- core/framework/flag.sh: flag::define, flag::parse, accessors - core/framework/hook.sh: hook::on, hook::fire, hook::off, hook::has - core/framework/help.sh: help::section, command::help::auto - core/framework/command.sh: command::define, command::route, lazy loading - core restructure: framework/ + app/ separation - load_command: directory-based command detection - command::exists: accepts new-style commands - command::run: routing for new-style, legacy fallback - commands/logs/: migrated to new framework - logs.sh: router + command::define - show.sh: flag::define + flag::parse, no manual case blocks - clean.sh: flag::define + flag::parse - remove.sh: flag::define + flag::parse - rotate.sh: flag::define + flag::parse - logs clean: fix dry_run bool to int conversion - ctx::json_helper: fixed path after core restructure - PYTHONPATH: exported in app/core.sh
504 lines
No EOL
16 KiB
Bash
504 lines
No EOL
16 KiB
Bash
#!/usr/bin/env bash
|
|
# commands/logs/show.sh
|
|
|
|
FW_EVENTS_LOG="$(ctx::fw_events_log)"
|
|
WG_EVENTS_LOG="$(ctx::events_log)"
|
|
|
|
function cmd::logs::show::on_load() {
|
|
command::mixin json_output [section="Output"]
|
|
|
|
help::section "Filters"
|
|
flag::define --name value "Filter by peer name" [label="name", section="Filters"]
|
|
flag::define --type value "Filter by device type" [label="type", section="Filters"]
|
|
flag::define --since value "Show events since (2h, 7d)" [label="time", section="Filters"]
|
|
flag::define --service value "Filter by service/IP" [label="service", section="Filters"]
|
|
flag::define --event value "Filter wg events" [label="type", section="Filters"]
|
|
flag::define --fw bool "Show firewall drops only" [section="Filters"]
|
|
flag::define --wg bool "Show WireGuard events only" [section="Filters"]
|
|
flag::define --merged bool "Show all events interleaved" [section="Filters"]
|
|
|
|
help::section "Output"
|
|
flag::define --limit value "Max results per source" [default=50, type=int, min=1, section="Output"]
|
|
flag::define --ascending bool "Sort ascending" [section="Output"]
|
|
flag::define --descending bool "Sort descending" [section="Output"]
|
|
flag::define --resolved bool "Resolve endpoints" [section="Output"]
|
|
flag::define --detailed bool "Show per-event detail" [section="Output"]
|
|
flag::define --raw bool "Skip service resolution" [section="Output"]
|
|
flag::define --follow bool "Follow live" [section="Output"]
|
|
|
|
flag::exclusive --fw --wg
|
|
flag::exclusive --ascending --descending
|
|
}
|
|
|
|
function cmd::logs::show::run() {
|
|
flag::parse "$@" || return 1
|
|
|
|
local name; name=$(flag::value --name)
|
|
local type; type=$(flag::value --type)
|
|
local limit; limit=$(flag::value --limit)
|
|
local since; since=$(flag::value --since)
|
|
local filter_service; filter_service=$(flag::value --service)
|
|
local filter_event; filter_event=$(flag::value --event)
|
|
local net_file=""
|
|
|
|
local fw_only=false wg_only=false merged=false
