Skip to content

O
OpnSense
Commit b2af67a9 authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

logs: improve all things logging for #397

parent a3e5de62
Hide whitespace changes
Inline Side-by-side
Showing with 189 additions and 147 deletions
src/etc/inc/system.inc
View file @ b2af67a9
......@@ -768,20 +768,14 @@ function system_syslogd_start()
$syslogcfg = $config['syslog'];
if (file_exists("/var/run/booting"))
echo gettext("Starting syslog...");
// Which logging type are we using this week??
if (isset($config['system']['disablesyslogclog'])) {
$log_directive = "";
$log_create_directive = "/usr/bin/touch ";
$log_size = "";
} else { // Defaults to CLOG
$log_directive = "%";
$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : "10240";
$log_create_directive = "/usr/local/sbin/clog -i -s ";
if (file_exists('/var/run/booting')) {
echo gettext('Starting syslog...');
}
$log_directive = '%';
$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : '511488';
$log_create_directive = '/usr/local/sbin/clog -i -s ';
$syslogd_extra = "";
if (isset($syslogcfg)) {
$separatelogfacilities = array('ntp','ntpd','ntpdate','charon','openvpn','pptps','poes','l2tps','relayd','hostapd','dnsmasq','filterdns','unbound','dhcpd','dhcrelay','dhclient','dhcp6c','apinger','radvd','routed','olsrd','zebra','ospfd','bgpd','miniupnpd','filterlog');
......
src/etc/rc
View file @ b2af67a9
......@@ -165,7 +165,6 @@ rm -rf /tmp/*
chmod 1777 /tmp
echo -n "."
DISABLESYSLOGCLOG=`/usr/bin/grep -c disablesyslogclog /conf/config.xml`
LOG_FILES="system filter dhcpd vpn pptps poes l2tps openvpn portalauth ipsec ppps relayd wireless lighttpd ntpd gateways resolver routing"
DEFAULT_LOG_FILE_SIZE=`/usr/local/bin/xmllint --xpath 'string(//opnsense/syslog/logfilesize)' /conf/config.xml`
......@@ -174,12 +173,8 @@ if [ ! ${DEFAULT_LOG_FILE_SIZE} ]; then
fi
for logfile in $LOG_FILES; do
if [ "$DISABLESYSLOGCLOG" -gt "0" ]; then
touch /var/log/$logfile.log
else
if [ ! -f /var/log/$logfile.log ]; then
clog -i -s ${DEFAULT_LOG_FILE_SIZE} /var/log/$logfile.log
fi
if [ ! -f /var/log/$logfile.log ]; then
clog -i -s ${DEFAULT_LOG_FILE_SIZE} /var/log/$logfile.log
fi
chmod 0600 /var/log/$logfile.log
done
......
src/www/diag_logs.php
View file @ b2af67a9
......@@ -41,7 +41,7 @@ if (empty($config['syslog']['nentries'])) {
}
if (isset($_POST['clear'])) {
clear_log_file($system_logfile);
clear_clog($system_logfile);
}
if ($_GET['filtertext']) {
......
src/www/diag_logs_auth.php
View file @ b2af67a9
......@@ -41,7 +41,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($portal_logfile);
clear_clog($portal_logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("Portal Auth"));
......
src/www/diag_logs_dhcp.php
View file @ b2af67a9
......@@ -42,7 +42,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($dhcpd_logfile);
clear_clog($dhcpd_logfile);
killbyname("dhcpd");
services_dhcpd_configure();
}
......
src/www/diag_logs_filter.php
View file @ b2af67a9
......@@ -586,9 +586,8 @@ if (isset($filterlogentries_qty) && $filterlogentries_qty != null) {
$nentries = $filterlogentries_qty;
}
if (isset($_POST['clear'])) {
clear_log_file($filter_logfile);
clear_clog($filter_logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("Firewall"));
......@@ -599,7 +598,6 @@ include("head.inc");
<script src="/javascript/filter_log.js" type="text/javascript"></script>
<body>
<?php include("fbegin.inc"); ?>
......
