/usr/local/www/diag_dump_states.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/diag_dump_states.php @ af5d93f6

1	92cc7528	Scott Ullrich	<?php
2			/*
3	a09d815a	Scott Ullrich	diag_dump_states.php
4	13d193c2	Scott Ullrich	Copyright (C) 2005 Colin Smith
5	29aef6c4	Jim Thompson	Copyright (C) 2005-2009 Scott Ullrich
6	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
7	a09d815a	Scott Ullrich	All rights reserved.
8
9			Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11
12			1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14
15			2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18
19			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29	92cc7528	Scott Ullrich	*/
30
31	13d193c2	Scott Ullrich	/*
32	032d7999	jim-p	pfSense_BUILDER_BINARIES: /sbin/pfctl
33	13d193c2	Scott Ullrich	pfSense_MODULE: filter
34			*/
35
36	6b07c15a	Matthew Grooms	##\|+PRIV
37			##\|*IDENT=page-diagnostics-showstates
38			##\|*NAME=Diagnostics: Show States page
39			##\|*DESCR=Allow access to the 'Diagnostics: Show States' page.
40			##\|MATCH=diag_dump_states.php
41			##\|-PRIV
42
43	92cc7528	Scott Ullrich	require_once("guiconfig.inc");
44	5344099a	jim-p	require_once("interfaces.inc");
45	92cc7528	Scott Ullrich
46	a09d815a	Scott Ullrich	/* handle AJAX operations */
47	5f601060	Phil Davis	if (isset($_POST['action']) && $_POST['action'] == "remove") {
48	ac5934df	Renato Botelho	if (isset($_POST['srcip']) && isset($_POST['dstip']) && is_ipaddr($_POST['srcip']) && is_ipaddr($_POST['dstip'])) {
49	e6283dfd	Ermal LUÇI	$retval = pfSense_kill_states($_POST['srcip'], $_POST['dstip']);
50			echo htmlentities("\|{$_POST['srcip']}\|{$_POST['dstip']}\|0\|");
51	ac5934df	Renato Botelho	} else {
52			echo gettext("invalid input");
53	a09d815a	Scott Ullrich	}
54	ac5934df	Renato Botelho	return;
55	a09d815a	Scott Ullrich	}
56
57	ac5934df	Renato Botelho	if (isset($_POST['filter']) && isset($_POST['killfilter'])) {
58			if (is_ipaddr($_POST['filter'])) {
59	e6283dfd	Ermal LUÇI	$tokill = $_POST['filter'] . "/32";
60	ac5934df	Renato Botelho	} elseif (is_subnet($_POST['filter'])) {
61	e6283dfd	Ermal LUÇI	$tokill = $_POST['filter'];
62	5344099a	jim-p	} else {
63			// Invalid filter
64			$tokill = "";
65			}
66			if (!empty($tokill)) {
67	e6283dfd	Ermal LUÇI	$retval = pfSense_kill_states($tokill);
68			$retval = pfSense_kill_states("0.0.0.0/0", $tokill);
69	c0ee2a01	jim-p	}
70			}
71
72	9733b7bb	Vinicius Coque	$pgtitle = array(gettext("Diagnostics"),gettext("Show States"));
73	e8d93059	Bill Marquette	include("head.inc");
74
75	92cc7528	Scott Ullrich	?>
76
77	a09d815a	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?=$jsevents["body"]["onload"];?>">
78	ca77763b	Scott Ullrich	<?php include("fbegin.inc"); ?>
79	a09d815a	Scott Ullrich
80			<script type="text/javascript">
81	a2b16c0c	Colin Fleming	//<![CDATA[
82	a09d815a	Scott Ullrich	function removeState(srcip, dstip) {
83	e03ef9a0	Vinicius Coque	var busy = function(index,icon) {
84			jQuery(icon).bind("onclick","");
85			jQuery(icon).attr('src',jQuery(icon).attr('src').replace("\.gif", "_d.gif"));
86			jQuery(icon).css("cursor","wait");
87	a09d815a	Scott Ullrich	}
88
89	e03ef9a0	Vinicius Coque	jQuery('img[name="i:' + srcip + ":" + dstip + '"]').each(busy);
90	a09d815a	Scott Ullrich
91	e03ef9a0	Vinicius Coque	jQuery.ajax(
92	ac5934df	Renato Botelho	"<?=$_SERVER['SCRIPT_NAME'];?>",
93			{
94			type: "post",
95			data: {
96			action: "remove",
97			srcip: srcip,
98			dstip: dstip
99			},
100			complete: removeComplete
101			}
102	a09d815a	Scott Ullrich	);
103			}
104
105			function removeComplete(req) {
106			var values = req.responseText.split("\|");
107	5f601060	Phil Davis	if (values[3] != "0") {
108	30f302f9	Scott Ullrich	alert('<?=gettext("An error occurred.");?>');
109	a09d815a	Scott Ullrich	return;
110			}
111
112	df13b077	jim-p	jQuery('tr[id="r:' + values[1] + ":" + values[2] + '"]').each(
113	e03ef9a0	Vinicius Coque	function(index,row) { jQuery(row).fadeOut(1000); }
114	a09d815a	Scott Ullrich	);
115			}
116	a2b16c0c	Colin Fleming	//]]>
117	a09d815a	Scott Ullrich	</script>
118
119	a2b16c0c	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="tabcon">
