mgrotke/linuxrouter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Development

Browse source
This commit is contained in:
Matthew Grotke 2026-06-03 00:45:04 -04:00
parent 4a9110cc4c
commit 094847966a
6 changed files with 197 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

12
docker/routlin-dash/app/pages/dnsblocking/content.json
View file

@ -207,6 +207,18 @@
"value": "%GENERAL_LOG_ERRORS_ONLY%", "value": "%GENERAL_LOG_ERRORS_ONLY%",
"hint": "Only write error-level messages to the log." "hint": "Only write error-level messages to the log."
}, },
{
"type": "hr"
},
{
"type": "pre_block",
"text": "%DNS_LOG_TAIL%",
"scroll_to_bottom": true
},
{
"type": "raw_html",
"html": "%DNS_LOG_SUMMARY%"
},
{ {
"type": "button_row", "type": "button_row",
"items": [ "items": [

32
docker/routlin-dash/app/pages/dnsblocking/view.py
View file

@ -1,9 +1,38 @@
import json import json
import os import os
from datetime import datetime, timezone from datetime import datetime, timezone
from config_utils import collect_layout_tokens, load_datasource, fmt_bytes, relative_time, BLOCKLISTS_DIR from config_utils import collect_layout_tokens, load_datasource, fmt_bytes, relative_time, BLOCKLISTS_DIR, CONFIGS_DIR
from factory import e, load_json, build_table, table_token_key, iter_table_items, PAGES_DIR from factory import e, load_json, build_table, table_token_key, iter_table_items, PAGES_DIR
DNS_LOG_FILE = f'{CONFIGS_DIR}/dns-blocklists.log'
DNS_LOG_MAX = 50
def _dnsblocking_log_tail(cfg):
try:
log_max_kb = cfg.get('dns_blocking', {}).get('general', {}).get('log_max_kb', 1024)
size_kb = os.path.getsize(DNS_LOG_FILE) / 1024
with open(DNS_LOG_FILE) as f:
lines = f.readlines()
if not lines:
return '(log is empty)', ''
total = len(lines)
tail = lines[-DNS_LOG_MAX:]
shown = len(tail)
hidden = total - shown
pct = min(100, round(size_kb / log_max_kb * 100)) if log_max_kb else 0
left = f'Showing {shown} of {total} lines ({hidden} not shown)' if hidden > 0 else f'Showing {shown} of {total} lines'
right = f'Log file size: {size_kb:.1f} KB ({pct}% of max)'
summary = (
'<div class="text-muted" style="display:flex;justify-content:space-between;margin-top:0.5em;">'
f'<span>{left}</span><span>{right}</span></div>'
)
return ''.join(tail).strip(), summary
except FileNotFoundError:
return '(log file not found)', ''
except Exception:
return '(error reading log)', ''
def blocklist_stats_html(cfg): def blocklist_stats_html(cfg):
rows = '' rows = ''
@ -50,6 +79,7 @@ def collect_tokens(cfg):
tokens['GENERAL_LOG_ERRORS_ONLY'] = 'true' if dns_blk_gen.get('log_errors_only') else 'false' tokens['GENERAL_LOG_ERRORS_ONLY'] = 'true' if dns_blk_gen.get('log_errors_only') else 'false'
tokens['GENERAL_DAILY_EXECUTE_TIME'] = str(dns_blk_gen.get('daily_execute_time_24hr_local', '-')) tokens['GENERAL_DAILY_EXECUTE_TIME'] = str(dns_blk_gen.get('daily_execute_time_24hr_local', '-'))
tokens['BLOCKLIST_STATS_HTML'] = blocklist_stats_html(cfg) tokens['BLOCKLIST_STATS_HTML'] = blocklist_stats_html(cfg)
tokens['DNS_LOG_TAIL'], tokens['DNS_LOG_SUMMARY'] = _dnsblocking_log_tail(cfg)
tokens['BLOCKLIST_FORMAT_OPTIONS'] = json.dumps([ tokens['BLOCKLIST_FORMAT_OPTIONS'] = json.dumps([
{'value': 'hosts', 'label': 'hosts (hosts file format)'}, {'value': 'hosts', 'label': 'hosts (hosts file format)'},
{'value': 'dnsmasq', 'label': 'dnsmasq (local=/ syntax)'}, {'value': 'dnsmasq', 'label': 'dnsmasq (local=/ syntax)'},

