mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 22:30:58 +01:00
Add 'scfilter' extension script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
3898edfddb
commit
2fa7e11976
@ -433,6 +433,20 @@ list_zone() {
|
|||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Show Filter
|
||||||
|
#
|
||||||
|
show_connections_filter() {
|
||||||
|
my filter
|
||||||
|
filter=$(find_file scfilter)
|
||||||
|
|
||||||
|
if [ -x $filter ]; then
|
||||||
|
$filter
|
||||||
|
else
|
||||||
|
cat -
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Show Command Executor
|
# Show Command Executor
|
||||||
#
|
#
|
||||||
@ -539,9 +553,13 @@ show_command() {
|
|||||||
echo
|
echo
|
||||||
|
|
||||||
if qt mywhich conntrack ; then
|
if qt mywhich conntrack ; then
|
||||||
conntrack -f ipv4 -L
|
conntrack -f ipv4 -L | show_connections_filter
|
||||||
else
|
else
|
||||||
[ -f /proc/net/ip_conntrack ] && cat /proc/net/ip_conntrack || grep -v '^ipv6' /proc/net/nf_conntrack
|
if [ -f /proc/net/ip_conntrack ]; then
|
||||||
|
cat /proc/net/ip_conntrack | show_connections_filter
|
||||||
|
else
|
||||||
|
grep -v '^ipv6' /proc/net/nf_conntrack | show_connections_filter
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
nat)
|
nat)
|
||||||
|
@ -357,6 +357,20 @@ show_routing() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Show Connections Filter
|
||||||
|
#
|
||||||
|
show_connections_filter() {
|
||||||
|
my filter
|
||||||
|
filter=$(find_file scfilter)
|
||||||
|
|
||||||
|
if [ -x $filter ]; then
|
||||||
|
$filter
|
||||||
|
else
|
||||||
|
cat -
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Show Command Executor
|
# Show Command Executor
|
||||||
#
|
#
|
||||||
@ -451,13 +465,13 @@ show_command() {
|
|||||||
if mywhich conntrack ; then
|
if mywhich conntrack ; then
|
||||||
echo "$g_product $SHOREWALL_VERSION Connections at $g_hostname - $(date)"
|
echo "$g_product $SHOREWALL_VERSION Connections at $g_hostname - $(date)"
|
||||||
echo
|
echo
|
||||||
conntrack -f ipv6 -L
|
conntrack -f ipv6 -L | show_connections_filter
|
||||||
else
|
else
|
||||||
local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
|
local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
|
||||||
local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
|
local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
|
||||||
echo "$g_product $SHOREWALL_VERSION Connections ($count of $max) at $g_hostname - $(date)"
|
echo "$g_product $SHOREWALL_VERSION Connections ($count of $max) at $g_hostname - $(date)"
|
||||||
echo
|
echo
|
||||||
grep '^ipv6' /proc/net/nf_conntrack | sed -r 's/0000:/:/g; s/:::+/::/g; s/:0+/:/g'
|
grep '^ipv6' /proc/net/nf_conntrack | sed -r 's/0000:/:/g; s/:::+/::/g; s/:0+/:/g' | show_connections_filter
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
tos|mangle)
|
tos|mangle)
|
||||||
|
Loading…
Reference in New Issue
Block a user