|
|
local follow=false raw=false resolved=false detailed=false
|
|
flag::bool --fw && fw_only=true
|
|
flag::bool --wg && wg_only=true
|
|
flag::bool --merged && merged=true
|
|
flag::bool --follow && follow=true
|
|
flag::bool --raw && raw=true
|
|
flag::bool --resolved && resolved=true
|
|
flag::bool --detailed && detailed=true
|
|
|
|
local sort_order="desc"
|
|
flag::bool --ascending && sort_order="asc"
|
|
flag::bool --descending && sort_order="desc"
|
|
|
|
local collapse=1
|
|
$detailed && collapse=0
|
|
|
|
if [[ -n "$name" && -n "$type" ]]; then
|
|
name=$(peers::resolve_and_require "$name" "$type") || return 1
|
|
fi
|
|
|
|
local filter_ip=""
|
|
if [[ -n "$name" ]]; then
|
|
filter_ip=$(peers::get_ip "$name")
|
|
[[ -z "$filter_ip" ]] && log::error "Could not find IP for: $name" && return 1
|
|
fi
|
|
|
|
$fw_only && $wg_only && fw_only=false && wg_only=false
|
|
|
|
if $follow; then
|
|
cmd::logs::follow "$filter_ip" "$name" "$type" "$fw_only" "$wg_only"
|
|
return
|
|
fi
|
|
|
|
$raw || net_file="$(ctx::net)"
|
|
|
|
local filter_dest_ip="" filter_dest_port=""
|
|
if [[ -n "$filter_service" ]]; then
|
|
if [[ "$filter_service" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+(:[0-9]+)?$ ]]; then
|
|
filter_dest_ip="${filter_service%%:*}"
|
|
local maybe_port="${filter_service##*:}"
|
|
[[ "$maybe_port" != "$filter_dest_ip" ]] && filter_dest_port="$maybe_port"
|
|
else
|
|
local svc_resolved
|
|
svc_resolved=$(net::resolve "$filter_service" 2>/dev/null | head -1)
|
|
if [[ -n "$svc_resolved" ]]; then
|
|
filter_dest_ip="${svc_resolved%%:*}"
|
|
local rest="${svc_resolved#*:}"
|
|
[[ "$rest" != "$filter_dest_ip" ]] && filter_dest_port="${rest%%:*}"
|
|
else
|
|
log::error "Service not found: ${filter_service}"
|
|
return 1
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if $merged; then
|
|
log::section "WireGuard Activity Log"
|
|
printf "\n"
|
|
cmd::logs::show_merged "$filter_ip" "$name" "$type" "$limit" "$net_file" "$since"
|
|
return
|
|
fi
|
|
|
|
local fw_output="" wg_output=""
|
|
|
|
$wg_only || fw_output=$(cmd::logs::show_fw_events \
|
|
"$filter_ip" "$name" "$type" "$limit" "$net_file" \
|
|
"$collapse" "$since" "$filter_dest_ip" "$filter_dest_port" "$sort_order" "$resolved")
|
|
|
|
$fw_only || wg_output=$(cmd::logs::show_wg_events \
|
|
"$filter_ip" "$name" "$type" "$limit" \
|
|
"$collapse" "$since" "$filter_event" "$sort_order" "$resolved")
|
|
|
|
if [[ -z "$(echo "$fw_output" | tr -d '[:space:]')" && \
|
|
-z "$(echo "$wg_output" | tr -d '[:space:]')" ]]; then
|
|
log::wg_warning "No logs found"
|
|
return 0
|
|
fi
|
|
|
|
log::section "WireGuard Activity Log"
|
|
printf "\n"
|
|
|
|
if [[ -n "$fw_output" && -n "$wg_output" ]]; then
|
|
printf "%s\n\n" "$fw_output"
|
|
printf "%s\n" "$wg_output"
|
|
elif [[ -n "$fw_output" ]]; then
|
|
printf "%s\n" "$fw_output"
|
|
else
|
|
printf "%s\n" "$wg_output"
|
|
fi
|
|
}
|
|
|
|
# ── Helpers ───────────────────────────────────────────────────────────────────
|
|
|
|
function cmd::logs::show_fw_events() {
|
|
local filter_ip="${1:-}" filter_name="${2:-}" filter_type="${3:-}" \
|
|
limit="${4:-50}" net_file="${5:-}" collapse="${6:-1}" \
|
|
since="${7:-}" filter_dest_ip="${8:-}" filter_dest_port="${9:-}" \
|
|
sort_order="${10:-desc}" resolved_only="${11:-false}"
|
|
|
|
[[ ! -f "$FW_EVENTS_LOG" ]] && return 0
|
|
|
|
local data
|
|
data=$(json::fw_events \
|
|
"$FW_EVENTS_LOG" "$filter_ip" "$filter_type" \
|
|
"$(ctx::clients)" "${net_file:-}" \
|
|
"$limit" "$collapse" "$since" \
|
|
"$filter_dest_ip" "$filter_dest_port" \
|
|
"$sort_order" \
|
|
2>/dev/null)
|
|
|
|
[[ -z "$data" ]] && return 0
|
|
|
|
# ── Collect unique endpoints for batch resolution ──
|
|
local -a ep_list=()
|
|
while IFS='|' read -r ts client dest_ip dest_port proto svc count src_endpoint; do
|
|
[[ -z "$ts" || -z "$src_endpoint" ]] && continue
|
|
ep_list+=("$src_endpoint")
|
|
done <<< "$data"
|
|
|
|
declare -A resolve_cache=()
|
|
if [[ ${#ep_list[@]} -gt 0 ]]; then
|
|
while IFS='|' read -r ip name; do
|
|
[[ -n "$ip" ]] && resolve_cache["$ip"]="$name"
|
|
done < <(json::batch_resolve "${ep_list[@]}" 2>/dev/null)
|
|
fi
|
|
|
|
# ── Pass 1: measure widths ──
|
|
local w_client=16 w_dest=20 w_endpoint=0
|
|
local resolved_data=""
|
|
|
|
while IFS='|' read -r ts client dest_ip dest_port proto svc count src_endpoint; do
|
|
[[ -z "$ts" ]] && continue
|
|
|
|
(( ${#client} > w_client )) && w_client=${#client}
|
|
|
|
local svc_display=""
|
|
if [[ -n "$svc" ]]; then
|
|
[[ -n "$dest_port" ]] && svc_display="${svc}/${proto}" \
|
|
|| svc_display="${svc} (${proto})"
|
|
else
|
|
[[ -n "$dest_port" ]] && svc_display="${dest_ip}:${dest_port}/${proto}" \
|
|
|| svc_display="${dest_ip} (${proto})"
|
|
fi
|
|
|
|
local measure_len
|
|
if $resolved_only; then
|
|
measure_len=${#svc_display}
|
|
else
|
|
local raw_plain=""
|
|
[[ -n "$svc" && -n "$dest_port" ]] && raw_plain=" (${dest_ip}:${dest_port})"
|
|
[[ -n "$svc" && -z "$dest_port" ]] && raw_plain=" (${dest_ip})"
|
|
measure_len=$(( ${#svc_display} + ${#raw_plain} ))
|
|
fi
|
|
(( measure_len > w_dest )) && w_dest=$measure_len
|
|
|
|
local src_resolved=""
|
|
if [[ -n "$src_endpoint" ]]; then
|
|
src_resolved="${resolve_cache[$src_endpoint]:-}"
|
|
[[ "$src_resolved" == "$src_endpoint" ]] && src_resolved=""
|
|
|
|
local ep_measure_len
|
|
if $resolved_only; then
|
|
ep_measure_len=${#src_resolved}
|
|
[[ -z "$src_resolved" ]] && ep_measure_len=${#src_endpoint}
|
|
else
|
|
ep_measure_len=${#src_endpoint}
|
|
[[ -n "$src_resolved" ]] && \
|
|
ep_measure_len=$(( ${#src_endpoint} + 4 + ${#src_resolved} ))
|
|
fi
|
|
(( ep_measure_len > w_endpoint )) && w_endpoint=$ep_measure_len
|
|
fi
|
|
|
|
resolved_data+="${ts}|${client}|${dest_ip}|${dest_port}|${proto}|${svc}|${count}|${src_endpoint}|${src_resolved}"$'\n'
|
|
done <<< "$data"
|
|
|
|
(( w_client += 2 ))
|
|
(( w_dest += 2 ))