107
docker/routlin-dash/app/pages/radius/action.py
View file

@ -1,5 +1,8 @@
import copy import copy
import gzip
import io
import os import os
import re
from pathlib import Path from pathlib import Path
from flask import Blueprint, request, redirect, flash, send_file, abort, jsonify from flask import Blueprint, request, redirect, flash, send_file, abort, jsonify
from auth import require_level from auth import require_level
@ -73,23 +76,52 @@ def logging_save():
return redirect(f'/{_PAGE}') return redirect(f'/{_PAGE}')
@bp.route('/action/radius/logging_clear', methods=['POST'])
@require_level('administrator')
def logging_clear():
try:
open(RADIUS_LOG_FILE, 'w').close()
flash('RADIUS log cleared.', 'success')
except Exception as ex:
flash(f'Could not clear log: {ex}', 'error')
return redirect(f'/{_PAGE}')
@bp.route('/action/radius/logging_download', methods=['GET']) @bp.route('/action/radius/logging_download', methods=['GET'])
@require_level('administrator') @require_level('administrator')
def logging_download(): def logging_download():
if not os.path.isfile(RADIUS_LOG_FILE): log_dir = os.path.dirname(RADIUS_LOG_FILE)
chunks = []
# Collect radius.log.N.gz files, sorted oldest-first (highest N first)
gz_files = []
for name in os.listdir(log_dir) if os.path.isdir(log_dir) else []:
m = re.fullmatch(r'radius\.log\.(\d+)\.gz', name)
if m:
gz_files.append((int(m.group(1)), os.path.join(log_dir, name)))
for _, path in sorted(gz_files, reverse=True):
try:
with gzip.open(path, 'rb') as f:
chunks.append(f.read())
except OSError:
pass
# radius.log.1 (plain, older than current)
rotated = RADIUS_LOG_FILE + '.1'
if os.path.isfile(rotated):
try:
with open(rotated, 'rb') as f:
chunks.append(f.read())
except OSError:
pass
# radius.log (current)
if os.path.isfile(RADIUS_LOG_FILE):
try:
with open(RADIUS_LOG_FILE, 'rb') as f:
chunks.append(f.read())
except OSError:
pass
if not chunks:
abort(404) abort(404)
return send_file(RADIUS_LOG_FILE, as_attachment=True, download_name='radius.log', mimetype='text/plain')
data = b''.join(chunks)
return send_file(
io.BytesIO(data),
as_attachment=True,
download_name='radius.log',
mimetype='text/plain',
)
@bp.route('/api/radius/log-tail', methods=['GET']) @bp.route('/api/radius/log-tail', methods=['GET'])
@ -98,20 +130,43 @@ def api_log_tail():
try: try:
cfg = load_config() cfg = load_config()
log_max_kb = cfg.get('radius', {}).get('general', {}).get('log_max_kb', 1024) log_max_kb = cfg.get('radius', {}).get('general', {}).get('log_max_kb', 1024)
size_kb = os.path.getsize(RADIUS_LOG_FILE) / 1024
with open(RADIUS_LOG_FILE) as f: current = []
lines = f.readlines() try:
with open(RADIUS_LOG_FILE) as f:
current = f.readlines()
except FileNotFoundError:
pass
prev = []
if len(current) < 50:
try:
with open(RADIUS_LOG_FILE + '.1') as f:
prev = f.readlines()
except FileNotFoundError:
pass
need = max(0, 50 - len(current))
lines = (prev[-need:] if need and prev else []) + current
if not lines: if not lines:
return jsonify({'log': '(log is empty)', 'summary': ''}) return jsonify({'log': '(log is empty)', 'left': '', 'right': ''})
total = len(lines)
tail = lines[-50:] log_dir = os.path.dirname(RADIUS_LOG_FILE)
shown = len(tail) try:
hidden = total - shown size_kb = sum(
pct = min(100, round(size_kb / log_max_kb * 100)) if log_max_kb else 0 os.path.getsize(os.path.join(log_dir, f))
left = f'Showing {shown} of {total} lines ({hidden} not shown)' if hidden > 0 else f'Showing {shown} of {total} lines' for f in os.listdir(log_dir)
right = f'Log file size: {size_kb:.1f} KB ({pct}% of max)' if os.path.isfile(os.path.join(log_dir, f))
) / 1024
except OSError:
size_kb = 0.0
tail = lines[-50:]
pct = min(100, round(size_kb / log_max_kb * 100)) if log_max_kb else 0
note = ' (includes rotated log)' if (prev and need) else ''
left = f'Showing {len(tail)} lines{note}'
right = f'Total log size: {size_kb:.1f} KB ({pct}% of max)'
return jsonify({'log': ''.join(tail).strip(), 'left': left, 'right': right}) return jsonify({'log': ''.join(tail).strip(), 'left': left, 'right': right})
except FileNotFoundError:
return jsonify({'log': '(log file not found)', 'left': '', 'right': ''})
except Exception: except Exception:
return jsonify({'log': '(error reading log)', 'left': '', 'right': ''}) return jsonify({'log': '(error reading log)', 'left': '', 'right': ''})

