Project

General

Profile

Download (8.2 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
 * diag_tables.php
4
 *
5
 * part of pfSense (https://www.pfsense.org)
6
 * Copyright (c) 2004-2013 BSD Perimeter
7
 * Copyright (c) 2013-2016 Electric Sheep Fencing
8
 * Copyright (c) 2014-2020 Rubicon Communications, LLC (Netgate)
9
 * All rights reserved.
10
 *
11
 * Licensed under the Apache License, Version 2.0 (the "License");
12
 * you may not use this file except in compliance with the License.
13
 * You may obtain a copy of the License at
14
 *
15
 * http://www.apache.org/licenses/LICENSE-2.0
16
 *
17
 * Unless required by applicable law or agreed to in writing, software
18
 * distributed under the License is distributed on an "AS IS" BASIS,
19
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20
 * See the License for the specific language governing permissions and
21
 * limitations under the License.
22
 */
23

    
24
##|+PRIV
25
##|*IDENT=page-diagnostics-tables
26
##|*NAME=Diagnostics: pf Table IP addresses
27
##|*DESCR=Allow access to the 'Diagnostics: Tables' page.
28
##|*MATCH=diag_tables.php*
29
##|-PRIV
30

    
31
$pgtitle = array(gettext("Diagnostics"), gettext("Tables"));
32
$shortcut_section = "aliases";
33

    
34
require_once("guiconfig.inc");
35

    
36
exec("/sbin/pfctl -sT", $tables);
37

    
38
// Set default table
39
$tablename = "sshguard";
40

    
41
if ($_REQUEST['type'] && in_array($_REQUEST['type'], $tables)) {
42
	$tablename = $_REQUEST['type'];
43
} else {
44
	/* Invalid 'type' passed, do not take any actions that use the 'type' field. */
45
	unset($_REQUEST['type']);
46
	$_REQUEST['delete'];
47
}
48

    
49
// Gather selected alias metadata.
50
if (isset($config['aliases']['alias'])) {
51
	foreach ($config['aliases']['alias'] as $alias) {
52
		if ( $alias['name'] == $tablename ) {
53
			$tmp = array();
54
			$tmp['type'] = $alias['type'];
55
			$tmp['name'] = $alias['name'];
56
			$tmp['url']  = $alias['url'];
57
			$tmp['freq'] = $alias['updatefreq'];
58
			break;
59
		}
60
	}
61
}
62

    
63
# Determine if selected alias is either a bogons or URL table.
64
if (($tablename == "bogons") || ($tablename == "bogonsv6")) {
65
	$bogons = true;
66
} else if (preg_match('/urltable/i', $tmp['type'])) {
67
	$urltable = true;
68
} else {
69
	$bogons = $urltable = false;
70
}
71

    
72
if ($_REQUEST['delete']) {
73
	if (is_ipaddr($_REQUEST['delete']) || is_subnet($_REQUEST['delete'])) {
74
		exec("/sbin/pfctl -t " . escapeshellarg($_REQUEST['type']) . " -T delete " . escapeshellarg($_REQUEST['delete']), $delete);
75
		echo htmlentities($_REQUEST['delete']);
76
	}
77
	exit;
78
}
79

    
80
if ($_POST['clearall']) {
81
	$entries = array();
82
	exec("/sbin/pfctl -t " . escapeshellarg($tablename) . " -T show", $entries);
83
	if (is_array($entries)) {
84
		foreach ($entries as $entryA) {
85
			$entry = trim($entryA);
86
			exec("/sbin/pfctl -t " . escapeshellarg($tablename) . " -T delete " . escapeshellarg($entry), $delete);
87
		}
88
	}
89
	unset($entries);
90
}
91

    
92
if ($_POST['Download'] && ($bogons || $urltable)) {
93

    
94
	if ($bogons) {				// If selected table is either bogons or bogonsv6.
95
		$mwexec_bg_cmd = '/etc/rc.update_bogons.sh now';
96
		$table_type = 'bogons';
97
		$db_name = 'bogons';
98
	} else if ($urltable) {		//  If selected table is a URL table alias.
99
		$mwexec_bg_cmd = '/etc/rc.update_urltables now forceupdate ' . $tablename;
100
		$table_type = 'urltables';
101
		$db_name = $tablename;
102
	}
103

    
104
	mwexec_bg($mwexec_bg_cmd);
105
	$maxtimetowait = 0;
106
	$loading = true;
107
	while ($loading == true) {
108
		$isrunning = `/bin/ps awwwux | /usr/bin/grep -v grep | /usr/bin/grep $table_type`;
109
		if ($isrunning == "") {
110
			$loading = false;
111
		}
112
		$maxtimetowait++;
113
		if ($maxtimetowait > 89) {
114
			$loading = false;
115
		}
116
		sleep(1);
117
	}
118
	if ($maxtimetowait < 90) {
119
		$savemsg = sprintf(gettext("The %s file contents have been updated."), $db_name);
120
	}
121
}
122

    
123
$entries = array();
124
exec("/sbin/pfctl -t " . escapeshellarg($tablename) . " -T show", $entries);
125

    
126
include("head.inc");
127

    
128
if ($savemsg) {
129
	print_info_box($savemsg, 'success');
130
}
131

    
132
if ($tablename == "sshguard") {
133
	$displayname = gettext("SSH and GUI Lockout Table");
134
} else {
135
	$displayname = sprintf(gettext("%s Table"), ucfirst($tablename));
136
}
137

    
138
$form = new Form(false);
139

    
140
$section = new Form_Section('Table to Display');
141
$group = new Form_Group("Table");
142

    
143
$group->add(new Form_Select(
144
	'type',
145
	null,
146
	$tablename,
147
	array_combine($tables, $tables)
148
))->setHelp('Select a user-defined alias name or system table name to view its contents. %s' .
149
	'Aliases become Tables when loaded into the active firewall ruleset. ' .
150
	'The contents displayed on this page reflect the current addresses inside tables used by the firewall.', '<br/><br/>');
151

    
152
if ($bogons || $urltable || !empty($entries)) {
153
	if ($bogons || $urltable) {
154
		$group->add(new Form_Button(
155
			'Download',
156
			'Update',
157
			null,
158
			'fa-refresh'
159
		))->addClass('btn-success btn-sm');
160
	} elseif (!empty($entries)) {
161
		$group->add(new Form_Button(
162
			'clearall',
163
			'Empty Table',
164
			null,
165
			'fa-trash'
166
		))->addClass('btn-danger btn-sm');
167
	}
168
}
169

    
170
$section->add($group);
171
$form->add($section);
172
print $form;
173

    
174
if ($bogons || $urltable || !empty($entries)) {
175
?>
176
<div>
177
	<div class="infoblock blockopen">
178
<?php
179
	if ($bogons) {
180
		$table_file = '/etc/' . escapeshellarg($tablename);
181
	} else if ($urltable) {
182
		$table_file = '/var/db/aliastables/' . escapeshellarg($tablename) . '.txt';
183
	} else {
184
		$table_file = '';
185
	}
186

    
187
	$datestrregex = '(Mon|Tue|Wed|Thu|Fri|Sat|Sun).* GMT';
188
	$datelineregex = 'last.*' . $datestrregex;
189

    
190
	$last_updated = exec('/usr/bin/grep -i -m 1 -E "^# ' . $datelineregex . '" ' . $table_file . '|/usr/bin/grep -i -m 1 -E -o "' . $datestrregex . '"');
191

    
192
	if ($last_updated != "") {
193
		$last_update_msg = sprintf(gettext("Table last updated on %s."), $last_updated);
194
	} else {
195
		$last_update_msg = gettext("Date of last update of table is unknown.");
196
	}
197

    
198
	$records_count_msg = sprintf(gettext("%s records."), number_format(count($entries), 0, gettext("."), gettext(",")));
199

    
200
	# Display up to 10 comment lines (lines that begin with '#').
201
	unset($comment_lines);
202
	$res = exec('/usr/bin/grep -i -m 10 -E "^#" ' . $table_file, $comment_lines);
203

    
204
	foreach ($comment_lines as $comment_line) {
205
		$table_comments .= "$comment_line" . "<br />";
206
	}
207

    
208
	if ($table_comments) {
209
		print_info_box($last_update_msg . " &nbsp; &nbsp; " . $records_count_msg . "<br />" .
210
		'<span style="display:none" class="infoblock">' . ' ' . gettext("Hide table comments.") . '<br />' . $table_comments . '</span>' .
211
		'<span style="display:none"   id="showtblcom">' . ' ' . gettext("Show table comments.") . '</span>' .
212
		'' , 'info', false);
213
	} else {
214
		print_info_box($last_update_msg . "&nbsp; &nbsp; " . $records_count_msg, 'info', false);
215
	}
216
?>
217
	</div>
218
</div>
219
<?php
220
}
221
?>
222

    
223
<script type="text/javascript">
224
//<![CDATA[
225
events.push(function() {
226

    
227
	$('#showtblcom').show();
228

    
229
	$('[id^="showinfo1"]').click(function() {
230
			$('#showtblcom').toggle();
231
	});
232

    
233
	$('a[data-entry]').on('click', function() {
234
		var el = $(this);
235

    
236
		$.ajax(
237
			'/diag_tables.php',
238
			{
239
				type: 'post',
240
				data: {
241
					type: '<?=htmlspecialchars(addslashes($tablename))?>',
242
					delete: $(this).data('entry')
243
				},
244
				success: function() {
245
					el.parents('tr').remove();
246
				},
247
		});
248
	});
249

    
250
	// Auto-submit the form on table selector change
251
	$('#type').on('change', function() {
252
        $('form').submit();
253
    });
254
});
255
//]]>
256
</script>
257

    
258
<?php
259
if (empty($entries)) {
260
	print_info_box(gettext("No entries exist in this table."), 'warning', false);
261
} else {
262
?>
263
<div class="panel panel-default">
264
	<div class="panel-heading"><h2 class="panel-title"><?=$displayname?></h2></div>
265
	<div class="panel-body">
266
		<div class="table-responsive">
267
			<table class="table table-striped table-hover table-condensed">
268
				<thead>
269
					<tr>
270
						<th><?=gettext("IP Address")?></th>
271
						<th></th>
272
					</tr>
273
				</thead>
274
				<tbody>
275
<?php
276
		// This is a band-aid for a yet to be root caused performance issue with large tables.  Suspected is css and/or sorting.
277
 		if (count($entries) > 3000) {
278
			print "<tr><td colspan='2'><pre>";
279
			foreach ($entries as $entry) {
280
				$entry = trim($entry);
281
					print $entry . "\n";
282
			}
283
			print "</pre></td></tr>";
284
		} else {
285
?>
286
<?php
287
		foreach ($entries as $entry):
288
			$entry = trim($entry);
289
?>
290
					<tr>
291
						<td>
292
							<?=$entry?>
293
						</td>
294
						<td>
295
							<?php if (!$bogons && !$urltable): ?>
296
								<a style="cursor: pointer;" data-entry="<?=htmlspecialchars($entry)?>">
297
									<i class="fa fa-trash" title="<?= gettext("Remove this entry") ?>"></i>
298
								</a>
299
							<?php endif ?>
300
						</td>
301
					</tr>
302
<?php endforeach ?>
303
<?php } ?>
304
				</tbody>
305
			</table>
306
		</div>
307
	</div>
308
</div>
309

    
310
<?php
311
}
312

    
313
include("foot.inc");
(33-33/230)