* [pve-devel] [RFC common 0/1] Optional parameters `since` and `until` for firewall log filtering @ 2023-01-05 9:18 Christian Ebner 2023-01-05 9:18 ` [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter Christian Ebner 2023-01-05 9:18 ` [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs Christian Ebner 0 siblings, 2 replies; 8+ messages in thread From: Christian Ebner @ 2023-01-05 9:18 UTC (permalink / raw) To: pve-devel This patch series introduces 2 optional api parametes `since` and `until` to firewall log endpoints, in order to make them filterable. In contrast to the current `dump_logfile`, the specialized `dump_fw_logfile` takes into consideration and scans also rotated logfiles, if `since` or `until` are given. Without optional parameters, `dump_logfile` is used. Christian Ebner (1): tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs src/PVE/Tools.pm | 80 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) Christian Ebner (1): api: Add optional parameters `since` and `until` for timestamp filter src/PVE/API2/Firewall/Host.pm | 15 ++++++++++++++- src/PVE/API2/Firewall/VM.pm | 18 +++++++++++++++--- 2 files changed, 29 insertions(+), 4 deletions(-) -- 2.30.2 ^ permalink raw reply [flat|nested] 8+ messages in thread
* [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter 2023-01-05 9:18 [pve-devel] [RFC common 0/1] Optional parameters `since` and `until` for firewall log filtering Christian Ebner @ 2023-01-05 9:18 ` Christian Ebner 2023-01-05 13:51 ` Fiona Ebner 2023-01-05 9:18 ` [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs Christian Ebner 1 sibling, 1 reply; 8+ messages in thread From: Christian Ebner @ 2023-01-05 9:18 UTC (permalink / raw) To: pve-devel The optional unix epoch timestamps parameters `since` and `until` are introduced in order to filter firewall logs files. Since the `dump_logfile` function is used in multiple places, not neccessarily following the firewall log output format, a specialized function `dump_fw_logfile` is introduced in the PVE::Tools, with fallback to the previous `dump_logfile` function if none of the parameters is present. This patch depends on the corresponding patch in the pve-common repository. Signed-off-by: Christian Ebner <c.ebner@proxmox.com> --- src/PVE/API2/Firewall/Host.pm | 15 ++++++++++++++- src/PVE/API2/Firewall/VM.pm | 18 +++++++++++++++--- 2 files changed, 29 insertions(+), 4 deletions(-) diff --git a/src/PVE/API2/Firewall/Host.pm b/src/PVE/API2/Firewall/Host.pm index dfeccd0..8470f7f 100644 --- a/src/PVE/API2/Firewall/Host.pm +++ b/src/PVE/API2/Firewall/Host.pm @@ -172,6 +172,18 @@ __PACKAGE__->register_method({ minimum => 0, optional => 1, }, + since => { + type => 'integer', + minimum => 0, + description => "Display log since this UNIX epoch.", + optional => 1, + }, + until => { + type => 'integer', + minimum => 0, + description => "Display log until this UNIX epoch.", + optional => 1, + }, }, }, returns => { @@ -197,7 +209,8 @@ __PACKAGE__->register_method({ my $user = $rpcenv->get_user(); my $node = $param->{node}; - my ($count, $lines) = PVE::Tools::dump_logfile("/var/log/pve-firewall.log", $param->{start}, $param->{limit}); + my($count, $lines) = PVE::Tools::dump_fw_logfile("/var/log/pve-firewall.log", + $param->{start}, $param->{limit}, undef, $param->{since}, $param->{until}); $rpcenv->set_result_attrib('total', $count); diff --git a/src/PVE/API2/Firewall/VM.pm b/src/PVE/API2/Firewall/VM.pm index 48b8c5f..a0c0f94 100644 --- a/src/PVE/API2/Firewall/VM.pm +++ b/src/PVE/API2/Firewall/VM.pm @@ -176,6 +176,18 @@ sub register_handlers { minimum => 0, optional => 1, }, + since => { + type => 'integer', + minimum => 0, + description => "Display log since this UNIX epoch.", + optional => 1, + }, + until => { + type => 'integer', + minimum => 0, + description => "Display log until this UNIX epoch.", + optional => 1, + }, }, }, returns => { @@ -201,9 +213,9 @@ sub register_handlers { my $user = $rpcenv->get_user(); my $vmid = $param->{vmid}; - my ($count, $lines) = PVE::Tools::dump_logfile("/var/log/pve-firewall.log", - $param->{start}, $param->{limit}, - "^$vmid "); + my ($count, $lines) = PVE::Tools::dump_fw_logfile("/var/log/pve-firewall.log", + $param->{start}, $param->{limit}, "^$vmid ", $param->{since}, + $param->{until}); $rpcenv->set_result_attrib('total', $count); -- 2.30.2 ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter 2023-01-05 9:18 ` [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter Christian Ebner @ 2023-01-05 13:51 ` Fiona Ebner 2023-01-05 13:59 ` Thomas Lamprecht 0 siblings, 1 reply; 8+ messages in thread From: Fiona Ebner @ 2023-01-05 13:51 UTC (permalink / raw) To: pve-devel, c.ebner Just two refreshers about style ;) Am 05.01.23 um 10:18 schrieb Christian Ebner: > The optional unix epoch timestamps parameters `since` and `until` are introduced in order to filter > firewall logs files. > > Since the `dump_logfile` function is used in multiple places, not neccessarily following the firewall > log output format, a specialized function `dump_fw_logfile` is introduced in the PVE::Tools, > with fallback to the previous `dump_logfile` function if none of the parameters is present. > > This patch depends on the corresponding patch in the pve-common repository. > Style nit: lines in the commit message should be <= 70 characters [0] > @@ -197,7 +209,8 @@ __PACKAGE__->register_method({ > my $user = $rpcenv->get_user(); > my $node = $param->{node}; > > - my ($count, $lines) = PVE::Tools::dump_logfile("/var/log/pve-firewall.log", $param->{start}, $param->{limit}); > + my($count, $lines) = PVE::Tools::dump_fw_logfile("/var/log/pve-firewall.log", > + $param->{start}, $param->{limit}, undef, $param->{since}, $param->{until}); Style nit: please use 1 line for each parameter if it gets too long [1] > @@ -201,9 +213,9 @@ sub register_handlers { > my $user = $rpcenv->get_user(); > my $vmid = $param->{vmid}; > > - my ($count, $lines) = PVE::Tools::dump_logfile("/var/log/pve-firewall.log", > - $param->{start}, $param->{limit}, > - "^$vmid "); > + my ($count, $lines) = PVE::Tools::dump_fw_logfile("/var/log/pve-firewall.log", > + $param->{start}, $param->{limit}, "^$vmid ", $param->{since}, > + $param->{until}); Same here [0]: https://pve.proxmox.com/wiki/Developer_Documentation#Commits_and_Commit_Messages [1]: https://pve.proxmox.com/wiki/Perl_Style_Guide#Wrapping_Arguments ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter 2023-01-05 13:51 ` Fiona Ebner @ 2023-01-05 13:59 ` Thomas Lamprecht 2023-01-05 14:27 ` Christian Ebner 0 siblings, 1 reply; 8+ messages in thread From: Thomas Lamprecht @ 2023-01-05 13:59 UTC (permalink / raw) To: Proxmox VE development discussion, Fiona Ebner, c.ebner Am 05/01/2023 um 14:51 schrieb Fiona Ebner: >> + my($count, $lines) = PVE::Tools::dump_fw_logfile("/var/log/pve-firewall.log", >> + $param->{start}, $param->{limit}, undef, $param->{since}, $param->{until}); > Style nit: please use 1 line for each parameter if it gets too long [1] > In general we try to adhere to rustfmt style, at least in spirit as not everything can be mapped to perl. That format has an intermediate step between one arg per line namely something like: PVE::Tools::foo( $bar, $baz, $very_long_argument_bla_bla) Here, that might still work out if we pull out the $param stuff first, e.g.:: my ($start, $limit, $since, $until) = param->@{qw(start limit since until)}; PVE::Tools::dump_fw_logfile( "/var/log/pve-firewall.log", $start, $limit, undef, $since, $until) ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter 2023-01-05 13:59 ` Thomas Lamprecht @ 2023-01-05 14:27 ` Christian Ebner 0 siblings, 0 replies; 8+ messages in thread From: Christian Ebner @ 2023-01-05 14:27 UTC (permalink / raw) To: Thomas Lamprecht, Proxmox VE development discussion, Fiona Ebner Okay, I will take your comments into consideration, thx! > On 05.01.2023 14:59 CET Thomas Lamprecht <t.lamprecht@proxmox.com> wrote: > > > Am 05/01/2023 um 14:51 schrieb Fiona Ebner: > >> + my($count, $lines) = PVE::Tools::dump_fw_logfile("/var/log/pve-firewall.log", > >> + $param->{start}, $param->{limit}, undef, $param->{since}, $param->{until}); > > Style nit: please use 1 line for each parameter if it gets too long [1] > > > > In general we try to adhere to rustfmt style, at least in spirit as not everything > can be mapped to perl. That format has an intermediate step between one arg per line > namely something like: > > PVE::Tools::foo( > $bar, $baz, $very_long_argument_bla_bla) > > Here, that might still work out if we pull out the $param stuff first, e.g.:: > > my ($start, $limit, $since, $until) = param->@{qw(start limit since until)}; > > PVE::Tools::dump_fw_logfile( > "/var/log/pve-firewall.log", $start, $limit, undef, $since, $until) ^ permalink raw reply [flat|nested] 8+ messages in thread
