001: package snow.sys;
002:
003: import snow.utils.DateUtils;
004: import java.awt.event.*;
005: import java.awt.Insets;
006: import java.awt.FlowLayout;
007: import java.awt.EventQueue;
008: import snow.utils.gui.GUIUtils;
009: import java.awt.BorderLayout;
010: import javax.swing.*;
011: import java.util.*;
012: import snow.sortabletable.*;
013: import java.util.Locale;
014: import java.util.Date;
015: import java.text.SimpleDateFormat;
016: import java.util.Scanner;
017: import java.io.*;
018:
019: public final class KerioExplorer {
020:
021: public KerioExplorer() {
022:
023: }
024:
025: public static JPanel createKerioTab(final File lf) {
026: final JPanel f = new JPanel(new BorderLayout());
027:
028: final STableMod sm = new STableMod();
029: SortableTableModel stm = new SortableTableModel(sm);
030: JTable t = new JTable(stm);
031: stm.installGUI(t);
032:
033: f.add(new JScrollPane(t), BorderLayout.CENTER);
034:
035: MultiSearchPanel asp = new MultiSearchPanel("", null, stm);
036: f.add(asp, BorderLayout.NORTH);
037:
038: JPanel cp = new JPanel(new FlowLayout(FlowLayout.LEFT, 3, 2));
039: f.add(cp, BorderLayout.SOUTH);
040:
041: final JButton upd = new JButton("update");
042: upd.setMargin(new Insets(0, 0, 0, 0));
043: cp.add(upd);
044:
045: final JCheckBox groupSames = new JCheckBox(" group same", false);
046: cp.add(groupSames);
047:
048: final JComboBox cbTime = new JComboBox(new String[] {
049: "last 5 min", "last hour", "all" });
050:
051: //final JCheckBox cb5m = new JCheckBox("Last 5 minutes only", true);
052: cp.add(cbTime);
053:
054: final JLabel status = new JLabel("");
055: cp.add(status);
056:
057: final ActionListener updater = new ActionListener() {
058: public void actionPerformed(ActionEvent ae) {
059: upd.setEnabled(false);
060:
061: final Thread th = new Thread() {
062: public void run() {
063: final List<Entry> en = new ArrayList<Entry>();
064: Map<String, Entry> quickID1 = new HashMap<String, Entry>();
065: int n = 0;
066: try {
067:
068: final BufferedReader fr = new BufferedReader(
069: new FileReader(lf));
070: String line = null;
071:
072: while ((line = fr.readLine()) != null) {
073: n++;
074: if (n % 1000 == 0) {
075: status.setText(" " + n
076: + " lines read...");
077: }
078: //if(n==100) break;
079: Entry eni = new Entry(line);
080:
081: if (cbTime.getSelectedIndex() == 0) {
082: if (System.currentTimeMillis()
083: - eni.time > 1000 * 5 * 60)
084: continue;
085: } else if (cbTime.getSelectedIndex() == 1) {
086: if (System.currentTimeMillis()
087: - eni.time > 1000 * 3600)
088: continue;
089: }
090:
091: if (groupSames.isSelected()) {
092: Entry old = quickID1.get(eni
093: .uniqueID1());
094: if (old != null) {
095: eni.count += old.count;
096: }
097: quickID1.put(eni.uniqueID1(), eni);
098: }
099: en.add(eni);
100: }
101:
102: EventQueue.invokeLater(new Runnable() {
103: public void run() {
104: sm.setEntries(en);
105: }
106: });
107:
108: } catch (Exception e) {
109: e.printStackTrace();
110: } finally {
111: quickID1.clear();
112: status.setText(" " + en.size()
113: + " entries");
114: en.clear();
115: upd.setEnabled(true);
116: }
117: }
118: };
119: th.start();
120:
121: }
122: };
123:
124: upd.addActionListener(updater);
125: groupSames.addActionListener(updater);
126: cbTime.addActionListener(updater);
127: updater.actionPerformed(null);
128:
129: return f;
130: }
131:
132: public static Entry getWithID1(final List<Entry> entries, String id1) {
133: for (final Entry ei : entries) {
134: if (ei.uniqueID1().equals(id1))
135: return ei;
136: }
137: return null;
138: }
139:
140: /** = a line in the firewall log. */
141: static class Entry {
142: /* windows firewall
143: long count = 1;
144: String type, prot, ip1, ip2, port1, port2, rest;
145: long time;
146: long size = 0;*/
147:
148: final String nb; // = "1" or "2"; // ?
149: final String rule;
150: final long time;
151: final String action;
152: int count = 1;
153: final String src, dest, prot;
154: String rest;
155:
156: /** To group similar calls...
