# Copyright (c) 2010 Flowerfire, Inc. All Rights Reserved. gene6_ftp = { plugin_version = "1.0.2" info.1.manufacturer = "Gene6 SARL" #info.1.device = "G6 FTP Server" info.1.device = "FTP Server" info.1.version.1 = "3.9.0" # build 2 # Plugin Version info # 2009-04-16 - 1.0 - KBB - Initial creation with gene6_ftp_w3c as starting point. This is a very # different plug-in, with different fields. # 2010-11-19 - 1.0.1 - MSG - Edited info lines. # 2011-07-01 - 1.0.2 - KBB - Unified duplicated info in this file, including info lines. # from http://www.the-eggman.com/seminars/ftp_error_codes.html # todo?: translate this into language strings to replace codes? #Code Description #100 Codes The requested action is being taken. Expect a reply before proceeding with a new command. #110 Restart marker reply. #120 Service ready in (n) minutes. #125 Data connection already open, transfer starting. #150 File status okay, about to open data connection. #200 Codes The requested action has been successfully completed. #200 Command okay. #202 Command not implemented #211 System status, or system help reply. #212 Directory status. #213 File status. #214 Help message. #215 NAME system type. (NAME is an official system name from the list in the Assigned Numbers document.) #220 Service ready for new user. #221 Service closing control connection. (Logged out if appropriate.) #225 Data connection open, no transfer in progress. #226 Closing data connection. Requested file action successful (file transfer, abort, etc.). #227 Entering Passive Mode #230 User logged in, proceed. #250 Requested file action okay, completed. #257 "PATHNAME" created. #300 Codes The command has been accepted, but the requested action is being held pending receipt of further information. #331 User name okay, need password. #332 Need account for login. #350 Requested file action pending further information. #400 Codes The command was not accepted and the requested action did not take place. #Tthe error condition is temporary, however, and the action may be requested again. #421 Service not available, closing control connection. (May be a reply to any command if the service knows it must shut down.)` #425 Can't open data connection. #426 Connection closed, transfer aborted. #450 Requested file action not taken. File unavailable (e.g., file busy). #451 Requested action aborted, local error in processing. #452 Requested action not taken. Insufficient storage space in system. #500 Codes The command was not accepted and the requested action did not take place. #500 Syntax error, command unrecognized. This may include errors such as command line too long. #501 Syntax error in parameters or arguments. #502 Command not implemented. #503 Bad sequence of commands. #504 Command not implemented for that parameter. #530 User not logged in. #532 Need account for storing files. #550 Requested action not taken. File unavailable (e.g., file not found, no access). #552 Requested file action aborted, storage allocation exceeded #553 Requested action not taken. Illegal file name. # The name of the log format log.format.format_label = "Gene6 FTP Server Log Format" log.miscellaneous.log_data_type = "ftp" log.miscellaneous.log_format_type = "ftp_server" # The log is in this format if any of the first ten lines match this regular expression log.format.autodetect_regular_expression = "^[0-9]{2}/[0-9]{2}/[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}, [0-9]+, [0-9.]+, [^,]+, [A-Z]{4} " # The format of dates and times in this log log.format.date_format = "yyyy/mm/dd hh:mm:ss" log.format.time_format = "yyyy/mm/dd hh:mm:ss" log.format.parse_only_with_filters = "true" log.fields = { date_time = "" connection_id = "" client_ip.type = "host" username = "" command = "" file_name = "" result_code = "" sc_bytes = "" cs_bytes = "" uploads = "" downloads = "" time_taken = "" message = "" } # log.fields log.filters = { mark_entry = { label = '$lang_admin.log_filters.mark_entry_label' comment = '$lang_admin.log_filters.mark_entry_comment' value = 'events = 1;' } # mark_entry simplify_message = { label = '$lang_admin.log_filters.simplify_message_label' comment = '$lang_admin.log_filters.simplify_message_comment' value = ` if (contains(message, 'no such file')) then ( message = 'No such file.'; ); else if (matches_regular_expression(message, '[fF]ile .* deleted\.?')) then ( message = 'File deleted.'; ); ` } } # log.filters database.fields = { date_time = "" day_of_week = "" hour_of_day = "" connection_id = "" client_ip = "" username = "" command = "" file_name = "" result_code = "" message = "" } # database.fields log.filter_initialization = ` v.addtoyear = substr(epoc_to_date_time(now()), 7, 2); ` log.parsing_filters.parse = ` #09/01/09 16:12:47, 1605, 77.77.177.77, blue_horse, DELE labrador.html #09/01/09 16:12:47, 1605, 77.77.177.77, blue_horse, delete file '/dogplaces/labrador.html' -> 'E:\dogplaces\labrador.html' --> File deleted. #09/01/09 16:12:47, 1605, 77.77.177.77, blue_horse, 250 File "/dogplaces/labrador.html" deleted. v.line = current_log_line(); if (matches_regular_expression(v.line, '^([0-9]{2}/[0-9]{2}/[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}), ([0-9]+), ([0-9.]+), ([^,]+), (.*)$')) then ( v.key = $2; v.line = $5; set_collected_field(v.key, 'date_time', v.addtoyear . $1); set_collected_field(v.key, 'connection_id', v.key); set_collected_field(v.key, 'client_ip', $3); set_collected_field(v.key, 'username', $4); v.command = get_collected_field(v.key, 'cmd'); if (matches_regular_expression(v.line, '^([A-Z]{3,4}|noop)( [^ ].*)?$')) then ( set_collected_field(v.key, 'cmd', $1); # Save all commands to avoid saving all results # If there's a new command, clear these set_collected_field(v.key, 'time_taken', ''); set_collected_field(v.key, 'cs_bytes', ''); set_collected_field(v.key, 'uploads', ''); set_collected_field(v.key, 'sc_bytes', ''); set_collected_field(v.key, 'downloads', ''); set_collected_field(v.key, 'result_code', ''); set_collected_field(v.key, 'message', ''); #09/01/01 08:22:49, 671, 22.22.122.22, blue_horse, RETR /hello.png #09/01/01 08:22:49, 671, 22.22.122.22, blue_horse, asked to download '/hello.png' -> 'E:\FTP\here\hello.png' from 0 --> Access allowed. #09/01/01 08:22:49, 671, 22.22.122.22, blue_horse, 150 Data connection accepted from 22.22.122.22:1549; transfer starting for /hello.png (10893 bytes) #09/01/01 08:22:49, 671, 22.22.122.22, blue_horse, finished downloading '/hello.png' -> 'E:\FTP\here\hello.png' from 0 to 10893 (00:00:01 - 10.638 KBytes/s). #09/01/01 08:22:49, 671, 22.22.122.22, blue_horse, 226 File sent ok. # add RNTO and RNFR later #if (matches_regular_expression(v.line, '^(DELE|RETR|STOR|RNTO|RNFR) (.*)$')) then ( # ) if (matches_regular_expression(v.line, '^(DELE|RETR|STOR) (.*)$')) then ( set_collected_field(v.key, 'command', $1); set_collected_field(v.key, 'file_name', $2); ); ); else ( if ((v.command eq 'RETR') and starts_with(v.line, 'finished') and matches_regular_expression(v.line, '\\\\(([0-9]{2}):([0-9]{2}):([0-9]{2}) - ([0-9.]+) KBytes/s\\\\)\\\\.$')) then ( set_collected_field(v.key, 'time_taken', $1*60*60 + $2*60 + $3); set_collected_field(v.key, 'sc_bytes', 1024*$4); set_collected_field(v.key, 'downloads', 1); ); else if ((v.command eq 'STOR') and starts_with(v.line, 'finished') and matches_regular_expression(v.line, '\\\\(([0-9]{2}):([0-9]{2}):([0-9]{2}) - ([0-9.]+) KBytes/s\\\\)\\\\.$')) then ( set_collected_field(v.key, 'time_taken', $1*60*60 + $2*60 + $3); set_collected_field(v.key, 'cs_bytes', 1024*$4); set_collected_field(v.key, 'uploads', 1); ); else if (matches_regular_expression(v.command, '^(DELE|RETR|STOR)$') and matches_regular_expression(v.line, "^([0-9]{3}) (.*)$")) then ( v.code = $1; if (v.code ne '421' and v.code ne '150' and v.code ne '425') then ( set_collected_field(v.key, 'result_code', $1); set_collected_field(v.key, 'message', $2); accept_collected_entry(v.key, true); ); ); ); ); ` database.numerical_fields = { events = { label = "$lang_stats.field_labels.events" default = true requires_log_field = false type = "int" display_format_type = "integer" entries_field = true } # events downloads = { label = "$lang_stats.field_labels.downloads" default = true requires_log_field = false type = "int" display_format_type = "integer" entries_field = false } # downloads uploads = { label = "$lang_stats.field_labels.uploads" default = true requires_log_field = false type = "int" display_format_type = "integer" entries_field = false } # uploads sc_bytes = { label = "$lang_stats.field_labels.sc_bytes" default = false log_field = "sc_bytes" requires_log_field = true type = "float" display_format_type = "bandwidth" } cs_bytes = { label = "$lang_stats.field_labels.cs_bytes" default = false log_field = "cs_bytes" requires_log_field = true type = "float" display_format_type = "bandwidth" } time_taken = { type = float display_format_type = duration_compact } # time_taken } # database.numerical_fields create_profile_wizard_options = { # How the reports should be grouped in the report menu report_groups = { date_time_group = "" } # report_groups } # create_profile_wizard_options } # gene6_ftp