Sorry it took me so long to reply to this thread - work hit me yesterday. Joey & Brad: Since the original SmoothWall interface is basically browser neutral, I was hoping to keep the mod the same (no Mozilla tabs). I also dislike popups so was hoping to avoid them if possible.
For those interested, here's my plan of attack for this: Was thinking of a layout something like: http://www.kuhns-la.com/smoothwalllog/cgi-bin/raw.html http://www.kuhns-la.com/smoothwalllog/cgi-bin/source.html Each column in the raw view would be a different view into the log and that column would "slide" out to the left and become the branch for the tree. The value in this column would be a link to expand or contract the branch. (if you can't get to these addresses please let me know - I have to go through a DynDNS webhop and sometimes I find they flake out for some browsers) I dug around in the SmoothWall files last night and found that the firewall log appears to be displayed using one cgi perl script (/home/httpd/cgi-bin/logs.cgi/firewalllog.dat) plus a few scripts that generate the header, menus, etc. for the ui. This log display script is EXTREMLY inefficient in my opinion but from what I found last night it seems the only way to correct this would be to revamp the method SmoothWall generates its logs (not a project I'm willing to undertake). It looks like in SmoothWall, all entries (firewall blocks, kernel messages, DHCP messages, deamon starts and stops, etc.) are dumped to one log (/var/log/messages). The script opens the log file, and iterates over EVERY line in the file - if it hits a line with the date you were looking for, it then checks to see if it's the type you're looking for, if it is, it dumps the line to an array and moves to the next line. After finding the lines it needs, it grabs a slice of the array based on what page of the log you are viewing and how many entries to display on the page (to handle the "Newer" and "Older" links at the bottom). It then wraps this slice in html to make it pretty and dumps it to output. By itself this approach isn't too bad, but, it wouldn't scale too well - I guess if you have a scale issue you probably wouldn't be running SmoothWall anyway... I was thinking of "cloning" this script and calling it enhancedfirewalllog.dat, and adding a new item in the logs sub menu called "enhanced firewall ". This way future SmoothWall fixes should have very little impact on the mod - the only things that may be replaced in a new fix would be the files (I believe 2) that generate the new menu item and the changes to them would be minimal so the user could easily reinstall the mod if need be. In the new script, I was thinking of leaving the log scan basically as is but build an index hash as the scan is done - the key for this hash would be based on the view requested and the data for each entry would be an array of the indexes of the entries in the main array that go with that key (whew, did it in one sentence). The first major change would be in how the slice is generated, right now it's a simple slice that starts 1 past the last one you saw and is however many entries you're viewing long. I would have to change this to use the index hash to generate the correct slice. The only tricky part would be to handle the "Older" and "Newer" links (would change them to read "Previous" and "Next"). The slice would have to take into account the expanded/collapsed status of each entry. Tricky but not impossible. Much easier for me to visualize than describe. The second major change would be in how the entries are wrapped in html - tedious but not hard - I'll basically have a template worked out for each entry (see above). Anyone feel free to chime in or criticize - I'm looking for some input here... James -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joey Kelly Sent: Thursday, June 17, 2004 2:32 PM To: [email protected] Subject: Re: [brlug-general] SmoothWall 2.0 log mods On Thursday 17 June 2004 1:36 pm, Alvaro Zuniga spake: > If I were going to do this on the browser, I would probably implement > popups windows rather than a tree. In that manner you can have different > views to compare activity. > Or maybe not popups (which means either javascript or URL targets), I would simply open the links in separate tabs in Mozilla (this requires clue, though). > Alvaro Zuniga --Joey -- Joey Kelly < Minister of the Gospel | Linux Consultant > http://joeykelly.net "I may have invented it, but Bill made it famous." --- David Bradley, the IBM employee that invented CTRL-ALT-DEL _______________________________________________ General mailing list [email protected] http://brlug.net/mailman/listinfo/general_brlug.net