* [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs 2023-01-05 9:18 [pve-devel] [RFC common 0/1] Optional parameters `since` and `until` for firewall log filtering Christian Ebner 2023-01-05 9:18 ` [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter Christian Ebner @ 2023-01-05 9:18 ` Christian Ebner 2023-01-05 13:25 ` Wolfgang Bumiller 1 sibling, 1 reply; 8+ messages in thread From: Christian Ebner @ 2023-01-05 9:18 UTC (permalink / raw) To: pve-devel This furhter includes the contents of rotated logfiles if present. All files are scanned in sequential order, as there is no guarantee that the rotated logs contain only entries for a single day. Signed-off-by: Christian Ebner <c.ebner@proxmox.com> --- src/PVE/Tools.pm | 80 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm index cdbee6d..fdbf0e1 100644 --- a/src/PVE/Tools.pm +++ b/src/PVE/Tools.pm @@ -4,6 +4,7 @@ use strict; use warnings; use Date::Format qw(time2str); +use Date::Parse qw(str2time); use Digest::MD5; use Digest::SHA; use Encode; @@ -17,6 +18,7 @@ use IO::Handle; use IO::Pipe; use IO::Select; use IO::Socket::IP; +use IO::Zlib; use IPC::Open3; use JSON; use POSIX qw(EINTR EEXIST EOPNOTSUPP); @@ -1320,6 +1322,84 @@ sub dump_logfile { return ($count, $lines); } +sub dump_fw_logfile { + my ($filename, $start, $limit, $filter, $since, $until) = @_; + + if (!(defined($since) || defined($until))) { + # Use previous version without `since` and `until` parameters + return dump_logfile($filename, $start, $limit, $filter); + } + + my $lines = []; + my $count = 0; + + # Take into consideration also rotated logs + my ($basename, $logdir, $type) = fileparse($filename); + my @files = (); + + opendir(LOGDIR, $logdir) || die "Cannot open $logdir"; + my $entry; + while ($entry = readdir(LOGDIR)) { + my $namefilter = $basename."*"; + next if $entry !~ m/$namefilter/; + push @files, $entry; + } + closedir(LOGDIR); + @files = reverse sort @files; + print @files,"\n"; + + $start = $start // 0; + $limit = $limit // 50; + + my $read_until_end = $limit == 0; + my $line; + my $fh; + + foreach (@files) { + my ($base, $path, $type) = fileparse($_, ".gz"); + + if ($type eq '.gz') { + $fh = IO::Zlib->new($logdir.$_, "r"); + } else { + $fh = IO::File->new($logdir.$_, "r"); + } + + if (!$fh) { + $count++; + push @$lines, { n => $count, t => "unable to open file - $!"}; + return ($count, $lines); + } + + while (defined($line = <$fh>)) { + next if defined($filter) && $line !~ m/$filter/; + if ($since || $until) { + my @words = split / /, $line; + my $timestamp = str2time($words[3], $words[4]); + next if $since && $timestamp < $since; + next if $until && $timestamp > $until; + } + next if $count++ < $start; + if (!$read_until_end) { + next if $limit <= 0; + $limit--; + } + chomp $line; + push @$lines, { n => $count, t => $line}; + } + + close($fh); + } + + # HACK: ExtJS store.guaranteeRange() does not like empty array + # so we add a line + if (!$count) { + $count++; + push @$lines, { n => $count, t => "no content"}; + } + + return ($count, $lines); +} + sub dump_journal { my ($start, $limit, $since, $until, $service) = @_; -- 2.30.2 ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs 2023-01-05 9:18 ` [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs Christian Ebner @ 2023-01-05 13:25 ` Wolfgang Bumiller 2023-01-05 14:25 ` Christian Ebner 0 siblings, 1 reply; 8+ messages in thread From: Wolfgang Bumiller @ 2023-01-05 13:25 UTC (permalink / raw) To: Christian Ebner; +Cc: pve-devel On Thu, Jan 05, 2023 at 10:18:04AM +0100, Christian Ebner wrote: > This furhter includes the contents of rotated logfiles if present. All files are scanned in > sequential order, as there is no guarantee that the rotated logs