|
|
[[ "$w_endpoint" -gt 0 ]] && (( w_endpoint += 2 ))
|
|
|
|
# ── Pass 2: render ──
|
|
ui::logs::fw_section_header
|
|
while IFS='|' read -r ts client dest_ip dest_port proto svc count src_endpoint src_resolved; do
|
|
[[ -z "$ts" ]] && continue
|
|
ui::logs::fw_row "$ts" "$client" "$dest_ip" "$dest_port" \
|
|
"$proto" "$svc" "$count" "$w_client" "$w_dest" \
|
|
"$src_endpoint" "$src_resolved" "$w_endpoint" "$resolved_only"
|
|
done <<< "$resolved_data"
|
|
printf "\n"
|
|
}
|
|
|
|
function cmd::logs::show_wg_events() {
|
|
local filter_ip="${1:-}" filter_name="${2:-}" filter_type="${3:-}" \
|
|
limit="${4:-50}" collapse="${5:-1}" \
|
|
since="${6:-}" filter_event="${7:-}" sort_order="${8:-desc}" \
|
|
resolved_only="${9:-false}"
|
|
|
|
[[ ! -f "$WG_EVENTS_LOG" ]] && return 0
|
|
|
|
local data
|
|
data=$(json::wg_events \
|
|
"$WG_EVENTS_LOG" "$filter_name" "$filter_type" \
|
|
"$limit" "$collapse" "$since" "$filter_event" \
|
|
"$(ctx::endpoint_cache)" "$sort_order" \
|
|
2>/dev/null)
|
|
|
|
[[ -z "$data" ]] && return 0
|
|
|
|
# ── Collect unique endpoints for batch resolution ──
|
|
local -a ep_list=()
|
|
while IFS='|' read -r ts client endpoint event count gap_seconds; do
|
|
[[ -z "$ts" || -z "$endpoint" ]] && continue
|
|
ep_list+=("$endpoint")
|
|
done <<< "$data"
|
|
|
|
declare -A resolve_cache=()
|
|
if [[ ${#ep_list[@]} -gt 0 ]]; then
|
|
while IFS='|' read -r ip name; do
|
|
[[ -n "$ip" ]] && resolve_cache["$ip"]="$name"
|
|
done < <(json::batch_resolve "${ep_list[@]}" 2>/dev/null)
|
|
fi
|
|
|
|
# ── Measure widths ──
|
|
local w_client=16 w_endpoint=16
|
|
local resolved_data=""
|
|
|
|
while IFS='|' read -r ts client endpoint event count gap_seconds; do
|
|
[[ -z "$ts" ]] && continue
|
|
(( ${#client} > w_client )) && w_client=${#client}
|
|
|
|
local resolved=""
|
|
if [[ -n "$endpoint" ]]; then
|
|
resolved="${resolve_cache[$endpoint]:-}"
|
|
[[ "$resolved" == "$endpoint" ]] && resolved=""
|
|
fi
|
|
|
|
local ep_raw="${endpoint:--}"
|
|
local ep_measure_len
|
|
if $resolved_only; then
|
|
local ep_display="${resolved:-$endpoint}"
|
|
[[ -z "$ep_display" ]] && ep_display="-"
|
|
ep_measure_len=${#ep_display}
|
|
else
|
|
ep_measure_len=${#ep_raw}
|
|
[[ -n "$resolved" && -n "$endpoint" ]] && \
|
|
ep_measure_len=$(( ${#endpoint} + 4 + ${#resolved} ))
|
|
fi
|
|
(( ep_measure_len > w_endpoint )) && w_endpoint=$ep_measure_len
|
|
|
|
resolved_data+="${ts}|${client}|${endpoint}|${event}|${count}|${gap_seconds}|${resolved}"$'\n'
|
|
done <<< "$data"
|
|
|
|
(( w_client += 2 ))
|
|
(( w_endpoint += 2 ))
|
|
|
|
# ── Render ──
|
|
ui::logs::wg_section_header
|
|
while IFS='|' read -r ts client endpoint event count gap_seconds resolved; do
|
|
[[ -z "$ts" ]] && continue
|
|
if $resolved_only; then
|
|
local ep_display="${resolved:-$endpoint}"
|
|
[[ -z "$ep_display" ]] && ep_display="-"
|
|
ui::logs::wg_row "$ts" "$client" "$ep_display" "$event" \
|
|
"$count" "$w_client" "$w_endpoint" "$gap_seconds" ""
