add API for firewall log
authorDietmar Maurer <dietmar@proxmox.com>
Tue, 15 Apr 2014 09:03:17 +0000 (11:03 +0200)
committerDietmar Maurer <dietmar@proxmox.com>
Tue, 15 Apr 2014 09:03:17 +0000 (11:03 +0200)
src/PVE/API2/Firewall/Host.pm

index 680bc58..4ae0d0f 100644 (file)
@@ -3,6 +3,7 @@ package PVE::API2::Firewall::Host;
 use strict;
 use warnings;
 use PVE::JSONSchema qw(get_standard_option);
+use PVE::RPCEnvironment;
 
 use PVE::Firewall;
 use PVE::API2::Firewall::Rules;
@@ -42,6 +43,7 @@ __PACKAGE__->register_method({
        my $result = [
            { name => 'rules' },
            { name => 'options' },
+           { name => 'log' },
            ];
 
        return $result;
@@ -71,4 +73,60 @@ __PACKAGE__->register_method({
        return PVE::Firewall::copy_opject_with_digest($hostfw_conf->{options});
     }});
 
+__PACKAGE__->register_method({
+    name => 'log', 
+    path => 'log', 
+    method => 'GET',
+    description => "Read firewall log",
+    proxyto => 'node',
+    permissions => {
+       check => ['perm', '/nodes/{node}', [ 'Sys.Syslog' ]],
+    },
+    protected => 1,
+    parameters => {
+       additionalProperties => 0,
+       properties => {
+           node => get_standard_option('pve-node'),
+           start => {
+               type => 'integer',
+               minimum => 0,
+               optional => 1,
+           },
+           limit => {
+               type => 'integer',
+               minimum => 0,
+               optional => 1,
+           },
+       },
+    },
+    returns => {
+       type => 'array',
+       items => { 
+           type => "object",
+           properties => {
+               n => {
+                 description=>  "Line number",
+                 type=> 'integer',
+               },
+               t => {
+                 description=>  "Line text",
+                 type => 'string',
+               }
+           }
+       }
+    },
+    code => sub {
+       my ($param) = @_;
+
+       my $rpcenv = PVE::RPCEnvironment::get();
+       my $user = $rpcenv->get_user();
+       my $node = $param->{node};
+
+       my ($count, $lines) = PVE::Tools::dump_logfile("/var/log/pve-firewall.log", $param->{start}, $param->{limit});
+
+       $rpcenv->set_result_attrib('total', $count);
+           
+       return $lines; 
+    }});
+
 1;