Subject: dglog: Denied requests show up as allowed
Package: dglog
Version: 1.0-1
Severity: important
Tags: patch
*** Please type your report below this line ***
Looks like Dan's Guardian (dansguardian) has changed the format of the log. The
narsty Perl regexps in dglog.pl don't work anymore. This shows up as denied
requests being shown in reports of allowed requests, and denied requests
reports being empty.
This somewhat dirty patch at least hacks around the problem:
--- a/dglog.pl
+++ b/dglog.pl
@@ -244,16 +244,38 @@ sub checkLine
return if (!($dgDate ge $sSD && $dgDate le $sED));
}
- $url =~ /(\w+):\/\/([\w\.-]+)\/?(\S*)/;
- $protocol = $1; # HTTP, FTP
- $baseurl = $2; # domain part without http:// or ftp://
- return if ($sURL ne "ALL" && $sURL ne $baseurl);
- $toeol =~ /(\*.+\*)? ?(.+)? (\w+) (\d+)$/;
- $action = $1; # *DENIED# or *EXCEPTION* etc., if exists
- $reason = $2; # Reason for #1 if exists
- $method = $3; # method (GET POST)
- $size = $4; # size
- if ($sA ne "ALL") {
+ #bust up the url
+ $url =~ /(\w+):\/\/([\w\.-]+)\/?(\S*)/;
+ $protocol = $1; # HTTP, FTP
+ $baseurl = $2; # domain part without http:// or ftp://
+ #for summaries
+ return if ($sURL ne "ALL" && $sURL ne $baseurl);
+
+ # now bust up the end
+ $reason = "";
+ $urlstatus = "";
+ $method = "";
+ $size = "";
+ $toeol =~ /(\*.+\*)?(.*)$/;
+ $action = $1; # *DENIED# or *EXCEPTION* etc., if exists
+ $bigreason = $2; # also ah hack
+ if($action){
+ $reason = $bigreason;
+ $method = ""; #hack
+ $size = 0; #hack
+ #print "this one has error\n";
+ } else {
+ #$toeol =~ /(\w+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)/ ; # too
complex
+ $toeol =~ /.*?(\w+)\s+(\d+)/;
+ $method = $1;
+ $size = $2;
+ $reason = ""; # there is no reason, it wasn' tdenied!
+ #$result = $5;
+ #$mimetype = $6;
+ }
+
+
+if ($sA ne "ALL") {
return if ($sA eq "denAll" &&
$action ne "*DENIED*");
return if ($sA eq "excAll" &&
-- System Information:
Debian Release: 5.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages dglog depends on:
ii libcompress-zlib-perl 2.012-1 Perl module for creation and manip
ii perl 5.10.0-19lenny2 Larry Wall's Practical Extraction
ii perl-modules 5.10.0-19lenny2 Core Perl modules
dglog recommends no packages.
dglog recommends no packages.
dglog suggests no packages.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
