This patch introduces callback based filtering functionality for firewall logs.
In addition, the contents of rotated logfiles are included by setting the
`include_rotated_logs` flag.
Signed-off-by: Christian Ebner <c.eb...@proxmox.com>
---
src/PVE/Tools.pm | 108 +++++++++++++++++++++++++++++++++++++++--------
1 file changed, 91 insertions(+), 17 deletions(-)
diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index cdbee6d..cafc2f7 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -17,6 +17,7 @@ use IO::Handle;
use IO::Pipe;
use IO::Select;
use IO::Socket::IP;
+use IO::Zlib;
use IPC::Open3;
use JSON;
use POSIX qw(EINTR EEXIST EOPNOTSUPP);
@@ -1265,29 +1266,19 @@ sub split_args {
return $str ? [ Text::ParseWords::shellwords($str) ] : [];
}
-sub dump_logfile {
- my ($filename, $start, $limit, $filter) = @_;
-
- my $lines = [];
- my $count = 0;
-
- my $fh = IO::File->new($filename, "r");
- if (!$fh) {
- $count++;
- push @$lines, { n => $count, t => "unable to open file - $!"};
- return ($count, $lines);
- }
+sub dump_logfile_by_filehandle {
+ my ($fh, $start, $limit, $filter, $count, $lines, $read_until_end) = @_;
- $start = $start // 0;
- $limit = $limit // 50;
-
- my $read_until_end = $limit == 0;
my $line;
if ($filter) {
# duplicate code, so that we do not slow down normal path
while (defined($line = <$fh>)) {
- next if $line !~ m/$filter/;
+ if (ref($filter) eq 'CODE') {
+ next if !$filter->($line);
+ } else {
+ next if $line !~ m/$filter/;
+ }
next if $count++ < $start;
if (!$read_until_end) {
next if $limit <= 0;
@@ -1308,6 +1299,29 @@ sub dump_logfile {
}
}
+ return ($count, $lines, $limit);
+}
+
+sub dump_logfile {
+ my ($filename, $start, $limit, $filter) = @_;
+
+ $start = $start // 0;
+ $limit = $limit // 50;
+
+ my $read_until_end = $limit == 0;
+ my $lines = [];
+ my $count = 0;
+
+ my $fh = IO::File->new($filename, "r");
+ if (!$fh) {
+ $count++;
+ push @$lines, { n => $count, t => "unable to open file - $!"};
+ return ($count, $lines);
+ }
+
+ ($count, $lines, $limit) = dump_logfile_by_filehandle(
+ $fh, $start, $limit, $filter, $count, $lines, $read_until_end);
+
close($fh);
# HACK: ExtJS store.guaranteeRange() does not like empty array
@@ -1320,6 +1334,66 @@ sub dump_logfile {
return ($count, $lines);
}
+sub dump_fw_logfile {
+ my ($filename, $start, $limit, $filter, $include_rotated_logs) = @_;
+
+ if (!$include_rotated_logs) {
+ return dump_logfile($filename, $start, $limit, $filter);
+ }
+
+ $start = $start // 0;
+ $limit = $limit // 50;
+
+ # Take into consideration also rotated logs
+ my ($basename, $logdir, $type) = fileparse($filename);
+ my @files = ();
+
+ opendir(LOGDIR, $logdir) || die "Cannot open $logdir";
+ my $entry;
+ while ($entry = readdir(LOGDIR)) {
+ my $namefilter = $basename."*";
+ next if $entry !~ m/$namefilter/;
+ push @files, $entry;
+ }
+ closedir(LOGDIR);
+ @files = reverse sort @files;
+
+ my $read_until_end = $limit == 0;
+ my $lines = [];
+ my $count = 0;
+
+ foreach (@files) {
+ my ($base, $path, $type) = fileparse($_, ".gz");
+
+ my $fh;
+ if ($type eq '.gz') {
+ $fh = IO::Zlib->new($logdir.$_, "r");
+ } else {
+ $fh = IO::File->new($logdir.$_, "r");
+ }
+
+ if (!$fh) {
+ $count++;
+ push @$lines, { n => $count, t => "unable to open file - $!"};
+ return ($count, $lines);
+ }
+
+ ($count, $lines, $limit) = dump_logfile_by_filehandle(
+ $fh, $start, $limit, $filter, $count, $lines, $read_until_end);
+
+ close($fh);
+ }
+
+ # HACK: ExtJS store.guaranteeRange() does not like empty array
+ # so we add a line
+ if (!$count) {
+ $count++;
+ push @$lines, { n => $count, t => "no content"};
+ }
+
+ return ($count, $lines);
+}
+
sub dump_journal {
my ($start, $limit, $since, $until, $service) = @_;
--
2.30.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
