Fix multicast traffic display in widget.

1 files changed, 35 insertions, 27 deletions

diff --git a/usr/local/www/widgets/include/log.inc b/usr/local/www/widgets/include/log.inc
index 387808f..e9575a4 100644
--- a/usr/local/www/widgets/include/log.inc
+++ b/usr/local/www/widgets/include/log.inc
@@ -15,10 +15,8 @@ $filterlog = conv_clog_filter($filter_logfile, $nentries);
 
 /* format filter logs */	
 function conv_clog_filter($logfile, $tail = 8) {
-	global $config, $nentries, $logfile;
-
-	$logfile = "/var/log/filter.log";
-
+	global $config, $nentries, $g;
+	$logarr = "";
 	/* make interface/port table */
 	$iftable = array();
 	$iftable[$config['interfaces']['lan']['if']] = "LAN";
@@ -28,12 +26,11 @@ function conv_clog_filter($logfile, $tail = 8) {
 
 	$sor = isset($config['syslog']['reverse']) ? "-r" : "";
 
-	$logarr = "";
-	exec("/usr/sbin/clog {$logfile} | /usr/bin/tail {$sor} -n {$tail}", $logarr);
+	exec("/usr/sbin/clog {$logfile} | /usr/bin/tail {$sor} -n 500", $logarr);
 
 	$filterlog = array();
 
-	$counter = 0;
+	$counter = 1;
 
 	foreach ($logarr as $logent) {
 
@@ -41,16 +38,17 @@ function conv_clog_filter($logfile, $tail = 8) {
 			break;
 
 		$log_split = "";
-		
-		//old reg ex
-		//preg_match("/(.*)\s.*\spf:\s.*\srule\s(.*)\(match\)\:\s(.*)\s\w+\son\s(\w+)\:\s(.*)\s>\s(.*)\:\s.*/", $logent, $log_split);
 
-		preg_match("/(.*)\s.*\spf:\s.*\srule\s(.*)\(match\)\:\s(.*)\s\w+\son\s(\w+)\:\s.*\slength\:.*\s(.*)\s>\s(.*)\:\s.*/", $logent, $log_split);
-	
-	
-		$logent = strtoupper($logent);
 
-		$do_not_display = false;
+		preg_match("/(\b(?:\d{1,3}\.){3}\d{1,3}(\.\w+)?)\s.*\s(\b(?:\d{1,3}\.){3}\d{1,3}(\.\w+)?)/", $logent, $log_split);
+
+		$flent['src'] 		= convert_port_period_to_colon($log_split[1]);
+		$flent['dst'] 		= convert_port_period_to_colon($log_split[3]);
+
+		preg_match("/(.*)\s.*\spf:\s.*\srule\s(.*)\(match\)\:\s(.*)\s\w+\son\s(\w+)\:\s(.*)\s>\s(.*)\:\s.*/", $logent, $log_split);
+
+		$beforeupper = $logent;
+		$logent = strtoupper($logent);
 
 		if(stristr(strtoupper($logent), "UDP") == true)
 			$flent['proto'] = "UDP";
@@ -70,16 +68,16 @@ function conv_clog_filter($logfile, $tail = 8) {
 			$flent['proto'] = "IGMP";
 		else if(stristr(strtoupper($logent), "CARP") == true)
 			$flent['proto'] = "CARP";
+		else if(stristr(strtoupper($logent), "VRRP") == true)
+			$flent['proto'] = "VRRP";
 		else if(stristr(strtoupper($logent), "PFSYNC") == true)
 			$flent['proto'] = "PFSYNC";
+		else if(stristr($logent, "sack") == true)
+			$flent['proto'] = "TCP";
 		else
 			$flent['proto'] = "TCP";
 
-		$time_regex = "";
-		preg_match("/.*([0-9][0-9]:[0-9][0-9]:[0-9][0-9])/", $log_split[1], $time_regex);
-		$row_time = strtotime($time_regex[1]);
-
-		$flent['time'] 		= $row_time;
+		$flent['time'] 		= $log_split[1];
 		$flent['act'] 		= $log_split[3];
 
 		$friendly_int = convert_real_interface_to_friendly_interface_name($log_split[4]);
@@ -89,16 +87,26 @@ function conv_clog_filter($logfile, $tail = 8) {
 		if($config['interfaces'][$friendly_int]['descr'] <> "")
 			$flent['interface'] = "{$config['interfaces'][$friendly_int]['descr']}";
 
-		$flent['src'] 		= convert_port_period_to_colon($log_split[5]);
-		$flent['dst'] 		= convert_port_period_to_colon($log_split[6]);
-
-		$flent['dst'] = str_replace(": NBT UDP PACKET(137)", "", $flent['dst']);
-
 		$tmp = split("/", $log_split[2]);
 		$flent['rulenum'] = $tmp[0];
 
-		$counter++;
-		$filterlog[] = $flent;
+		$shouldadd = true;
+
+		if(trim($flent['src']) == "")
+			$shouldadd = false;
+		if(trim($flent['dst']) == "")
+			$shouldadd = false;
+		if(trim($flent['time']) == "")
+			$shouldadd = false;
+
+		if($shouldadd == true) {
+			$counter++;
+			$filterlog[] = $flent;
+		} else {
+			if($g['debug']) {
+				log_error("There was a error parsing rule: $beforeupper .   Please report to mailing list or forum.");
+			}
+		}
 
 	}