettext("L2TP Logins"), - (($vpntype == "l2tp") && ($mode != "raw")), - "/status_logs_vpn.php?vpntype=l2tp"); -$tab_array[] = array(gettext("L2TP Raw"), - (($vpntype == "l2tp") && ($mode == "raw")), - "/status_logs_vpn.php?vpntype=l2tp&mode=raw"); + (($logfile == 'vpn') && ($vpntype == "l2tp")), + "/status_logs_vpn.php?logfile=vpn&vpntype=l2tp"); +$tab_array[] = array(gettext("L2TP Service"), + (($logfile == 'l2tps') && ($vpntype == "l2tp")), + "/status_logs_vpn.php?logfile=l2tps&vpntype=l2tp"); display_top_tabs($tab_array, false, 'nav nav-tabs'); + + +if ($filter_active) { + $filter_state = SEC_OPEN; +} else { + $filter_state = SEC_CLOSED; +} + +if (!$rawfilter) { // Advanced log filter form + $form = new Form(false); + + $section = new Form_Section('Advanced Log Filter', 'adv-filter-panel', COLLAPSIBLE|$filter_state); + + if ($logfile == "vpn") { + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filterlogentries_time', + null, + 'text', + $filterfieldsarray['time'] + ))->setWidth(3)->setHelp('Time'); + + $group->add(new Form_Input( + 'filterlogentries_action', + null, + 'text', + $filterfieldsarray['action'] + ))->setWidth(3)->setHelp('Action'); + + $group->add(new Form_Input( + 'filterlogentries_qty', + null, + 'number', + $filterlogentries_qty, + ['placeholder' => $nentries] + ))->setWidth(2)->setHelp('Quantity'); + + $section->add($group); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filterlogentries_user', + null, + 'text', + $filterfieldsarray['user'] + ))->setWidth(3)->setHelp('User'); + + $group->add(new Form_Input( + 'filterlogentries_ip_address', + null, + 'text', + $filterfieldsarray['ip_address'] + ))->setWidth(4)->setHelp('IP Address'); + } else { + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filterlogentries_time', + null, + 'text', + $filterfieldsarray['time'] + ))->setWidth(3)->setHelp('Time'); + + $group->add(new Form_Input( + 'filterlogentries_type', + null, + 'text', + $filterfieldsarray['type'] + ))->setWidth(2)->setHelp('Type'); + + $group->add(new Form_Input( + 'filterlogentries_pid', + null, + 'text', + $filterfieldsarray['pid'] + ))->setWidth(2)->setHelp('PID'); + + $group->add(new Form_Input( + 'filterlogentries_qty', + null, + 'number', + $filterlogentries_qty, + ['placeholder' => $nentries] + ))->setWidth(2)->setHelp('Quantity'); + + $section->add($group); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filterlogentries_message', + null, + 'text', + $filterfieldsarray['message'] + ))->setWidth(7)->setHelp('Log Message'); + + } + $btnsubmit = new Form_Button( + 'filterlogentries_submit', + ' ' . gettext('Apply Filter'), + null, + 'fa-filter' + ); +} else { // Simple log filter form + $form = new Form(false); + + $section = new Form_Section('Log Filter', 'basic-filter-panel', COLLAPSIBLE|$filter_state); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filtertext', + null, + 'text', + $filtertext + ))->setWidth(6)->setHelp('Filter Expression'); + + $group->add(new Form_Input( + 'filterlogentries_qty', + null, + 'number', + $filterlogentries_qty, + ['placeholder' => $nentries] + ))->setWidth(2)->setHelp('Quantity'); + + $btnsubmit = new Form_Button( + 'filtersubmit', + ' ' . gettext('Apply Filter'), + null, + 'fa-filter' + ); +} + +$btnsubmit->removeClass('btn-primary')->addClass('btn-success')->addClass('btn-sm'); + +$group->add(new Form_StaticText( + '', + $btnsubmit +)); + +$group->setHelp('<a target="_blank" href="http://www.php.net/manual/en/book.pcre.php">' . gettext('Regular expression reference') . '</a> ' . gettext('Precede with exclamation (!) to exclude match.')); +$section->add($group); +$form->add($section); +if ($logfile != "vpn") { # Needs to be tested with a vpn.log file before enabling. + print $form; +} +// Now the forms are complete we can draw the log table and its controls +if (!