8
docker/routlin-dash/app/pages/radius/content.json
View file

@ -114,7 +114,7 @@
"input_type": "checkbox", "input_type": "checkbox",
"checkbox_label": "Log auth requests", "checkbox_label": "Log auth requests",
"value": "%RADIUS_LOGGING%", "value": "%RADIUS_LOGGING%",
"hint": "Enables auth and auth_accept/auth_reject in radiusd.conf. High volume on busy networks - enable for debugging only." "hint": "Enables auth and auth_accept/auth_reject in radiusd.conf."
}, },
{ {
"type": "hr" "type": "hr"
@ -130,17 +130,11 @@
}, },
{ {
"type": "button_row", "type": "button_row",
"justify": "space-between",
"items": [ "items": [
{ {
"type": "button_ghost", "type": "button_ghost",
"action": "/action/radius/logging_download", "action": "/action/radius/logging_download",
"text": "Download Log" "text": "Download Log"
},
{
"type": "button_danger",
"formaction": "/action/radius/logging_clear",
"text": "Clear Log"
} }
] ]
}, },

47
docker/routlin-dash/app/pages/radius/view.py
View file

@ -8,25 +8,48 @@ RADIUS_LOG_FILE = '/var/log/freeradius/radius.log'
def radius_log_tail(cfg): def radius_log_tail(cfg):
try: try:
log_max_kb = cfg.get('radius', {}).get('general', {}).get('log_max_kb', 1024) log_max_kb = cfg.get('radius', {}).get('general', {}).get('log_max_kb', 1024)
size_kb = os.path.getsize(RADIUS_LOG_FILE) / 1024
with open(RADIUS_LOG_FILE) as f: current = []
lines = f.readlines() try:
with open(RADIUS_LOG_FILE) as f:
current = f.readlines()
except FileNotFoundError:
pass
prev = []
if len(current) < RADIUS_LOG_MAX:
try:
with open(RADIUS_LOG_FILE + '.1') as f:
prev = f.readlines()
except FileNotFoundError:
pass
need = max(0, RADIUS_LOG_MAX - len(current))
lines = (prev[-need:] if need and prev else []) + current
if not lines: if not lines:
return '(log is empty)', '' return '(log is empty)', ''
total = len(lines)
tail = lines[-RADIUS_LOG_MAX:] log_dir = os.path.dirname(RADIUS_LOG_FILE)
shown = len(tail) try:
hidden = total - shown size_kb = sum(
pct = min(100, round(size_kb / log_max_kb * 100)) if log_max_kb else 0 os.path.getsize(os.path.join(log_dir, f))
left = f'Showing {shown} of {total} lines ({hidden} not shown)' if hidden > 0 else f'Showing {shown} of {total} lines' for f in os.listdir(log_dir)
right = f'Log file size: {size_kb:.1f} KB ({pct}% of max)' if os.path.isfile(os.path.join(log_dir, f))
) / 1024
except OSError:
size_kb = 0.0
tail = lines[-RADIUS_LOG_MAX:]
pct = min(100, round(size_kb / log_max_kb * 100)) if log_max_kb else 0
note = ' (includes rotated log)' if (prev and need) else ''
left = f'Showing {len(tail)} lines{note}'
right = f'Total log size: {size_kb:.1f} KB ({pct}% of max)'
summary = ( summary = (
'<div id="radius-log-summary" class="text-muted" style="display:flex;justify-content:space-between;margin-top:0.5em;">' '<div id="radius-log-summary" class="text-muted" style="display:flex;justify-content:space-between;margin-top:0.5em;">'