contain only entries for > a single day. > > Signed-off-by: Christian Ebner <c.ebner@proxmox.com> > --- > src/PVE/Tools.pm | 80 ++++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 80 insertions(+) > > diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm > index cdbee6d..fdbf0e1 100644 > --- a/src/PVE/Tools.pm > +++ b/src/PVE/Tools.pm > @@ -4,6 +4,7 @@ use strict; > use warnings; > > use Date::Format qw(time2str); > +use Date::Parse qw(str2time); > use Digest::MD5; > use Digest::SHA; > use Encode; > @@ -17,6 +18,7 @@ use IO::Handle; > use IO::Pipe; > use IO::Select; > use IO::Socket::IP; > +use IO::Zlib; > use IPC::Open3; > use JSON; > use POSIX qw(EINTR EEXIST EOPNOTSUPP); > @@ -1320,6 +1322,84 @@ sub dump_logfile { > return ($count, $lines); > } > > +sub dump_fw_logfile { So initially I thought, With this being firewall-specific I'd rather put this in pve-firewall I think. But given the 'HACK' and the copying of the $start/$limit/$filter portion, maybe just split dump_logfile into a reusable part to which you provide the IO handle and running $count as parameter instead of the filename (IO handle because of the zlib part), and which recognizes when `$filter` is a `sub` to call instead of just a regex (`ref($filter) eq 'CODE'), or simply add those 2 parameters to dump_logfile directly. At least I'd prefer more code reuse if it's already in this module. ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs 2023-01-05 13:25 ` Wolfgang Bumiller @ 2023-01-05 14:25 ` Christian Ebner 0 siblings, 0 replies; 8+ messages in thread From: Christian Ebner @ 2023-01-05 14:25 UTC (permalink / raw) To: Wolfgang Bumiller; +Cc: pve-devel Okay, I will adapt the code based on your comments. Thx! > On 05.01.2023 14:25 CET Wolfgang Bumiller <w.bumiller@proxmox.com> wrote: > > > On Thu, Jan 05, 2023 at 10:18:04AM +0100, Christian Ebner wrote: > > This furhter includes the contents of rotated logfiles if present. All files are scanned in > > sequential order, as there is no guarantee that the rotated logs contain only entries for > > a single day. > > > > Signed-off-by: Christian Ebner <c.ebner@proxmox.com> > > --- > > src/PVE/Tools.pm | 80 ++++++++++++++++++++++++++++++++++++++++++++++++ > > 1 file changed, 80 insertions(+) > > > > diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm > > index cdbee6d..fdbf0e1 100644 > > --- a/src/PVE/Tools.pm > > +++ b/src/PVE/Tools.pm > > @@ -4,6 +4,7 @@ use strict; > > use warnings; > > > > use Date::Format qw(time2str); > > +use Date::Parse qw(str2time); > > use Digest::MD5; > > use Digest::SHA; > > use Encode; > > @@ -17,6 +18,7 @@ use IO::Handle; > > use IO::Pipe; > > use IO::Select; > > use IO::Socket::IP; > > +use IO::Zlib; > > use IPC::Open3; > > use JSON; > > use POSIX qw(EINTR EEXIST EOPNOTSUPP); > > @@ -1320,6 +1322,84 @@ sub dump_logfile { > > return ($count, $lines); > > } > > > > +sub dump_fw_logfile { > > So initially I thought, With this being firewall-specific I'd rather put > this in pve-firewall I think. > But given the 'HACK' and the copying of the $start/$limit/$filter > portion, maybe just split dump_logfile into a reusable part to which you > provide the IO handle and running $count as parameter instead of the > filename (IO handle because of the zlib part), and which recognizes when > `$filter` is a `sub` to call instead of just a regex (`ref($filter) eq > 'CODE'), or simply add those 2 parameters to dump_logfile directly. > At least I'd prefer more code reuse if it's already in this module. ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2023-01-05 14:27 UTC | newest] Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2023-01-05 9:18 [pve-devel] [RFC common 0/1] Optional parameters `since` and `until` for firewall log filtering Christian Ebner 2023-01-05 9:18 ` [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter Christian Ebner 2023-01-05 13:51 ` Fiona Ebner 2023-01-05 13:59 ` Thomas Lamprecht 2023-01-05 14:27 ` Christian Ebner 2023-01-05 9:18 ` [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs Christian Ebner 2023-01-05 13:25 ` Wolfgang Bumiller 2023-01-05 14:25 ` Christian Ebner
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox