From: Christian Ebner <c.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH firewall 1/1] api: Add optional parameters `since` and `until` for timestamp filter
Date: Mon, 9 Jan 2023 16:07:05 +0100 [thread overview]
Message-ID: <20230109150706.446377-2-c.ebner@proxmox.com> (raw)
In-Reply-To: <20230109150706.446377-1-c.ebner@proxmox.com>
The optional unix epoch timestamps parameters `since` and `until` are introduced
in order to filter firewall logs files. If one of these flags is set, also
rotated logfiles are included.
Filtering is now performed based on a callback function passed to
`dump_fw_logfile`.
This patch depends on the corresponding patch in the pve-common repository.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/PVE/API2/Firewall/Host.pm | 34 ++++++++++++++++++++++++++++-
src/PVE/API2/Firewall/VM.pm | 40 +++++++++++++++++++++++++++++++----
2 files changed, 69 insertions(+), 5 deletions(-)
diff --git a/src/PVE/API2/Firewall/Host.pm b/src/PVE/API2/Firewall/Host.pm
index dfeccd0..cec440d 100644
--- a/src/PVE/API2/Firewall/Host.pm
+++ b/src/PVE/API2/Firewall/Host.pm
@@ -11,6 +11,7 @@ use PVE::Firewall;
use PVE::API2::Firewall::Rules;
+use Date::Parse qw(str2time);
use base qw(PVE::RESTHandler);
__PACKAGE__->register_method ({
@@ -172,6 +173,18 @@ __PACKAGE__->register_method({
minimum => 0,
optional => 1,
},
+ since => {
+ type => 'integer',
+ minimum => 0,
+ description => "Display log since this UNIX epoch.",
+ optional => 1,
+ },
+ until => {
+ type => 'integer',
+ minimum => 0,
+ description => "Display log until this UNIX epoch.",
+ optional => 1,
+ },
},
},
returns => {
@@ -196,8 +209,27 @@ __PACKAGE__->register_method({
my $rpcenv = PVE::RPCEnvironment::get();
my $user = $rpcenv->get_user();
my $node = $param->{node};
+ my $filename = "/var/log/pve-firewall.log";
+ my ($start, $limit, $since, $until) =
+ $param->@{qw(start limit since until)};
+
+ my $filter = sub {
+ my ($line) = @_;
+
+ if ($since || $until) {
+ my @words = split / /, $line;
+ my $timestamp = str2time($words[3], $words[4]);
+ return undef if $since && $timestamp < $since;
+ return undef if $until && $timestamp > $until;
+ }
+
+ return $line;
+ };
+
+ my $include_rotated_logs = defined($since) || defined($until);
- my ($count, $lines) = PVE::Tools::dump_logfile("/var/log/pve-firewall.log", $param->{start}, $param->{limit});
+ my ($count, $lines) = PVE::Tools::dump_fw_logfile(
+ $filename, $start, $limit, $filter, $include_rotated_logs);
$rpcenv->set_result_attrib('total', $count);
diff --git a/src/PVE/API2/Firewall/VM.pm b/src/PVE/API2/Firewall/VM.pm
index 48b8c5f..f245788 100644
--- a/src/PVE/API2/Firewall/VM.pm
+++ b/src/PVE/API2/Firewall/VM.pm
@@ -11,6 +11,7 @@ use PVE::API2::Firewall::Rules;
use PVE::API2::Firewall::Aliases;
+use Date::Parse qw(str2time);
use base qw(PVE::RESTHandler);
my $option_properties = $PVE::Firewall::vm_option_properties;
@@ -176,6 +177,18 @@ sub register_handlers {
minimum => 0,
optional => 1,
},
+ since => {
+ type => 'integer',
+ minimum => 0,
+ description => "Display log since this UNIX epoch.",
+ optional => 1,
+ },
+ until => {
+ type => 'integer',
+ minimum => 0,
+ description => "Display log until this UNIX epoch.",
+ optional => 1,
+ },
},
},
returns => {
@@ -199,11 +212,30 @@ sub register_handlers {
my $rpcenv = PVE::RPCEnvironment::get();
my $user = $rpcenv->get_user();
- my $vmid = $param->{vmid};
+ my $filename = "/var/log/pve-firewall.log";
+ my ($start, $limit, $vmid, $since, $until) =
+ $param->@{qw(start limit vmid since until)};
+
+ my $filter = sub {
+ my ($line) = @_;
+ my $reg = "^$vmid ";
+
+ return undef if $line !~ m/$reg/;
+
+ if ($since || $until) {
+ my @words = split / /, $line;
+ my $timestamp = str2time($words[3], $words[4]);
+ return undef if $since && $timestamp < $since;
+ return undef if $until && $timestamp > $until;
+ }
+
+ return $line;
+ };
+
+ my $include_rotated_logs = defined($since) || defined($until);
- my ($count, $lines) = PVE::Tools::dump_logfile("/var/log/pve-firewall.log",
- $param->{start}, $param->{limit},
- "^$vmid ");
+ my ($count, $lines) = PVE::Tools::dump_fw_logfile(
+ $filename, $start, $limit, $filter, $include_rotated_logs);
$rpcenv->set_result_attrib('total', $count);
--
2.30.2
next prev parent reply other threads:[~2023-01-09 15:07 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-09 15:07 [pve-devel] [PATCH common firewall] Optonal `since` and `until` firewall log filtering Christian Ebner
2023-01-09 15:07 ` Christian Ebner [this message]
2023-01-09 15:07 ` [pve-devel] [PATCH common 1/1] tools: Add callback based filtering for firewall logfiles Christian Ebner
2023-01-10 12:36 ` Wolfgang Bumiller
2023-01-11 8:36 ` Christian Ebner
2023-01-11 8:42 ` Wolfgang Bumiller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230109150706.446377-2-c.ebner@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.