summaryrefslogtreecommitdiffstats
path: root/usr/local/bin
diff options
context:
space:
mode:
authorjim-p <jim@pingle.org>2009-11-15 11:22:45 -0500
committerjim-p <jim@pingle.org>2009-11-15 11:22:45 -0500
commite390b503f503f48e656d91f61d933cc1fd7f7a3c (patch)
tree4e4505ac06f8eb99847a49c952279a1dc2beb526 /usr/local/bin
parent9c5637544acd10221d465030a430e39dcf92acdf (diff)
downloadpfsense-e390b503f503f48e656d91f61d933cc1fd7f7a3c.zip
pfsense-e390b503f503f48e656d91f61d933cc1fd7f7a3c.tar.gz
Move two include files to /etc/inc instead of leaving them in the www dir. Move filterparser.php to /usr/local/bin since it's not meant to be used from the web interface.
Diffstat (limited to 'usr/local/bin')
-rw-r--r--usr/local/bin/filterparser.php79
1 files changed, 79 insertions, 0 deletions
diff --git a/usr/local/bin/filterparser.php b/usr/local/bin/filterparser.php
new file mode 100644
index 0000000..d432419
--- /dev/null
+++ b/usr/local/bin/filterparser.php
@@ -0,0 +1,79 @@
+#!/usr/local/bin/php -q
+<?php
+/* $Id$ */
+/*
+ filterparser.php
+ part of pfSesne by Scott Ullrich
+ originally based on m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2009 Jim Pingle <myfirstname>@<mylastname>.org
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+ A quick CLI log parser.
+ Examples:
+ clog /var/log/filter.log | tail -50 | /usr/local/www/filterparser.php
+ clog -f /var/log/filter.log | /usr/local/www/filterparser.php
+*/
+/*
+ pfSense_MODULE: logs
+*/
+
+include_once("functions.inc");
+include_once("filter_log.inc");
+
+$log = fopen("php://stdin", "r");
+$lastline = "";
+while(!feof($log)) {
+ $line = fgets($log);
+ $line = rtrim($line);
+ $line_split = "";
+ preg_match("/.*\spf:\s(.*)/", $line, $line_split);
+ if (substr($line_split[1], 0, 4) != " ") {
+ $flent = "";
+ if (($lastline != "") && (substr($lastline, 0, 1) != " ")) {
+ $flent = parse_filter_line(trim($lastline));
+ }
+ $lastline = $line;
+ } else {
+ $lastline .= substr($line_split[1], 3);
+ }
+ /* Available fields:
+ time - Time the packet was seen
+ rulenum - Rule number matched
+ act - Action (pass/block)
+ interface - Friendly interface name (WAN, LAN, etc)
+ realint - Real interface name (fxp0, em0, vr0, etc)
+ proto - Protocol (e.g. TCP, UDP, ICMP, etc)
+ tcpflags - TCP flags/control bits
+ src - Source address with port
+ srcip - Source IP
+ srcport - Source Port
+ dst - Destination address with port
+ dstip - Destination IP
+ dstport - Destination Port
+ */
+ if ($flent != "")
+ echo "{$flent['time']} {$flent['act']} {$flent['realint']} {$flent['proto']} {$flent['src']} {$flent['dst']}\n";
+}
+fclose($log); ?> \ No newline at end of file
OpenPOWER on IntegriCloud