senpa 0.1.1

A library to parse OPNsense firewall logs
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

use senpa::prelude::*;

#[test]
fn test_parse_log() {
    let log = "96,,,fae559338f65e11c53669fc3642c93c2,vlan0.20,match,pass,out,\
    4,0x0,,127,61633,0,DF,6,tcp,\
    52,192.168.10.15,192.168.20.14,\
    52461,9100,0,S,3442468761,,64240,,mss;nop;wscale;nop;nop;sackOK";
    let parsed_log = parse_log(log).unwrap();

    println!("# LOG #");
    println!(
        "rule number: {} ",
        parsed_log.packet_filter.rule_info.number
    );
    assert_eq!(96, parsed_log.packet_filter.rule_info.number);

    println!("rule label: {} ", &parsed_log.packet_filter.rule_info.label);
    assert_eq!(
        "fae559338f65e11c53669fc3642c93c2",
        &parsed_log.packet_filter.rule_info.label
    );

    match &parsed_log.packet_filter.action {
        Pass => println!("Action: pass"),
        Block => println!("Actiom: block"),
        Reject => println!("Action: reject"),
    }

    assert_eq!(Pass, parsed_log.packet_filter.action);

    match &parsed_log.protocol.name {
        Tcp => println!("Proto: tcp"),
        Udp => println!("Proto: udp"),
        Other(other) => println!("Proto: {}", other),
    }
    assert_eq!(Tcp, parsed_log.protocol.name);

    match &parsed_log.proto_info {
        UdpInfo(udp_info) => println!("ProtoInfo:{:#?}", udp_info),
        TcpInfo(tcp_info) => println!("ProtoInfo:{:#?}", tcp_info),
        UnknownInfo(unknown) => println!("ProtoInfo: {}", unknown),
    }
    assert!(matches!(parsed_log.proto_info, TcpInfo(_)));
}