/usr/local/www/diag_states_summary.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/diag_states_summary.php @ 38af78d8

1	9d71da81	jim-p	<?php
2	2a2af670	jim-p	/*
3			diag_states_summary.php
4	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
5	c245a846	jim-p	Copyright (C) 2010-2014 Jim Pingle
6	2a2af670	jim-p
7			Portions borrowed from diag_dump_states.php:
8			Copyright (C) 2005-2009 Scott Ullrich
9			Copyright (C) 2005 Colin Smith
10			All rights reserved.
11
12			Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14
15			1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17
18			2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21
22			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34			/*
35			pfSense_BUILDER_BINARIES: /sbin/pfctl
36	38af78d8	sbeaver	pfSense_MODULE: filter
37	2a2af670	jim-p	*/
38
39			##\|+PRIV
40			##\|*IDENT=page-diagnostics-statessummary
41			##\|*NAME=Diagnostics: States Summary page
42			##\|*DESCR=Allow access to the 'Diagnostics: States Summary' page.
43			##\|MATCH=diag_states_summary.php
44			##\|-PRIV
45	9d71da81	jim-p
46			exec("/sbin/pfctl -s state", $states);
47
48			$srcipinfo = array();
49	c1613ade	jim-p	$dstipinfo = array();
50	63284430	jim-p	$allipinfo = array();
51	c1613ade	jim-p	$pairipinfo = array();
52	9d71da81	jim-p
53	63284430	jim-p	function addipinfo(&$iparr, $ip, $proto, $srcport, $dstport) {
54			$iparr[$ip]['seen']++;
55			$iparr[$ip]['protos'][$proto]['seen']++;
56			if (!empty($srcport)) {
57			$iparr[$ip]['protos'][$proto]['srcports'][$srcport]++;
58			}
59			if (!empty($dstport)) {
60			$iparr[$ip]['protos'][$proto]['dstports'][$dstport]++;
61			}
62			}
63
64	9d71da81	jim-p	$row = 0;
65			if(count($states) > 0) {
66			foreach($states as $line) {
67			$line_split = preg_split("/\s+/", $line);
68	c245a846	jim-p	$iface = array_shift($line_split);
69	9d71da81	jim-p	$proto = array_shift($line_split);
70			$state = array_pop($line_split);
71			$info = implode(" ", $line_split);
72
73	c245a846	jim-p	/* Handle NAT cases
74			Replaces an external IP + NAT by the internal IP */
75			if (strpos($info, ') ->') !== FALSE) {
76			/* Outbound NAT */
77			$info = preg_replace('/(\S+) $(\S+)$/U', "$2", $info);
78			} elseif (strpos($info, ') <-') !== FALSE) {
79			/* Inbound NAT/Port Forward */
80			$info = preg_replace('/(\S+) $(\S+)$/U', "$1", $info);
81			}
82
83	9d71da81	jim-p	/* break up info and extract $srcip and $dstip */
84			$ends = preg_split("/\<?-\>?/", $info);
85	c1613ade	jim-p
86			if (strpos($info, '->') === FALSE) {
87			$srcinfo = $ends[count($ends) - 1];
88			$dstinfo = $ends[0];
89			} else {
90			$srcinfo = $ends[0];
91			$dstinfo = $ends[count($ends) - 1];
92			}
93
94	96bddaf3	Seth Mos	/* Handle IPv6 */
95			$parts = explode(":", $srcinfo);
96	c245a846	jim-p	$partcount = count($parts);
97	5a27a095	bcyrill	if ($partcount <= 2) {
98			$srcip = trim($parts[0]);
99			$srcport = trim($parts[1]);
100	96bddaf3	Seth Mos	} else {
101	5a27a095	bcyrill	preg_match("/([0-9a-f:]+)(\[([0-9]+)\])?/i", $srcinfo, $matches);
102			$srcip = $matches[1];
103			$srcport = trim($matches[3]);
104	96bddaf3	Seth Mos	}
105	c245a846	jim-p
106	96bddaf3	Seth Mos	$parts = explode(":", $dstinfo);
107	c245a846	jim-p	$partcount = count($parts);
108	5a27a095	bcyrill	if ($partcount <= 2) {
109			$dstip = trim($parts[0]);
110			$dstport = trim($parts[1]);
111	96bddaf3	Seth Mos	} else {
112	5a27a095	bcyrill	preg_match("/([0-9a-f:]+)(\[([0-9]+)\])?/i", $dstinfo, $matches);
113			$dstip = $matches[1];
114			$dstport = trim($matches[3]);
115	96bddaf3	Seth Mos	}
116	9d71da81	jim-p
117	63284430	jim-p	addipinfo($srcipinfo, $srcip, $proto, $srcport, $dstport);
118			addipinfo($dstipinfo, $dstip, $proto, $srcport, $dstport);
119			addipinfo($pairipinfo, "{$srcip} -> {$dstip}", $proto, $srcport, $dstport);
120	c1613ade	jim-p
121	63284430	jim-p	addipinfo($allipinfo, $srcip, $proto, $srcport, $dstport);
122			addipinfo($allipinfo, $dstip, $proto, $srcport, $dstport);
123	9d71da81	jim-p	}
124			}
125
126			function sort_by_ip($a, $b) {
127	96033063	Erik Fonnesbeck	return ip2ulong($a) < ip2ulong($b) ? -1 : 1;
128	9d71da81	jim-p	}
129
130	2a63c863	jim-p	function build_port_info($portarr, $proto) {
131	1bceebd0	jim-p	if (!$portarr)
132	3f00208a	Ermal	return '';
133	2a63c863	jim-p	$ports = array();
134			asort($portarr);
135			foreach (array_reverse($portarr, TRUE) as $port => $count) {
136			$str = "";
137			$service = getservbyport($port, strtolower($proto));
138			$port = "{$proto}/{$port}";
139			if ($service)
140			$port = "{$port} ({$service})";
141			$ports[] = "{$port}: {$count}";
142			}
143			return implode($ports, ', ');
144			}
145
146	63284430	jim-p	function print_summary_table($label, $iparr, $sort = TRUE) { ?>
147	38af78d8	sbeaver	<div class="panel panel-default">
148			<div class="panel-heading"><?=$label?></div>
149			<div class="panel-body">
150			<!-- Outer table displays rows by IP-->
151			<table class="small table table-responsive table-hover table-condensed table-bordered">
152			<thead>
153			<tr class="info">
154			<th class="col-md-3"><?=gettext("IP");?></th>
155			<th class="col-md-1 text-center"># <?=gettext("States");?></th>
156			<th class="col-md-1"><?=gettext("Proto");?></th>
157			<th class="col-md-1 text-center"># <?=gettext("States");?></th>
158			<th class="col-md-1 text-center"><?=gettext("Src Ports");?></th>
159			<th class="col-md-1 text-center"><?=gettext("Dst Ports");?></th>
160			</tr>
161			</thead>
162			<tbody>
163			<?php if ($sort)
164	63284430	jim-p	uksort($iparr, "sort_by_ip");
165	38af78d8	sbeaver
166	63284430	jim-p	foreach($iparr as $ip => $ipinfo) { ?>
167	38af78d8	sbeaver	<tr>
168			<td><?php echo $ip; ?></td>
169			<td class="text-center"><?php echo $ipinfo['seen']; ?></td>
170			<td colspan="4" >
171
172			<!-- Inner table displays a table of states within each IP row-->
173			<table class="table table-responsive table-hover table-striped table-condensed table-bordered">
174			<tbody>
175			<?php foreach($ipinfo['protos'] as $proto => $protoinfo) { ?>
176			<tr>
177			<td class="col-md-1"><?php echo $proto; ?></td>
178			<td class="col-md-1 text-center" ><?php echo $protoinfo['seen']; ?></td>
179			<td class="col-md-1 text-center" ><span title="<?php echo build_port_info($protoinfo['srcports'], $proto); ?>"><?php echo count($protoinfo['srcports']); ?></span></td>
180			<td class="col-md-1 text-center" ><span title="<?php echo build_port_info($protoinfo['dstports'], $proto); ?>"><?php echo count($protoinfo['dstports']); ?></span></td>
181			</tr>
182
183	9d71da81	jim-p	<?php } ?>
184	38af78d8	sbeaver	</tbody>
185	9d71da81	jim-p
186	38af78d8	sbeaver	</table> <!-- e-o-innter table -->
187			</td>
188			</tr>
189			<?php } ?>
190			</tbody>
191			</table>
192			</div>
193			</div>
194	9d71da81	jim-p
195	3e6ec5df	Renato Botelho	<?php
196	63284430	jim-p	}
197	c1613ade	jim-p
198	e99a1c28	Rafaellucas	$pgtitle = array(gettext("Diagnostics"),gettext("State Table Summary"));
199	63284430	jim-p	require_once("guiconfig.inc");
200			include("head.inc");
201	38af78d8	sbeaver	echo "";
202	63284430	jim-p	include("fbegin.inc");
203	c1613ade	jim-p
204	38af78d8	sbeaver	?>
205			<div class="panel panel-default">
206	c1613ade	jim-p
207	38af78d8	sbeaver	<?php
208			print_summary_table(gettext("By Source IP"), $srcipinfo);
209			print_summary_table(gettext("By Destination IP"), $dstipinfo);
210			print_summary_table(gettext("Total per IP"), $allipinfo);
211			print_summary_table(gettext("By IP Pair"), $pairipinfo, FALSE);
212	63284430	jim-p	?>
213	c1613ade	jim-p
214	38af78d8	sbeaver	</div>
215
216			<?php
217			include("foot.inc");
218			?>

Project

General

Profile

pfSense