src/www/diag_logs_filter_dynamic.php
View file @ b2af67a9
......@@ -42,7 +42,7 @@ $nentries = 50;
handle_ajax($nentries, $nentries + 20);
if (isset($_POST['clear'])) {
clear_log_file($filter_logfile);
clear_clog($filter_logfile);
}
$filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100);
......
src/www/diag_logs_filter_summary.php
View file @ b2af67a9
<?php
/*
Copyright (C) 2014-2015 Deciso B.V. - J. Schellevis
Copyright (C) 2009 Jim Pingle (jpingle@gmail.com)
......
src/www/diag_logs_gateways.php
View file @ b2af67a9
......@@ -43,7 +43,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($system_logfile);
clear_clog($system_logfile);
}
if ($_GET['filtertext']) {
......
src/www/diag_logs_ipsec.php
View file @ b2af67a9
......@@ -34,25 +34,6 @@ require_once("services.inc");
require_once("system.inc");
require_once("interfaces.inc");
function return_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "", $grepreverse = false) {
global $g, $config;
$sor = (isset($config['syslog']['reverse']) || $grepreverse) ? "-r" : "";
$logarr = "";
$grepline = " ";
if(is_array($grepfor))
$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
if(is_array($grepinvert))
$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
if($config['system']['disablesyslogclog']) {
exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
} else {
exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
}
return($logarr);
}
$ipsec_logfile = '/var/log/ipsec.log';
if (empty($config['syslog']['nentries'])) {
......@@ -62,18 +43,15 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($ipsec_logfile);
clear_clog($ipsec_logfile);
}
$ipsec_logarr = return_clog($ipsec_logfile, $nentries);
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("IPsec VPN"));
$shortcut_section = "ipsec";
include("head.inc");
?>
<body>
<?php include("fbegin.inc"); ?>
......@@ -96,17 +74,7 @@ include("head.inc");
<div class="table-responsive">
<table class="table table-striped table-sort">
<?php
foreach($ipsec_logarr as $logent){
$logent = htmlspecialchars($logent);
$logent = preg_split("/\s+/", $logent, 6);
echo "<tr valign=\"top\">\n";
$entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3)));
echo "<td class=\"listlr nowrap\">" . $entry_date_time . "</td>\n";
echo "<td class=\"listr\">" . $logent[4] . " " . $logent[5] . "</td>\n";
echo "</tr>\n";
}
?>
<?php dump_clog($ipsec_logfile, $nentries); ?>
</table>
</div>
......
src/www/diag_logs_ntpd.php
View file @ b2af67a9
......@@ -43,7 +43,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($ntpd_logfile);
clear_clog($ntpd_logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("NTP"));
......
src/www/diag_logs_openvpn.php
View file @ b2af67a9
......@@ -46,7 +46,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($openvpn_logfile);
clear_clog($openvpn_logfile);
}
include("head.inc");
......
src/www/diag_logs_pills.php
View file @ b2af67a9
<?php
/*
Copyright (C) 2014 Deciso B.V.
All rights reserved.
......
src/www/diag_logs_ppp.php
View file @ b2af67a9
......@@ -41,7 +41,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($ppps_logfile);
clear_clog($ppps_logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("PPP"));
......
src/www/diag_logs_proxy.php
View file @ b2af67a9
<?php
/*
Copyright (C) 2015 Deciso B.V.
All rights reserved.
......@@ -26,6 +27,7 @@
*/
require_once("guiconfig.inc");
require_once("system.inc");
$logfile = '/var/log/squid/cache.log';
......@@ -36,10 +38,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
// trash log file
$handle = fopen($logfile, 'r+');
ftruncate($handle, 0);
fclose($handle);
clear_log($logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("Proxy"));
......@@ -57,12 +56,12 @@ include("head.inc");
<? include('diag_logs_tabs.inc'); ?>
<div class="tab-content content-box col-xs-12">
<div class="container-fluid">
<p> <?php printf(gettext("Last %s log entries"), $max_logentries);?></p>
<pre><?php
if (file_exists($logfile)) {
echo trim(implode("", array_slice(file($logfile), -$max_logentries)));
}
?></pre>
<p><?php printf(gettext("Last %s Proxy log entries"), $nentries);?></p>
<div class="table-responsive">
<table class="table table-striped table-sort">
<?php dump_log($logfile, $nentries); ?>
</table>
</div>
<form method="post">
<input name="clear" type="submit" class="btn" value="<?= gettext("Clear log");?>" />
</form>
......
src/www/diag_logs_relayd.php
View file @ b2af67a9
......@@ -42,7 +42,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($relayd_logfile);
clear_clog($relayd_logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("Load Balancer"));
......
src/www/diag_logs_resolver.php
View file @ b2af67a9
......@@ -43,7 +43,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($system_logfile);
clear_clog($system_logfile);
}
if ($_GET['filtertext']) {
......
src/www/diag_logs_routing.php
View file @ b2af67a9
......@@ -40,7 +40,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($routing_logfile);
clear_clog($routing_logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("Routing"));
......
src/www/diag_logs_settings.php
View file @ b2af67a9
<?php
/*
Copyright (C) 2014 Deciso B.V.
Copyright (C) 2004-2009 Scott Ullrich
......@@ -38,22 +39,45 @@ function clear_all_log_files()
{
killbyname('syslogd');
$clog_files = array(
'dhcpd',
'filter',
'gateways',
'ipsec',
'l2tps',
'lighttpd',
'ntpd',
'openvpn',
'poes',
'portalauth',
'ppps',
'pptps',
'relayd',
'resolver',
'routing',
'system',
'vpn',
'wireless',
);
foreach ($clog_files as $lfile) {
clear_clog("/var/log/{$lfile}.log", false);
}
$log_files = array(
"system", "filter", "dhcpd", "vpn", "pptps", "poes", "l2tps", "openvpn", "portalauth",
"ipsec", "ppps", "relayd", "wireless", "lighttpd", "ntpd", "gateways", "resolver", "routing"
'squid/access',
'squid/cache',
);
foreach ($log_files as $lfile) {
clear_log_file("/var/log/{$lfile}.log", false);
foreach ($clog_files as $lfile) {
clear_log("/var/log/{$lfile}.log", false);
}
system_syslogd_start();
killbyname("dhcpd");
killbyname('dhcpd');
services_dhcpd_configure();
}
$pconfig['reverse'] = isset($config['syslog']['reverse']);
$pconfig['nentries'] = $config['syslog']['nentries'];
$pconfig['remoteserver'] = $config['syslog']['remoteserver'];
......
src/www/diag_logs_tabs.inc
View file @ b2af67a9
<?php
/*
Copyright (C) 2014 Deciso B.V.
All rights reserved.
......@@ -24,19 +25,19 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
$active_tab = isset($active_tab) ? $active_tab : $_SERVER['PHP_SELF'];
$tab_array = array();
$tab_array[] = array(gettext("System"), $active_tab == "/diag_logs.php", "diag_logs.php");
$tab_array[] = array(gettext("Firewall"), $active_tab == "/diag_logs_filter.php", "diag_logs_filter.php");
$tab_array[] = array(gettext("DHCP"), $active_tab == "/diag_logs_dhcp.php", "diag_logs_dhcp.php");
$tab_array[] = array(gettext("Portal Auth"), $active_tab == "/diag_logs_auth.php", "diag_logs_auth.php");
$tab_array[] = array(gettext("IPsec"), $active_tab == "/diag_logs_ipsec.php", "diag_logs_ipsec.php");
$tab_array[] = array(gettext("PPP"), $active_tab == "/diag_logs_ppp.php", "diag_logs_ppp.php");
$tab_array[] = array(gettext("VPN"), $active_tab == "/diag_logs_vpn.php", "diag_logs_vpn.php");
$tab_array[] = array(gettext("Load Balancer"), $active_tab == "/diag_logs_relayd.php", "diag_logs_relayd.php");
$tab_array[] = array(gettext("OpenVPN"), $active_tab == "/diag_logs_openvpn.php", "diag_logs_openvpn.php");
$tab_array[] = array(gettext("NTP"), $active_tab == "/diag_logs_ntpd.php", "diag_logs_ntpd.php");
$tab_array[] = array(gettext("Proxy"), $active_tab == "/diag_logs_proxy.php", "diag_logs_proxy.php");
$tab_array[] = array(gettext("Settings"), $active_tab == "/diag_logs_settings.php", "diag_logs_settings.php");
display_top_tabs($tab_array);
?>
$active_tab = isset($active_tab) ? $active_tab : $_SERVER['PHP_SELF'];
$tab_array = array();
$tab_array[] = array(gettext("System"), $active_tab == "/diag_logs.php", "diag_logs.php");
$tab_array[] = array(gettext("Firewall"), $active_tab == "/diag_logs_filter.php", "diag_logs_filter.php");
$tab_array[] = array(gettext("DHCP"), $active_tab == "/diag_logs_dhcp.php", "diag_logs_dhcp.php");
$tab_array[] = array(gettext("Portal Auth"), $active_tab == "/diag_logs_auth.php", "diag_logs_auth.php");
$tab_array[] = array(gettext("IPsec"), $active_tab == "/diag_logs_ipsec.php", "diag_logs_ipsec.php");
$tab_array[] = array(gettext("PPP"), $active_tab == "/diag_logs_ppp.php", "diag_logs_ppp.php");
$tab_array[] = array(gettext("VPN"), $active_tab == "/diag_logs_vpn.php", "diag_logs_vpn.php");
$tab_array[] = array(gettext("Load Balancer"), $active_tab == "/diag_logs_relayd.php", "diag_logs_relayd.php");
$tab_array[] = array(gettext("OpenVPN"), $active_tab == "/diag_logs_openvpn.php", "diag_logs_openvpn.php");
$tab_array[] = array(gettext("NTP"), $active_tab == "/diag_logs_ntpd.php", "diag_logs_ntpd.php");
$tab_array[] = array(gettext("Proxy"), $active_tab == "/diag_logs_proxy.php", "diag_logs_proxy.php");
$tab_array[] = array(gettext("Settings"), $active_tab == "/diag_logs_settings.php", "diag_logs_settings.php");
display_top_tabs($tab_array);
src/www/diag_logs_vpn.php
View file @ b2af67a9
......@@ -66,10 +66,11 @@ switch ($vpntype) {
}
if ($_POST['clear']) {
if ($mode != "raw")
clear_log_file("/var/log/vpn.log");
else
clear_log_file("/var/log/{$logname}.log");
if ($mode != "raw") {
clear_clog("/var/log/vpn.log");
} else {
clear_clog("/var/log/{$logname}.log");
}
}
function dump_clog_vpn($logfile, $tail) {
......
src/www/diag_logs_wireless.php
View file @ b2af67a9
......@@ -42,7 +42,7 @@ if (empty($config['syslog']['nentries'])) {
}
if ($_POST['clear']) {
clear_log_file($wireless_logfile);
clear_clog($wireless_logfile);
}
$pgtitle = array(gettext("Status"),gettext("System logs"),gettext("Wireless"));
......