$rawfilter) { + if ($logfile != "vpn") { # Needs to be tested with a vpn.log file before enabling. + if ($filterlogentries_submit) { + $filterlog = conv_log_filter($vpn_logfile, $nentries, $nentries + 100, $filterfieldsarray); + } else { + $filterlog = conv_log_filter($vpn_logfile, $nentries, $nentries + 100, $filtertext); + } + } ?> -<!-- Raw logs are displayed as preformatted text. vpn logs are displayed as a table--> <div class="panel panel-default"> - <div class="panel-heading"><h2 class="panel-title"><?=gettext("Last ")?><?=$nentries?> <?=$vpns[$vpntype]?><?=gettext(" log entries")?></h2></div> - <div class="panel-body"> +<?php if ($logfile != "vpn") { # Needs to be tested with a vpn.log file before enabling. ?> + <div class="panel-heading"> + <h2 class="panel-title"> <?php - if ($mode != "raw") { + if ((!$filtertext) && (!$filterfieldsarray)) { + printf(gettext("Last %d %s log entries."), count($filterlog), gettext($allowed_logs[$logfile]["name"])); + } else { + printf(gettext("%d matched %s log entries."), count($filterlog), gettext($allowed_logs[$logfile]["name"])); + } + + printf(" (" . gettext("Maximum %d") . ")", $nentries); ?> + </h2> + </div> +<?php } else { ?> + <div class="panel-heading"><h2 class="panel-title"><?=gettext("Last ")?><?=$nentries?> <?=gettext($allowed_logs[$logfile]["name"])?><?=gettext(" log entries")?></h2></div> +<?php } ?> + <div class="panel-body"> <div class="table-responsive"> - <table class="table table-striped table-hover table-condensed"> + <table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable> +<?php + if ($logfile == "vpn") { +?> <thead> - <tr> + <tr style="white-space:nowrap;"> <th><?=gettext("Time")?></th> <th><?=gettext("Action")?></th> <th><?=gettext("User")?></th> - <th><?=gettext("IP address")?></th> + <th><?=gettext("IP Address")?></th> </tr> </thead> <tbody> <?php - $rows = dump_clog_vpn("/var/log/vpn.log", $nentries); // dump_clog_vpn provides all the need <td></td>/<tr></tr> tags + if ($logfile != "vpn") { # Needs to be tested with a vpn.log file before enabling. + foreach ($filterlog as $filterent) { +?> + <tr style="white-space:nowrap;"> + <td> + <?=htmlspecialchars($filterent['time'])?> + </td> + <td> + <? if ($filterent['action'] == "login") { ?> + <i class=\"fa fa-arrow-left\" alt=\"in\"></i> + <? } else { ?> + <i class=\"fa fa-arrow-right\" alt=\"out\"></i> + <? } ?> + </td> + <td> + <?=htmlspecialchars($filterent['user'])?> + </td> + <td style="word-wrap:break-word; word-break:break-all; white-space:normal"> + <?=htmlspecialchars($filterent['ip_address'])?> + </td> + </tr> +<?php + } // e-o-foreach + } else { # Continue using dump clog function until tested with a vpn.log file. + $rows = dump_clog_vpn($vpn_logfile, $nentries); // dump_clog_vpn provides all the need <td></td>/<tr></tr> tags + if ($rows > 0) $filterlog[0] = ''; + } +?> + </tbody> +<?php + } else { +?> + <thead> + <tr style="white-space:nowrap;"> + <th><?=gettext("Time")?></th> + <th><?=gettext("Type")?></th> + <th><?=gettext("PID")?></th> + <th style="width:100%"><?=gettext("Log Message")?></th> + </tr> + </thead> + <tbody> +<?php + foreach ($filterlog as $filterent) { +?> + <tr style="white-space:nowrap;"> + <td> + <?=htmlspecialchars($filterent['time'])?> + </td> + <td> + <?=htmlspecialchars($filterent['type'])?> + </td> + <td> + <?=htmlspecialchars($filterent['pid'])?> + </td> + <td style="word-wrap:break-word; word-break:break-all; white-space:normal"> + <?=htmlspecialchars($filterent['message'])?> + </td> + </tr> +<?php + } // e-o-foreach ?> </tbody> +<?php + } +?> </table> <?php - if ($rows == 0) { - print_info_box('No logs to display'); - } + if (count($filterlog) == 0) { + print_info_box(gettext('No logs to display')); + } ?> </div> + </div> +</div> <?php - } else { +} else { ?> - <pre> +<div class="panel panel-default"> + <div class="panel-heading"><h2 class="panel-title"><?=gettext("Last ")?><?=$nentries?> <?=gettext($allowed_logs[$logfile]["name"])?><?=gettext(" log entries")?></h2></div> + <div class="panel-body"> + <pre><?php + $rows = dump_clog_no_table($vpn_logfile, $nentries, true, array($filtertext)); + ?></pre> <?php - if (dump_clog_no_table("/var/log/{$logname}.log", $nentries) == 0) { - print('No logs to display'); - } + if ($rows == 0) { + print_info_box(gettext('No logs to display')); + } +?> + </div> +</div> +<?php +} +?> + +<?php +# Manage Log - Section/Form + +if ($input_errors) { + print_input_errors($input_errors); + $manage_log_active = true; +} + +if ($manage_log_active) { + $manage_log_state = SEC_OPEN; +} else { + $manage_log_state = SEC_CLOSED; +} + +$form = new Form(false); + +$section = new Form_Section(gettext('Manage') . ' ' . gettext($allowed_logs[$logfile]["name"]) . ' ' . gettext('Log'), 'log-manager-panel', COLLAPSIBLE|$manage_log_state); + +$section->addInput(new Form_StaticText( + '', + 'These settings override the "General Logging Options" settings.' +)); + + +# All +$group = new Form_Group('Forward/Reverse Display'); + +$group->add(new Form_Checkbox( + 'cronorder', + null, + 'Forward', + ($pconfig['cronorder'] == 'forward') ? true : false, + 'forward' +))->displayAsRadio()->setHelp('(newest at bottom)'); + +$group->add(new Form_Checkbox( + 'cronorder', + null, + 'Reverse', + ($pconfig['cronorder'] == 'reverse') ? true : false, + 'reverse' +))->displayAsRadio()->setHelp('(newest at top)'); + +$group->add(new Form_Checkbox( + 'cronorder', + null, + 'General Logging Options Setting', + ($pconfig['cronorder'] == '') ? true : false, + '' +))->displayAsRadio(); + +$group->setHelp('Show log entries in forward or reverse order.'); +$section->add($group); + +$group = new Form_Group('GUI Log Entries'); + +# Use the general logging options setting (global) as placeholder. +$group->add(new Form_Input( + 'nentries', + 'GUI Log Entries', + 'number', + $pconfig['nentries'], + ['min' => 5, 'max' => 2000, 'placeholder' => $config['syslog']['nentries']] +))->setWidth(2); + +$group->setHelp('This is the number of log entries displayed in the GUI. It does not affect how many entries are contained in the log.'); +$section->add($group); + +$group = new Form_Group('Log file size (Bytes)'); + +# Use the general logging options setting (global) as placeholder. +$group->add(new Form_Input( + 'logfilesize', + 'Log file size (Bytes)', + 'number', + $pconfig['logfilesize'], + ['min' => 100000, 'placeholder' => $config['syslog']['logfilesize'] ? $config['syslog']['logfilesize'] : "511488"] +))->setWidth(2); +$group->setHelp("The log is held in a constant-size circular log file. This field controls how large the log file is, and thus how many entries may exist inside the log. The default is approximately 