f'<span>{left}</span><span>{right}</span></div>' f'<span>{left}</span><span>{right}</span></div>'
) )
return ''.join(tail).strip(), summary return ''.join(tail).strip(), summary
except FileNotFoundError:
return '(log file not found)', ''
except Exception: except Exception:
return '(error reading log)', '' return '(error reading log)', ''

48
routlin/maintenance.py
View file

@ -488,20 +488,46 @@ def process_provider(provider, current_ip, force=False):
# FreeRADIUS log rotation # FreeRADIUS log rotation
# =================================================================== # ===================================================================
def rotate_radius_log(radius_cfg): def _clear_radius_log_dir(log_dir, reason):
"""Truncate the FreeRADIUS log if it exceeds radius.general.log_max_kb.""" """Delete all files in log_dir and print reason."""
max_kb = radius_cfg.get("general", {}).get("log_max_kb", 1024)
max_bytes = int(max_kb * 1024)
if not RADIUS_LOG_FILE.exists():
return
try: try:
if RADIUS_LOG_FILE.stat().st_size > max_bytes: files = [p for p in log_dir.iterdir() if p.is_file()]
RADIUS_LOG_FILE.write_text("") if not files:
print(f"FreeRADIUS log cleared (exceeded {max_kb} KB).") return
for p in files:
try:
p.unlink()
except PermissionError:
print(f"WARNING: Cannot delete {p} (permission denied).")
except OSError as e:
print(f"WARNING: Error deleting {p}: {e}")
print(f"FreeRADIUS logs cleared ({reason}).")
except PermissionError: except PermissionError:
print(f"WARNING: Cannot write to {RADIUS_LOG_FILE} (permission denied).") print(f"WARNING: Cannot read {log_dir} (permission denied).")
except OSError as e: except OSError as e:
print(f"WARNING: Error checking FreeRADIUS log: {e}") print(f"WARNING: Error clearing FreeRADIUS log dir: {e}")
def rotate_radius_log(radius_cfg):
"""Clear the FreeRADIUS log dir if logging is disabled or total size exceeds log_max_kb."""
general = radius_cfg.get("general", {})
log_dir = RADIUS_LOG_FILE.parent
if not log_dir.exists():
return
if not general.get("logging", False):
_clear_radius_log_dir(log_dir, "logging disabled")
return
max_kb = general.get("log_max_kb", 1024)
max_bytes = int(max_kb * 1024)
try:
files = [p for p in log_dir.iterdir() if p.is_file()]
total = sum(p.stat().st_size for p in files)
if total > max_bytes:
_clear_radius_log_dir(log_dir, f"total {total // 1024} KB exceeded {max_kb} KB")
except PermissionError:
print(f"WARNING: Cannot read {log_dir} (permission denied).")
except OSError as e:
print(f"WARNING: Error checking FreeRADIUS log dir: {e}")
# =================================================================== # ===================================================================