src/www/guiconfig.inc
View file @ b2af67a9
......@@ -347,59 +347,121 @@ function update_changedesc($update) {
$changecount++;
}
function clear_log_file($logfile = '/var/log/system.log', $restart_syslogd = true)
function clear_log($logfile, $restart_syslogd = true)
{
global $config, $g;
if ($restart_syslogd)
exec("/usr/bin/killall syslogd");
if(isset($config['system']['disablesyslogclog'])) {
unlink($logfile);
touch($logfile);
} else {
$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : "511488";
exec("/usr/local/sbin/clog -i -s {$log_size} " . escapeshellarg($logfile));
if ($restart_syslogd) {
killbyname('syslogd');
}
foreach (glob($logfile . '.*') as $rotated) {
@unlink($rotated);
}
/* preserve file ownership and permissions */
$handle = fopen($logfile, 'r+');
if ($handle) {
ftruncate($handle, 0);
fclose($handle);
}
if ($restart_syslogd) {
system_syslogd_start();
}
}
function dump_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "") {
global $g, $config;
$sor = isset($config['syslog']['reverse']) ? "-r" : "";
$logarr = "";
$grepline = " ";
if(is_array($grepfor))
function clear_clog($logfile, $restart_syslogd = true)
{
global $config;
if ($restart_syslogd) {
killbyname('syslogd');
}
$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : '511488';
mwexecf('/usr/local/sbin/clog -i -s %s %s', array($log_size, $logfile));
if ($restart_syslogd) {
system_syslogd_start();
}
}
function print_dump($logarr, $withorig)
{
global $config;
foreach ($logarr as $logent) {
$logent = preg_split("/\s+/", $logent, 6);
echo "<tr valign=\"top\">\n";
if ($withorig) {
$entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3)));
$entry_text = ($logent[3] == $config['system']['hostname']) ? "" : $logent[3] . " ";
$entry_text .= htmlspecialchars($logent[4] . " " . $logent[5]);
echo "<td class=\"listlr nowrap\">{$entry_date_time}</td>\n";
echo "<td class=\"listr\">{$entry_text}</td>\n";
} else {
echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
}
echo "</tr>\n";
}
}
function dump_clog($logfile, $tail, $withorig = true, $grepfor = '', $grepinvert = '')
{
global $config;
$sor = isset($config['syslog']['reverse']) ? '-r' : '';
$grepline = ' ';
$logarr = '';
if (is_array($grepfor)) {
$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
if(is_array($grepinvert))
}
if (is_array($grepinvert)) {
$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
}
if (is_dir($logfile)) {
$logarr = array("File $logfile is a directory.");
} elseif (file_exists($logfile) && filesize($logfile) == 0) {
} elseif (!file_exists($logfile)) {
$logarr = array("File $logfile doesn't exist.");
} elseif (filesize($logfile) == 0) {
$logarr = array("Log file started.");
} else {
if($config['system']['disablesyslogclog']) {
exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
} else {
exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
}
}
foreach ($logarr as $logent) {
$logent = preg_split("/\s+/", $logent, 6);
echo "<tr valign=\"top\">\n";
if ($withorig) {
$entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3)));
$entry_text = ($logent[3] == $config['system']['hostname']) ? "" : $logent[3] . " ";
$entry_text .= htmlspecialchars($logent[4] . " " . $logent[5]);
echo "<td class=\"listlr nowrap\">{$entry_date_time}</td>\n";
echo "<td class=\"listr\">{$entry_text}</td>\n";
} else {
echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
}
echo "</tr>\n";
exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
}
print_dump($logarr, $withorig);
}
function dump_log($logfile, $tail, $withorig = true, $grepfor = '', $grepinvert = '')
{
global $config;
$sor = isset($config['syslog']['reverse']) ? '-r' : '';
$grepline = ' ';
$logarr = '';
if (is_array($grepfor)) {
$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
}
if (is_array($grepinvert)) {
$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
}
if (is_dir($logfile)) {
$logarr = array("File $logfile is a directory.");
} elseif (!file_exists($logfile)) {
$logarr = array("File $logfile doesn't exist.");
} elseif (filesize($logfile) == 0) {
$logarr = array("Log file started.");
} else {
exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
}
print_dump($logarr, $withorig);
}
/* Check if variable has changed, update and log if it has
* returns true if var changed
......@@ -523,9 +585,10 @@ function is_specialnet($net) {
* RESULT
* null
******/
function display_top_tabs(& $tab_array, $no_drop_down = false) {
function display_top_tabs(& $tab_array, $no_drop_down = false)
{
global $config;
global $g;
$tab_array_char_limit = 92;
/* does the user have access to this tab?
......@@ -583,9 +646,6 @@ function display_top_tabs(& $tab_array, $no_drop_down = false) {
}
}
$timezone = $config['system']['timezone'];
if (!$timezone) {
$timezone = 'Etc/UTC';
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023