#!/usr/bin/perl -w use strict; use CGI qw/:standard :html3/; # ADD CARP # # FireDisplay : # # Displays the firewall packet logs for ipchains # # Define location of syslog my $system_log="/var/log/messages"; # Load contents of syslog into array my @log; open(LOG,$system_log); # Error checking # Process log and pull out relevant info while() { if ($_ =~/kernel: Packet log/) { # Space delimited log line my @values = split(/\s+/,$_); # Search through each entry and add to hash # as appropriate my %ref; # Grab date into hash $ref{"date"} = join(" ", $values[0], $values[1], $values[2]); $ref{"chain"} = $values[7]; $ref{"action"} = $values[8]; $ref{"interface"} = $values[9]; my ($ext_ip,$ext_port) = split(":",$values[11]); $ref{"ext_ip"} = $ext_ip; $ref{"ext_port"} = $ext_port; my ($int_ip,$int_port) = split(":",$values[12]); $ref{"int_ip"} = $int_ip; $ref{"int_port"} = $int_port; # Grab k/v pairs - not currently used my ($key,$value); foreach (@values) { if ($_=~/=/) { ($key,$value) = split("=",$_); $ref{$key}=$value; } } # Create array of hashes push(@log,\%ref); } } close(LOG); # Create HTML object my $html = CGI->new(); # Do initial html print $html->header; print $html->start_html("FireDisplay : Packet Log Display"); # Create table data my @headings = ("Date & Time", "Chain", "Action", "Interface", "External IP", "External Port", "Internal IP", "Internal Port"); my @rows = th(\@headings); # Create data foreach (reverse @log) { push(@rows, td([ @$_{'date'}, @$_{'chain'}, @$_{'action'}, @$_{'interface'}, @$_{'ext_ip'}, @$_{'ext_port'}, @$_{'int_ip'}, @$_{'int_port'} ])); } # Check for no results if (@rows>1) { # Display the table print table({-border=>undef,-width=>'25%'}, caption(b("FireDisplay : $system_log")), Tr({-align => "center"},\@rows) ); } else { print p("FireDisplay : Nothing to report"); } # Add HTML footer print $html->end_html;