500KB." . + '<br /><br />' . + "NOTE: The log size is changed the next time it is cleared. To immediately change the log size, first save the options to set the size, then clear the log using the \"Clear Log\" action below. "); +$section->add($group); + +$group = new Form_Group('Formatted/Raw Display'); + +$group->add(new Form_Checkbox( + 'format', + null, + 'Formatted', + ($pconfig['format'] == 'formatted') ? true : false, + 'formatted' +))->displayAsRadio(); + +$group->add(new Form_Checkbox( + 'format', + null, + 'Raw', + ($pconfig['format'] == 'raw') ? true : false, + 'raw' +))->displayAsRadio(); + +$group->add(new Form_Checkbox( + 'format', + null, + 'General Logging Options Setting', + ($pconfig['format'] == '') ? true : false, + '' +))->displayAsRadio(); + +$group->setHelp('Show the log entries as formatted or raw output as generated by the service. The raw output will reveal more detailed information, but it is more difficult to read.'); +$section->add($group); + + +# System General (main) Specific +if ($logfile == 'system') { + $section->addInput(new Form_Checkbox( + 'loglighttpd', + 'Web Server Log', + 'Log errors from the web server process', + $pconfig['loglighttpd'] + ))->setHelp('If this is checked, errors from the lighttpd web server process for the GUI or Captive Portal will appear in the system log.'); +} + + +$group = new Form_Group('Action'); + +$btnsavesettings = new Form_Button( + 'save_settings', + gettext('Save'), + null +); + +$btnsavesettings->addClass('btn-sm'); + +$group->add(new Form_StaticText( + '', + $btnsavesettings +))->setHelp('Saves changed settings.'); + + +$btnclear = new Form_Button( + 'clear', + ' ' . gettext('Clear log'), + null, + 'fa-trash' +); + +$btnclear->removeClass('btn-primary')->addClass('btn-danger')->addClass('btn-sm'); + +$group->add(new Form_StaticText( + '', + $btnclear +))->setHelp('Clears local log file and reinitializes it as an empty log. Save any settings changes first.'); + +$section->add($group); +$form->add($section); +print $form; ?> - </pre> + <?php +function dump_clog_vpn($logfile, $tail) { + global $g, $config, $vpntype; + + $sor = isset($config['syslog']['reverse']) ? "-r" : ""; + $specific_log = basename($logfile, '.log') . '_settings'; + if ($config['syslog'][$specific_log]['cronorder'] == 'forward') $sor = ""; + if ($config['syslog'][$specific_log]['cronorder'] == 'reverse') $sor = "-r"; + + $logarr = ""; + + exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); + + $rows = 0; + foreach ($logarr as $logent) { + $rows++; + $logent = preg_split("/\s+/", $logent, 6); + $llent = explode(",", $logent[5]); + $iftype = substr($llent[1], 0, 4); + if ($iftype != $vpntype) { + continue; } + echo "<tr>\n"; + echo "<td>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n"; + + if ($llent[0] == "login") { + echo "<td><i class=\"fa fa-arrow-left\" alt=\"in\"></i></td>\n"; + } else { + echo "<td><i class=\"fa fa-arrow-right\" alt=\"out\"></i></td>\n"; + } + + echo "<td>" . htmlspecialchars($llent[3]) . "</td>\n"; + echo "<td>" . htmlspecialchars($llent[2]) . " </td>\n"; + echo "</tr>\n"; + } + return($rows); +} ?> - <form action="status_logs_vpn.php" method="post"> - <input type="hidden" name="vpntype" id="vpntype" value="<?=$vpntype?>" /> - <input type="hidden" name="mode" id="mode" value="<?=$mode?>" /> - <input name="clear" type="submit" class="btn btn-danger" value="<?=gettext("Clear log")?>" /> - </form> - <p> - </p> - </div> -</div> + <?php include("foot.inc"); |
