Hopefully improve the useless ipsec logs with highlighting

1 files changed, 16 insertions, 2 deletions

diff --git a/usr/local/www/diag_logs_ipsec.php b/usr/local/www/diag_logs_ipsec.php
index 560cd1a..87e1e50 100755
--- a/usr/local/www/diag_logs_ipsec.php
+++ b/usr/local/www/diag_logs_ipsec.php
@@ -56,16 +56,30 @@ if(is_array($config['ipsec']['phase1']))
 		$gateway = ipsec_get_phase1_dst($ph1ent);
 		if(!is_ipaddr($gateway))
 			continue;
-		$search[] = "/(racoon: )([A-Z:].*?)({$gateway}\[[0-9].+\]|{$gateway})(.*)/i";
+		$search[] = "/(racoon: )(INFO[:].*?)({$gateway}\[[0-9].+\]|{$gateway})(.*)/i";
+		$search[] = "/(racoon: )(\[{$gateway}\]|{$gateway})(.*)/i";
+		$replace[] = "$1<strong>[{$ph1ent['descr']}]</strong>: $2$3$4";
 		$replace[] = "$1<strong>[{$ph1ent['descr']}]</strong>: $2$3$4";
 	}
 /* collect all our own ip addresses */
 exec("/sbin/ifconfig | /usr/bin/awk '/inet / {print $2}'", $ip_address_list);
 foreach($ip_address_list as $address) {
-	$search[] = "/(racoon: )([A-Z:].*?)({$address}\[[0-9].+\])(.*isakmp.*)/i";
+	$search[] = "/(racoon: )(INFO[:].*?)({$address}\[[0-9].+\])/i";
+	$search[] = "/(racoon: )(\[{$address}\]|{$address})(.*)/i";
+	$replace[] = "$1<strong>[Self]</strong>: $2$3$4";
 	$replace[] = "$1<strong>[Self]</strong>: $2$3$4";
 }
 
+$search[] = "/(time up waiting for phase1)/i";
+$search[] = "/(failed to pre-process ph1 packet)/i";
+$search[] = "/(failed to pre-process ph2 packet)/i";
+$search[] = "/(no proposal chosen)/i";
+$replace[] = "$1 <strong>[Remote Side not responding]</strong>";
+$replace[] = "$1 <strong>[Check Phase 1 settings, lifetime, algorithm]</strong>";
+$replace[] = "$1 <strong>[Check Phase 2 settings, networks]</strong>";
+$replace[] = "$1 <strong>[Check Phase 2 settings, algorithm]</strong>";
+
+
 $nentries = $config['syslog']['nentries'];
 if (!$nentries)
 	$nentries = 50;