Skip to content

Instantly share code, notes, and snippets.

@kanazux

kanazux/process_squid_logs

Last active November 25, 2020 13:49
Show Gist options
  • Save kanazux/ab36d98f9094a5eec84015607ba1f55a to your computer and use it in GitHub Desktop.
Save kanazux/ab36d98f9094a5eec84015607ba1f55a to your computer and use it in GitHub Desktop.
Download ZIP
Teste com shell script e redirector para logs do squid.
Raw
process_squid_logs
Aug 15 10:53:24 BluePexEMB redirector[75822]: 1502805204 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:53:45 BluePexEMB redirector[75822]: 1502805225 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:54:06 BluePexEMB redirector[75822]: 1502805246 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:54:28 BluePexEMB redirector[75822]: 1502805268 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:54:52 BluePexEMB redirector[75822]: 1502805292 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:54:58 BluePexEMB redirector[75822]: 1502805298 https://api.imusicaradios.com.br/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:13 BluePexEMB redirector[75822]: 1502805313 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:35 BluePexEMB redirector[75822]: 1502805335 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:45 BluePexEMB redirector[75822]: 1502805345 https://i.ytimg.com/ 1 48 192.168.213.16 - - 0
Aug 15 10:55:54 BluePexEMB redirector[8604]: 1502805354 https://r4---sn-xhcg5uxa-8j2e.googlevideo.com/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:54 BluePexEMB redirector[75822]: 1502805354 https://r4---sn-xhcg5uxa-8j2e.googlevideo.com/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:55 BluePexEMB redirector[75822]: 1502805355 https://i1.ytimg.com/ 1 48 192.168.213.16 - - 0
Aug 15 10:55:55 BluePexEMB redirector[8604]: 1502805355 https://r1---sn-vgqs7nee.googlevideo.com/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:56 BluePexEMB redirector[75822]: 1502805356 https://yt3.ggpht.com/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:57 BluePexEMB redirector[75822]: 1502805357 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:55:59 BluePexEMB redirector[75822]: 1502805359 https://www.googleadservices.com/ 1 44,46 192.168.213.16 - - 0
Aug 15 10:56:19 BluePexEMB redirector[75822]: 1502805379 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:56:40 BluePexEMB redirector[75822]: 1502805400 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:56:59 BluePexEMB redirector[75822]: 1502805419 https://api.imusicaradios.com.br/ 1 - 192.168.213.16 - - 0
Aug 15 10:57:04 BluePexEMB redirector[75822]: 1502805424 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:57:27 BluePexEMB redirector[75822]: 1502805447 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:57:48 BluePexEMB redirector[75822]: 1502805468 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:57:56 BluePexEMB redirector[75822]: 1502805476 http://www.cocacola.com.br/libs/granite/csrf/token.json 1 - 192.168.213.16 - - 0
Aug 15 10:58:12 BluePexEMB redirector[75822]: 1502805492 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:58:34 BluePexEMB redirector[75822]: 1502805514 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Aug 15 10:58:57 BluePexEMB redirector[75822]: 1502805537 https://api.imusicaradios.com.br/ 1 - 192.168.213.16 - - 0
Aug 15 10:58:58 BluePexEMB redirector[75822]: 1502805538 https://cocacola-go-lag.stream1.fyre.co/ 1 - 192.168.213.16 - - 0
Raw
process_squid_logs.sh
#!/bin/sh
#
# This script is only to check and save squid logs by the redirector logs
# Convert categories in the redirector log and save the log
# Log with permission 1000 or a great valor will be saved on the file denied_accesses
# if permission is between 0 and 3 will be saved on the file allowed_accesses
#
# Author: Silvio Giunge a.k.a Kanazuchi
#
# PS: This script has no value if you dont use the same redirector binary :P
#
ALLOW="/usr/local/etc/webfilter/allowed_accesses"
DENY="/usr/local/etc/webfilter/denied_accesses"
EGREP=`which egrep`
split_data() {
time_date=`echo "${LINE}" | awk '{print $6}'`
url=`echo "${LINE}" | awk '{print $7}'`
blocked_code=`echo "${LINE}" | awk '{print $8}'`
categories=`echo "${LINE}" | awk '{print $9}'`
ip=`echo "${LINE}" | awk '{print $10}'`
user=`echo "${LINE}" | awk '{print $11}'`
group=`echo "${LINE}" | awk '{print $12}'`
}
rename_categories() {
HAS_COMMOM=`echo "${categories}" | grep ","`
if [ -n "${HAS_COMMOM}" ]; then
_categories=$categories
for word in $(echo "${categories}" | tr "," "\n"); do
STRTOCHANGE=`cat /usr/local/etc/wfcategories | grep "${word}" | cut -d ":" -f2`
categories=`echo "${categories}" | sed "s/${word}/${STRTOCHANGE}/"`
done
else
STRTOCHANGE=`cat /usr/local/etc/wfcategories | grep "${categories}" | cut -d ":" -f2`
categories=`echo "${categories}" | sed "s/${categories}/${STRTOCHANGE}/"`
fi
}
while read LINE; do
REDIRECTOR=`echo "${LINE}" | $EGREP ".*redirector.*"`
if [ -n "${REDIRECTOR}" ]; then
split_data
:set nonu 3,1 Top
if [ -n "${REDIRECTOR}" ]; then
split_data
[ "${categories}" = "-" ] && categories="NotCategorized" && echo "99 teste" >> /root/teste
[ "${categories}" != "NotCategorized" ] && rename_categories
if [ "${blocked_code}" -gt 999 ]; then
echo "${time_date};${url};${categories};${ip};${user};${group}" >> $DENY
else
echo "${time_date};${url};${categories};${ip};${user};${group}" >> $ALLOW
fi
fi
done
@pandaDbo
Copy link

This actually works this is cool

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment