I really love my
Smoothwall firewall. It offers good security using an older computer and it is infinitely customizable. One of the big strengths of Smoothwall is that with a little bit of Perl you can make it do almost whatever you want. There is a large ecosystem of third party modules that allow you to customize the functionality of your Smoothwall box.
One of the modules that I use is the
enhanced firewall log. It is currently at version 1.4.3 and it enhances the normal log viewer and allows you to sort on different values and adds color coding to the entries.
This module has worked fine for me up until today. I was having some issues reaching some sites on the Internet and it appeared the firewall was the issue. I logged into the Smoothwall and it was slow to respond. The box had an uptime of a little over 9 months so I decided to reboot it. After the reboot was complete the firewall log was giving me an HTTP 500 error. Every other page was fine.
The error log showed:
Premature end of script headers: firewalllog.dat,
at /httpd/cgi-bin/logs.cgi/firewalllog.dat line 409
After some Internet searching I found the following link in the
Smoothwall communities.
Copy and paste of relevant information that fixed my problem.
he enhanced firewall logs mod with the CIDR capabilities assumes that
all of the data the first field of the ipblock file will be numeric but
it doesn't test it... my fix adds two lines and gets us around this
problem... at least at the stage of reading the data from the ipblock
file
in /httpd/cgi-bin/logs.cgi/firewalllog.dat, near line 57, you should find
# Added by fwlogmod
use Socket;
use Net::CIDR;
# END added by fwlogmod
right after that, add
use Scalar::Util qw(looks_like_number);
so the block looks like this (until the maintainer possibly adds this to their released code)
# Added by fwlogmod
use Socket;
use Net::CIDR;
# END added by fwlogmod
use Scalar::Util qw(looks_like_number);
then down near line 217 you should find
open (ACTIVEBLOCKFILE, "/var/smoothwall/ipblock/config");
@ll=;
close(ACTIVEBLOCKFILE);
foreach $lll (@ll) {
chomp($lll);
@ittt=split(/,/,$lll);
$cidrstr= $ittt[0];
between those last two lines, add
next if !looks_like_number($ittt[0]); ## make sure it is a number!
so the whole block now looks like this
open (ACTIVEBLOCKFILE, "/var/smoothwall/ipblock/config");
@ll=;
close(ACTIVEBLOCKFILE);
foreach $lll (@ll) {
chomp($lll);
@ittt=split(/,/,$lll);
next if !looks_like_number($ittt[0]); ## make sure it is a number!
$cidrstr= $ittt[0];
save and done... now if the first field of the ipblock file is not numeric, your firewall log viewer won't blow up on you.