/usr/local/www/diag_states_summary.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/diag_states_summary.php @ 0c469044

1	9d71da81	jim-p	<?php
2	2a2af670	jim-p	/*
3			diag_states_summary.php
4	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
5	c245a846	jim-p	Copyright (C) 2010-2014 Jim Pingle
6	2a2af670	jim-p
7			Portions borrowed from diag_dump_states.php:
8			Copyright (C) 2005-2009 Scott Ullrich
9			Copyright (C) 2005 Colin Smith
10			All rights reserved.
11
12			Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14
15			1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17
18			2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21
22			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34			/*
35			pfSense_BUILDER_BINARIES: /sbin/pfctl
36			pfSense_MODULE: filter
37			*/
38
39			##\|+PRIV
40			##\|*IDENT=page-diagnostics-statessummary
41			##\|*NAME=Diagnostics: States Summary page
42			##\|*DESCR=Allow access to the 'Diagnostics: States Summary' page.
43			##\|MATCH=diag_states_summary.php
44			##\|-PRIV
45	9d71da81	jim-p
46			exec("/sbin/pfctl -s state", $states);
47
48			$srcipinfo = array();
49	c1613ade	jim-p	$dstipinfo = array();
50	63284430	jim-p	$allipinfo = array();
51	c1613ade	jim-p	$pairipinfo = array();
52	9d71da81	jim-p
53	63284430	jim-p	function addipinfo(&$iparr, $ip, $proto, $srcport, $dstport) {
54			$iparr[$ip]['seen']++;
55			$iparr[$ip]['protos'][$proto]['seen']++;
56			if (!empty($srcport)) {
57			$iparr[$ip]['protos'][$proto]['srcports'][$srcport]++;
58			}
59			if (!empty($dstport)) {
60			$iparr[$ip]['protos'][$proto]['dstports'][$dstport]++;
61			}
62			}
63
64	9d71da81	jim-p	$row = 0;
65	5f601060	Phil Davis	if (count($states) > 0) {
66			foreach ($states as $line) {
67	9d71da81	jim-p	$line_split = preg_split("/\s+/", $line);
68	c245a846	jim-p	$iface = array_shift($line_split);
69	9d71da81	jim-p	$proto = array_shift($line_split);
70			$state = array_pop($line_split);
71			$info = implode(" ", $line_split);
72
73	c245a846	jim-p	/* Handle NAT cases
74	5f601060	Phil Davis	Replaces an external IP + NAT by the internal IP */
75	c245a846	jim-p	if (strpos($info, ') ->') !== FALSE) {
76			/* Outbound NAT */
77			$info = preg_replace('/(\S+) $(\S+)$/U', "$2", $info);
78			} elseif (strpos($info, ') <-') !== FALSE) {
79			/* Inbound NAT/Port Forward */
80			$info = preg_replace('/(\S+) $(\S+)$/U', "$1", $info);
81			}
82
83	9d71da81	jim-p	/* break up info and extract $srcip and $dstip */
84			$ends = preg_split("/\<?-\>?/", $info);
85	c1613ade	jim-p
86			if (strpos($info, '->') === FALSE) {
87			$srcinfo = $ends[count($ends) - 1];
88			$dstinfo = $ends[0];
89			} else {
90			$srcinfo = $ends[0];
91			$dstinfo = $ends[count($ends) - 1];
92			}
93
94	96bddaf3	Seth Mos	/* Handle IPv6 */
95			$parts = explode(":", $srcinfo);
96	c245a846	jim-p	$partcount = count($parts);
97	5a27a095	bcyrill	if ($partcount <= 2) {
98			$srcip = trim($parts[0]);
99			$srcport = trim($parts[1]);
100	96bddaf3	Seth Mos	} else {
101	5a27a095	bcyrill	preg_match("/([0-9a-f:]+)(\[([0-9]+)\])?/i", $srcinfo, $matches);
102			$srcip = $matches[1];
103			$srcport = trim($matches[3]);
104	96bddaf3	Seth Mos	}
105	c245a846	jim-p
106	96bddaf3	Seth Mos	$parts = explode(":", $dstinfo);
107	c245a846	jim-p	$partcount = count($parts);
108	5a27a095	bcyrill	if ($partcount <= 2) {
109			$dstip = trim($parts[0]);
110			$dstport = trim($parts[1]);
111	96bddaf3	Seth Mos	} else {
112	5a27a095	bcyrill	preg_match("/([0-9a-f:]+)(\[([0-9]+)\])?/i", $dstinfo, $matches);
113			$dstip = $matches[1];
114			$dstport = trim($matches[3]);
115	96bddaf3	Seth Mos	}
116	9d71da81	jim-p
117	63284430	jim-p	addipinfo($srcipinfo, $srcip, $proto, $srcport, $dstport);
118			addipinfo($dstipinfo, $dstip, $proto, $srcport, $dstport);
119			addipinfo($pairipinfo, "{$srcip} -> {$dstip}", $proto, $srcport, $dstport);
120	c1613ade	jim-p
121	63284430	jim-p	addipinfo($allipinfo, $srcip, $proto, $srcport, $dstport);
122			addipinfo($allipinfo, $dstip, $proto, $srcport, $dstport);
123	c1613ade	jim-p
124	9d71da81	jim-p	}
125			}
126
127			function sort_by_ip($a, $b) {
128	96033063	Erik Fonnesbeck	return ip2ulong($a) < ip2ulong($b) ? -1 : 1;
129	9d71da81	jim-p	}
130
131	2a63c863	jim-p	function build_port_info($portarr, $proto) {
132	5f601060	Phil Davis	if (!$portarr) {
133	3f00208a	Ermal	return '';
134	5f601060	Phil Davis	}
135	2a63c863	jim-p	$ports = array();
136			asort($portarr);
137			foreach (array_reverse($portarr, TRUE) as $port => $count) {
138			$str = "";
139			$service = getservbyport($port, strtolower($proto));
140			$port = "{$proto}/{$port}";
141	5f601060	Phil Davis	if ($service) {
142	2a63c863	jim-p	$port = "{$port} ({$service})";
143	5f601060	Phil Davis	}
144	2a63c863	jim-p	$ports[] = "{$port}: {$count}";
145			}
146			return implode($ports, ', ');
147			}
148
149	63284430	jim-p	function print_summary_table($label, $iparr, $sort = TRUE) { ?>
150
151			<h3><?php echo $label; ?></h3>
152	f11afbf7	Colin Fleming	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="states summary">
153	9d71da81	jim-p	<tr>
154	e99a1c28	Rafaellucas	<td class="listhdrr"><?=gettext("IP");?></td>
155	9049e088	Vinicius Coque	<td class="listhdrr"># <?=gettext("States");?></td>
156	e99a1c28	Rafaellucas	<td class="listhdrr"><?=gettext("Proto");?></td>
157	9049e088	Vinicius Coque	<td class="listhdrr"># <?=gettext("States");?></td>
158	e99a1c28	Rafaellucas	<td class="listhdrr"><?=gettext("Src Ports");?></td>
159			<td class="listhdrr"><?=gettext("Dst Ports");?></td>
160	9d71da81	jim-p	</tr>
161	5f601060	Phil Davis	<?php
162			if ($sort) {
163	63284430	jim-p	uksort($iparr, "sort_by_ip");
164	5f601060	Phil Davis	}
165			foreach ($iparr as $ip => $ipinfo) { ?>
166	9d71da81	jim-p	<tr>
167	f11afbf7	Colin Fleming	<td class="vncell"><?php echo $ip; ?></td>
168			<td class="vncell"><?php echo $ipinfo['seen']; ?></td>
169			<td class="vncell"> </td>
170			<td class="vncell"> </td>
171			<td class="vncell"> </td>
172			<td class="vncell"> </td>
173	9d71da81	jim-p	</tr>
174	5f601060	Phil Davis	<?php foreach ($ipinfo['protos'] as $proto => $protoinfo) { ?>
175	9d71da81	jim-p	<tr>
176	f11afbf7	Colin Fleming	<td class="list"> </td>
177			<td class="list"> </td>
178			<td class="listlr"><?php echo $proto; ?></td>
179			<td class="listr" align="center"><?php echo $protoinfo['seen']; ?></td>
180			<td class="listr" align="center"><span title="<?php echo build_port_info($protoinfo['srcports'], $proto); ?>"><?php echo count($protoinfo['srcports']); ?></span></td>
181			<td class="listr" align="center"><span title="<?php echo build_port_info($protoinfo['dstports'], $proto); ?>"><?php echo count($protoinfo['dstports']); ?></span></td>
182	9d71da81	jim-p	</tr>
183			<?php } ?>
184			<?php } ?>
185
186			</table>
187
188	3e6ec5df	Renato Botelho	<?php
189	63284430	jim-p	}
190	c1613ade	jim-p
191	e99a1c28	Rafaellucas	$pgtitle = array(gettext("Diagnostics"),gettext("State Table Summary"));
192	63284430	jim-p	require_once("guiconfig.inc");
193			include("head.inc");
194	f11afbf7	Colin Fleming	echo "<body>";
195	63284430	jim-p	include("fbegin.inc");
196	c1613ade	jim-p
197
198	e99a1c28	Rafaellucas	print_summary_table(gettext("By Source IP"), $srcipinfo);
199			print_summary_table(gettext("By Destination IP"), $dstipinfo);
200			print_summary_table(gettext("Total per IP"), $allipinfo);
201			print_summary_table(gettext("By IP Pair"), $pairipinfo, FALSE);
202	63284430	jim-p	?>
203	c1613ade	jim-p
204	9d71da81	jim-p	<?php include("fend.inc"); ?>
205	f11afbf7	Colin Fleming	</body>
206			</html>

Project

General

Profile

pfSense