|
|
else
|
|
ui::logs::wg_row "$ts" "$client" "$endpoint" "$event" \
|
|
"$count" "$w_client" "$w_endpoint" "$gap_seconds" "$resolved"
|
|
fi
|
|
done <<< "$resolved_data"
|
|
printf "\n"
|
|
}
|
|
|
|
function cmd::logs::show_merged() {
|
|
local filter_ip="${1:-}" filter_name="${2:-}" filter_type="${3:-}" \
|
|
limit="${4:-50}" net_file="${5:-}" since="${6:-}"
|
|
|
|
local fw_data wg_data
|
|
fw_data=$(json::fw_events \
|
|
"$FW_EVENTS_LOG" "$filter_ip" "$filter_type" \
|
|
"$(ctx::clients)" "${net_file:-}" \
|
|
"$limit" "1" "$since" "" "" \
|
|
2>/dev/null)
|
|
wg_data=$(json::wg_events \
|
|
"$WG_EVENTS_LOG" "$filter_name" "$filter_type" \
|
|
"$limit" "1" "$since" "" \
|
|
2>/dev/null)
|
|
|
|
local w_client=16 w_dest=20
|
|
while IFS='|' read -r ts client rest; do
|
|
[[ -z "$ts" ]] && continue
|
|
(( ${#client} > w_client )) && w_client=${#client}
|
|
done < <(echo "$fw_data"; echo "$wg_data")
|
|
(( w_client += 2 ))
|
|
|
|
local merged_data
|
|
merged_data=$(
|
|
while IFS='|' read -r ts client dest_ip dest_port proto svc count; do
|
|
[[ -z "$ts" ]] && continue
|
|
echo "fw|${ts}|${client}|${dest_ip}|${dest_port}|${proto}|${svc}|${count}"
|
|
done <<< "$fw_data"
|
|
while IFS='|' read -r ts client endpoint event count; do
|
|
[[ -z "$ts" ]] && continue
|
|
echo "wg|${ts}|${client}|${endpoint}|${event}|${count}"
|
|
done <<< "$wg_data"
|
|
)
|
|
|
|
while IFS='|' read -r source ts rest; do
|
|
[[ -z "$source" ]] && continue
|
|
case "$source" in
|
|
fw)
|
|
IFS='|' read -r client dest_ip dest_port proto svc count <<< "$rest"
|
|
local dest_display
|
|
if [[ -n "$svc" ]]; then
|
|
[[ -n "$dest_port" ]] && dest_display="${svc}/${proto}" || dest_display="${svc} (${proto})"
|
|
else
|
|
[[ -n "$dest_port" ]] && dest_display="${dest_ip}:${dest_port}/${proto}" || dest_display="${dest_ip} (${proto})"
|
|
fi
|
|
(( ${#dest_display} > w_dest )) && w_dest=${#dest_display}
|
|
;;
|
|
esac
|
|
done <<< "$merged_data"
|
|
(( w_dest += 2 ))
|
|
|
|
while IFS='|' read -r source ts rest; do
|
|
[[ -z "$source" ]] && continue
|
|
case "$source" in
|
|
fw)
|
|
IFS='|' read -r client dest_ip dest_port proto svc count <<< "$rest"
|
|
ui::watch::fw_row "$ts" "$client" \
|
|
"$(ui::logs::build_dest "$dest_ip" "$dest_port" "$proto" "$svc")" \
|
|
"$w_client" "$w_dest"
|
|
;;
|
|
wg)
|
|
IFS='|' read -r client endpoint event count <<< "$rest"
|
|
ui::watch::wg_row "$ts" "$client" "$endpoint" "$event" \
|
|
"$w_client" "$w_dest"
|
|
;;
|
|
esac
|
|
done < <(echo "$merged_data" | sort -t'|' -k2,2)
|
|
|
|
printf "\n"
|
|
}
|
|
|
|
function cmd::logs::follow() {
|
|
local filter_ip="${1:-}" filter_name="${2:-}" filter_type="${3:-}"
|
|
local fw_only="${4:-false}" wg_only="${5:-false}"
|
|
|
|
log::section "WireGuard Live Log (Ctrl+C to stop)"
|
|
printf "\n"
|
|
|
|
local restricted_only=false blocked_only=false
|
|
$fw_only && restricted_only=true
|
|
$wg_only && blocked_only=true
|
|
|
|