157: */
158: public String uniqueID1() {
159: return rule + ":" + src + ":" + dest + ":" + prot;
160: }
161:
162: static String sysRoot = System.getenv("SystemRoot");
163:
164: public Entry(final String line) throws Exception {
165: SimpleDateFormat df = new SimpleDateFormat(
166: "dd/MMM/yyyy HH:mm:ss", Locale.ENGLISH);
167:
168: //System.out.println(""+line);
169: Scanner sc = new Scanner(line);
170: sc.useDelimiter(",");
171: nb = sc.next();
172: sc.useDelimiter("]");
173: String stime = sc.next().substring(2); // forget the ",[" at beginning
174: time = df.parse(stime).getTime();
175: //System.out.println(new Date(time));
176: sc.useDelimiter(":");
177: rule = sc.next().substring(8);
178: //System.out.println("r="+rule);
179:
180: action = sc.next();
181: //System.out.println("a="+action);
182:
183: sc.useDelimiter(",");
184: prot = sc.next().substring(5);
185:
186: String srcDest = sc.next();
187: /*System.out.println("s="+src);
188: dest = sc.next();
189: System.out.println("d="+dest);*/
190:
191: int pos = srcDest.indexOf("->");
192: if (pos < 0) {
193: src = srcDest;
194: dest = "?";
195: } else {
196: src = srcDest.substring(0, pos);
197: dest = srcDest.substring(pos + 2);
198: }
199:
200: rest = sc.nextLine().substring(9).trim();
201:
202: if (rest.startsWith(sysRoot)) {
203: // simplify a little bit.
204: rest = rest.substring(sysRoot.length());
205: }
206: }
207: }
208:
209: static class STableMod extends FineGrainTableModel {
210: final SimpleDateFormat df = new SimpleDateFormat(
211: "dd-MM-yyyy HH:mm:ss", Locale.ENGLISH);
212: final List<Entry> entries = new ArrayList<Entry>();
213:
214: public final Object getValueAt(final int row, final int col) {
215:
216: Entry ei = null;
217: synchronized (entries) {
218: if (row < 0 || row > entries.size())
219: return "bad row " + row;
220: ei = entries.get(row);
221: }
222:
223: if (col == 0)
224: return df.format(ei.time);
225: if (col == 1)
226: return ei.action;
227: if (col == 2)
228: return ei.count;
229: if (col == 3)
230: return ei.rule;
231:
232: if (col == 4)
233: return ei.src;
234: if (col == 5)
235: return ei.dest;
236:
237: if (col == 6)
238: return ei.prot;
239: if (col == 7)
240: return ei.rest;
241:
242: return "?";
243: }
244:
245: public void setEntries(final List<Entry> ne) {
246: this .fireTableModelWillChange();
247: synchronized (entries) {
248: entries.clear();
249: entries.addAll(ne);
250: }
251: this .fireTableDataChanged();
252: this .fireTableModelHasChanged();
253: }
254:
255: public void keepOnlyLastXXMinutes(int m) {
256: this .fireTableModelWillChange();
257: int rem = 0;
258: synchronized (entries) {
259: for (int i = entries.size() - 1; i >= 0; i--) {
260: if (System.currentTimeMillis()
261: - entries.get(i).time > m * 1000 * 60) {
262: entries.remove(i);
263: rem++;
264: }
265: }
266: }
267: System.out.println("removed " + rem + " entries");
268: this .fireTableDataChanged();
269: this .fireTableModelHasChanged();
270: }
271:
272: public final int getRowCount() {
273: synchronized (entries) {
274: return entries.size();
275: }
276: }
277:
278: public final int getColumnCount() {
279: return 8;
280: }
281:
282: final private String[] COLUMN_NAMES = new String[] { "time",
283: "type", "calls", "rule", "src", "dest", "prot", "owner" };
284:
285: int[] COLUMN_PREFERED_SIZES = new int[] { 15, 8, 5, 8, 20, 20,
286: 5, 25 };
287:
288: @Override
289: public int getPreferredColumnWidth(int column) {
290: if (column >= 0 && column < COLUMN_PREFERED_SIZES.length)
291: return COLUMN_PREFERED_SIZES[column];
292: return -1;
293: }
294:
295: @Override
296: public String getColumnName(int col) {
297: return COLUMN_NAMES[col];
298: }
299:
300: }
301:
302: public static void main(String[] args) {
303: File fi = new File(System.getenv("ProgramFiles"),
304: "/Kerio/Personal Firewall/filter.log");
305: JFrame f = new JFrame("Kerio Explorer");
306: f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
307: f.setSize(1024, 600);
308: f.setContentPane(createKerioTab(fi));
309: f.setLocationRelativeTo(null);
310: f.setVisible(true);
311:
312: }
313:
314: }
|