Fix #3866 Firewall Log Filtering
on master
Fix #3725:
- Fix match_filter_field() and also simplify logic- Fix $filterfieldsarray initialization- Avoid to have double spaces on filterfieldsarray['act']- Fix filter on Firewall Logs
Handle firewall log filter regex input better bug #3689
If the user inputs an invalid regex in any of the filter fields, then a page full of "warning" messages appear in the GUI, about whatever is invalid.If for some reason the user wants to match a forward slash somewhere, then they have to realize to escape it, doing "\/" instead of just "/". Be nice to this special case, because the user does not necessarily know that "/" is being used as the delimiter in the preg_match call. Turn "/" into "\/" (when the "\" is not already put in by the user)....
Add ICMP to filter parser, it should fix #3663
Work around some quirks in global handling to show filter rule descriptions in their own row/column when configured for that behavior.
Use egrep here (and full path)
Consider tracker IDs when looking up filter log entries, if present
Move clog from /usr to /usr/local
Start using filterlog
Fix some wrong escapeshellarg() calls
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Fix filter regex
Remove scrub as well
Remove even negating nat rules
Correct matching for single rule. Somehow the egrep did not work there!
Speed up a bit rule number identification by avoiding going into kernel but using the rules parsing of pf which gives the same effect.
Fix parsing of the rule number in the pf log on FreeBSD 10.x, part of Bug #2122
Make sure no extra spaces end up in the parsed IP, it can lead to issues in other places (Easy Rule, etc)
Attempt to recognize pfsync entries from pf logs.
Widget Firewall Logs Fields
In the Firewall Log Widget view time field is of more use than source port and protocol.Add time field and remove source port and protocol fields.Fields: Action, Time, Interface, Source IP, Destination IP & Port
Show a little indicator icon if the direction of a firewall log entry is OUT, rather than the usual 'in'. No indicator is shown for IN.
System Firewall Log Filtering by Fields
Previous filter form retained for raw logs view.
Try a little harder to find the protocol rather than giving up. Fixes #2751
Update etc/inc/filter_log.inc
Firewall Logs Widget FilteringOptions to filter on interfaces, 'pass', 'block', & 'reject'
Firewall log, allow filtering by interface.
(line endings UNIX format..)Firewall log alternating colored rowsFirewall log sortableFixed several sorting issues in widgets and other pagesSorting now possible on multiple rows in the header tablesSorting now possible for text that starts with IPv4:port
Added a setting for configuring the firewall log to either:-Not load descriptions-Show descriptions in a column-Show descriptions on a second row (after a click on 'show descriptions')
'fixed' a few html validation issues..
Changed firewall log to show the applied rule description directly on screen, also layout optimization for "Show raw filter logs".
Unbreak a number of explode() replacements which required preg_split()
The function split() is replaced by the function explode(). Starting with PHP 5.3 this is deprecated and with version 6 gone.Replacing it surpresses all the warnings
If an IP is preceeded by "kip ", trim that off. Fixes #2027
Merge remote-tracking branch 'upstream/master'
Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
Show the TCP protocol for ipv6 filter rules
Fix quotes to use %N$X on gettext calls
Fix gettext calls with printf to permit change strings order
Implement gettext() calls on filter_log.inc
Don't split the date/time when forming a line's timestamp, use both. Otherwise it can lead to oddities when crossing a date border. Fixes #478
Add a safety check to prevent packets like those in #479 from breaking the filter log in the GUI.
Fix bug where the last line of the filter log wasn't displayed in WebGUI.
Use _descr() instead for getting the log interface, so it uses the user-supplied name rather than wan/opt1/opt2/etc.
This function appears to not be needed on 2.0 (It is needed on 1.2.3 where I originally coded this part). Use convert_real_interface_to_friendly_interface_name() instead, since it seems to have special case handling for PPPoE and such now. Tested and working on a static IP setup, still needs tested by a PPPoE user on 2.0. (Logs should show "WAN" in the interface column, not "pppoe0".)
Add include for config.inc. Without it, the log parser was failing when called from the CLI (e.g. filterparser.php)
This breaks the firewall log. Unknown intent, Ermal if you want to improve it, please make sure it works.Revert "Remove completely bogus code with propper one."
This reverts commit be620dfd9283ee644c57b3c558c7dd603d0f4897.
Remove completely bogus code with propper one.
Move two include files to /etc/inc instead of leaving them in the www dir. Move filterparser.php to /usr/local/bin since it's not meant to be used from the web interface.