monitor::live "$filter_name" "$filter_type" "" \
|
|
"$blocked_only" "$restricted_only" "false" "false"
|
|
}
|
|
|
|
function cmd::logs::remove() {
|
|
local name="" type="" before="" force=false
|
|
local fw_only=false wg_only=false all=false
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--name) name="$2"; shift 2 ;;
|
|
--type) type="$2"; shift 2 ;;
|
|
--before) before="$2"; shift 2 ;;
|
|
--fw) fw_only=true; shift ;;
|
|
--wg) wg_only=true; shift ;;
|
|
--all) all=true; shift ;;
|
|
--force) force=true; shift ;;
|
|
--help) cmd::logs::help; return ;;
|
|
*)
|
|
log::error "Unknown flag: $1"
|
|
return 1
|
|
;;
|
|
esac
|
|
done
|
|
|
|
if ! $all && [[ -z "$name" && -z "$before" ]]; then
|
|
log::error "Specify --name, --before, or --all"
|
|
cmd::logs::help
|
|
return 1
|
|
fi
|
|
|
|
local filter_ip=""
|
|
if [[ -n "$name" ]]; then
|
|
name=$(peers::resolve_and_require "$name" "$type") || return 1
|
|
filter_ip=$(peers::get_ip "$name")
|
|
fi
|
|
|
|
local desc=""
|
|
$all && desc="all entries"
|
|
[[ -n "$name" ]] && desc="entries for '${name}'"
|
|
[[ -n "$before" ]] && desc="${desc:+$desc, }entries older than ${before} days"
|
|
$fw_only && desc="${desc} (fw only)"
|
|
$wg_only && desc="${desc} (wg only)"
|
|
|
|
if ! $force; then
|
|
read -r -p "Remove ${desc}? [y/N] " confirm
|
|
case "$confirm" in
|
|
[yY]*) ;;
|
|
*) log::info "Aborted"; return 0 ;;
|
|
esac
|
|
fi
|
|
|
|
local result
|
|
result=$(json::remove_events_filtered \
|
|
"$WG_EVENTS_LOG" "$FW_EVENTS_LOG" \
|
|
"${name:-}" "${filter_ip:-}" \
|
|
"$fw_only" "$wg_only" \
|
|
"${before:-}")
|
|
|
|
local removed_wg removed_fw
|
|
IFS="|" read -r removed_wg removed_fw <<< "$result"
|
|
local total=$(( removed_wg + removed_fw ))
|
|
|
|
if [[ "$total" -eq 0 ]]; then
|
|
log::wg_warning "No log entries found matching the criteria"
|
|
return 0
|
|
fi
|
|
|
|
log::wg_success "Removed ${total} log entries (wg: ${removed_wg}, fw: ${removed_fw})"
|
|
}
|
|
|
|
function cmd::logs::rotate() {
|
|
local days=7 force=false
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--days) days="$2"; shift 2 ;;
|
|
--force) force=true; shift ;;
|
|
--help) cmd::logs::help; return ;;
|
|
*) log::error "Unknown flag: $1"; return 1 ;;
|
|
esac
|
|
done
|
|
|
|
$force || {
|
|
read -r -p "Remove log entries older than ${days} days? [y/N] " confirm
|
|
case "$confirm" in
|
|
[yY]*) ;;
|
|
*) log::info "Aborted"; return 0 ;;
|
|
esac
|
|
}
|
|
|
|
local result
|
|
result=$(json::remove_events_filtered \
|
|
"$WG_EVENTS_LOG" "$FW_EVENTS_LOG" \
|
|
"" "" "false" "false" "$days")
|
|
|
|
local removed_wg removed_fw
|
|
IFS="|" read -r removed_wg removed_fw <<< "$result"
|
|
local total=$(( removed_wg + removed_fw ))
|
|
|
|
if [[ "$total" -eq 0 ]]; then
|
|
log::wg_warning "No log entries older than ${days} days"
|
|
return 0
|
|
fi
|
|
|
|
log::wg_success "Rotated ${total} entries older than ${days} days (wg: ${removed_wg}, fw: ${removed_fw})"
|
|
} |