From e326ad5bc6ebd6ad24cae8254c439057de8f81b5 Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Thu, 14 Sep 2023 18:28:28 +0000 Subject: T5579: show log firewall - Fix command in order to fit new firewall cli structure; extend command options so it can be used on every layer ; use journalctl to get the logs --- op-mode-definitions/show-log.xml.in | 264 +++++++++++++++++++++++++++++++++--- 1 file changed, 242 insertions(+), 22 deletions(-) diff --git a/op-mode-definitions/show-log.xml.in b/op-mode-definitions/show-log.xml.in index 747622db6..a2a210543 100644 --- a/op-mode-definitions/show-log.xml.in +++ b/op-mode-definitions/show-log.xml.in @@ -133,47 +133,267 @@ Show log for Firewall + journalctl --no-hostname --boot -k | egrep "(ipv[46]|bri)-(FWD|INP|OUT|NAM)" - + - Show log for a specified firewall (IPv6) - - firewall ipv6-name - + Show firewall bridge log - cat $(printf "%s\n" /var/log/messages* | sort -nr ) | egrep "\[$5-([0-9]+|default)-[ADR]\]" + journalctl --no-hostname --boot -k | egrep "bri-(FWD|INP|OUT|NAM)" - + + + Show Bridge forward firewall log + + journalctl --no-hostname --boot -k | grep bri-FWD + + + + Show Bridge firewall forward filter + + journalctl --no-hostname --boot -k | grep bri-FWD-filter + + + + Show log for a rule in the specified firewall + + firewall bridge forward filter rule + + + journalctl --no-hostname --boot -k | egrep "\[bri-FWD-filter-$8-[ADRJC]\]" + + + + + + - Show log for a rule in the specified firewall + Show custom Bridge firewall log - firewall ipv6-name ${COMP_WORDS[4]} rule + firewall bridge name - cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e "\[$5-$7-[ADR]\]" + journalctl --no-hostname --boot -k | grep bri-NAM-$6 + + + + Show log for a rule in the specified firewall + + firewall bridge name ${COMP_WORDS[5]} rule + + + journalctl --no-hostname --boot -k | egrep "\[bri-NAM-$6-$8-[ADRJC]\]" + + - - + + - Show log for a specified firewall (IPv4) - - firewall name - + Show firewall IPv4 log - cat $(printf "%s\n" /var/log/messages* | sort -nr ) | egrep "\[$5-([0-9]+|default)-[ADR]\]" + journalctl --no-hostname --boot -k | egrep "ipv4-(FWD|INP|OUT|NAM)" - + - Show log for a rule in the specified firewall + Show firewall IPv4 forward log + + journalctl --no-hostname --boot -k | grep ipv4-FWD + + + + Show firewall IPv4 forward filter log + + journalctl --no-hostname --boot -k | grep ipv4-FWD-filter + + + + Show log for a rule in the specified firewall + + firewall ipv4 forward filter rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv4-FWD-filter-$8-[ADRJC]\]" + + + + + + + + Show firewall IPv4 input log + + journalctl --no-hostname --boot -k | grep ipv4-INP + + + + Show firewall IPv4 input filter log + + journalctl --no-hostname --boot -k | grep ipv4-INP-filter + + + + Show log for a rule in the specified firewall + + firewall ipv4 input filter rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv4-INP-filter-$8-[ADRJC]\]" + + + + + + + + Show custom IPv4 firewall log - firewall name ${COMP_WORDS[4]} rule + firewall ipv4 name - cat $(printf "%s\n" /var/log/messages* | sort -nr) | egrep "\[$5-$7-[ADR]\]" + journalctl --no-hostname --boot -k | grep ipv4-NAM-$6 + + + + Show log for a rule in the specified firewall + + firewall ipv4 name ${COMP_WORDS[5]} rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv4-NAM-$6-$8-[ADRJC]\]" + + + + + Show firewall IPv4 output log + + journalctl --no-hostname --boot -k | grep ipv4-OUT + + + + Show firewall IPv4 output filter log + + journalctl --no-hostname --boot -k | grep ipv4-OUT-filter + + + + Show log for a rule in the specified firewall + + firewall ipv4 output filter rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv4-OUT-filter-$8-[ADRJC]\]" + + + + + - + + + + Show firewall IPv6 log + + journalctl --no-hostname --boot -k | egrep "ipv6-(FWD|INP|OUT|NAM)" + + + + Show firewall IPv6 forward log + + journalctl --no-hostname --boot -k | grep ipv6-FWD + + + + Show firewall IPv6 forward filter log + + journalctl --no-hostname --boot -k | grep ipv6-FWD-filter + + + + Show log for a rule in the specified firewall + + firewall ipv6 forward filter rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv6-FWD-filter-$8-[ADRJC]\]" + + + + + + + + Show firewall IPv6 input log + + journalctl --no-hostname --boot -k | grep ipv6-INP + + + + Show firewall IPv6 input filter log + + journalctl --no-hostname --boot -k | grep ipv6-INP-filter + + + + Show log for a rule in the specified firewall + + firewall ipv6 input filter rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv6-INP-filter-$8-[ADRJC]\]" + + + + + + + + Show custom IPv6 firewall log + + firewall ipv6 name + + + journalctl --no-hostname --boot -k | grep ipv6-NAM-$6 + + + + Show log for a rule in the specified firewall + + firewall ipv6 name ${COMP_WORDS[5]} rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv6-NAM-$6-$8-[ADRJC]\]" + + + + + + Show firewall IPv6 output log + + journalctl --no-hostname --boot -k | grep ipv6-OUT + + + + Show firewall IPv6 output filter log + + journalctl --no-hostname --boot -k | grep ipv6-OUT-filter + + + + Show log for a rule in the specified firewall + + firewall ipv6 output filter rule + + + journalctl --no-hostname --boot -k | egrep "\[ipv6-OUT-filter-$8-[ADRJC]\]" + + + + + + + -- cgit v1.2.3