120	a09d815a	Scott Ullrich	<tr>
121			<td>
122			<?php
123	f4c2d976	jim-p	$tab_array = array();
124			$tab_array[] = array(gettext("States"), true, "diag_dump_states.php");
125	5f601060	Phil Davis	if (isset($config['system']['lb_use_sticky'])) {
126	f4c2d976	jim-p	$tab_array[] = array(gettext("Source Tracking"), false, "diag_dump_states_sources.php");
127	5f601060	Phil Davis	}
128	f4c2d976	jim-p	$tab_array[] = array(gettext("Reset States"), false, "diag_resetstate.php");
129	a09d815a	Scott Ullrich	display_top_tabs($tab_array);
130			?>
131			</td>
132			</tr>
133			<tr>
134			<td>
135			<div id="mainarea">
136
137			<!-- Start of tab content -->
138
139	b4031ab6	Scott Ullrich	<?php
140			$current_statecount=`pfctl -si \| grep "current entries" \| awk '{ print $3 }'`;
141			?>
142
143	a2b16c0c	Colin Fleming	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="states">
144	a09d815a	Scott Ullrich	<tr>
145			<td>
146	ac5934df	Renato Botelho	<form action="<?=$_SERVER['SCRIPT_NAME'];?>" method="post" name="iform">
147	a2b16c0c	Colin Fleming	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="filter">
148	ba6d49ff	Scott Ullrich	<tr>
149	c0ee2a01	jim-p	<td>
150	032d7999	jim-p	<?=gettext("Current total state count");?>: <?= $current_statecount ?>
151	c0ee2a01	jim-p	</td>
152	a09d815a	Scott Ullrich	<td style="font-weight:bold;" align="right">
153	673ee314	Carlos Eduardo Ramos	<?=gettext("Filter expression:");?>
154	ac5934df	Renato Botelho	<input type="text" name="filter" class="formfld search" value="<?=htmlspecialchars($_POST['filter']);?>" size="30" />
155	a09d815a	Scott Ullrich	<input type="submit" class="formbtn" value="<?=gettext("Filter");?>" />
156	ac5934df	Renato Botelho	<?php if (isset($_POST['filter']) && (is_ipaddr($_POST['filter']) \|\| is_subnet($_POST['filter']))): ?>
157	c0ee2a01	jim-p	<input type="submit" class="formbtn" name="killfilter" value="<?=gettext("Kill");?>" />
158			<?php endif; ?>
159	140ed85e	Renato Botelho	</td>
160	a09d815a	Scott Ullrich	</tr>
161			</table>
162			</form>
163			</td>
164			</tr>
165			<tr>
166			<td>
167	a2b16c0c	Colin Fleming	<table class="tabcont sortable" width="100%" border="0" cellspacing="0" cellpadding="0" summary="results">
168	5b3f9124	jim-p	<thead>
169	a09d815a	Scott Ullrich	<tr>
170	5344099a	jim-p	<th class="listhdrr" width="5%"><?=gettext("Int");?></th>
171			<th class="listhdrr" width="5%"><?=gettext("Proto");?></th>
172	5b3f9124	jim-p	<th class="listhdrr" width="65"><?=gettext("Source -> Router -> Destination");?></th>
173			<th class="listhdr" width="24%"><?=gettext("State");?></th>
174	79633b6c	Evgeny Yurchenko	<th class="list sort_ignore" width="1%"></th>
175	ba6d49ff	Scott Ullrich	</tr>
176	5b3f9124	jim-p	</thead>
177			<tbody>
178	92cc7528	Scott Ullrich	<?php
179	a09d815a	Scott Ullrich	$row = 0;
180	032d7999	jim-p	/* get our states */
181	ac5934df	Renato Botelho	$grepline = (isset($_POST['filter'])) ? "\| /usr/bin/egrep " . escapeshellarg(htmlspecialchars($_POST['filter'])) : "";
182	032d7999	jim-p	$fd = popen("/sbin/pfctl -s state {$grepline}", "r" );
183			while ($line = chop(fgets($fd))) {
184	5f601060	Phil Davis	if ($row >= 10000) {
185	032d7999	jim-p	break;
186	5f601060	Phil Davis	}
187	032d7999	jim-p
188			$line_split = preg_split("/\s+/", $line);
189	5344099a	jim-p
190			$iface = array_shift($line_split);
191	032d7999	jim-p	$proto = array_shift($line_split);
192			$state = array_pop($line_split);
193			$info = implode(" ", $line_split);
194
195	5344099a	jim-p	// We may want to make this optional, with a large state table, this could get to be expensive.
196			$iface = convert_real_interface_to_friendly_descr($iface);
197
198	032d7999	jim-p	/* break up info and extract $srcip and $dstip */
199			$ends = preg_split("/\<?-\>?/", $info);
200			$parts = explode(":", $ends[0]);
201			$srcip = trim($parts[0]);
202			$parts = explode(":", $ends[count($ends) - 1]);
203			$dstip = trim($parts[0]);
204
205			?>
206	df13b077	jim-p	<tr valign="top" id="r:<?= $srcip ?>:<?= $dstip ?>">
207	5f601060	Phil Davis	<td class="listlr"><?= $iface ?></td>
208			<td class="listr"><?= $proto ?></td>
209			<td class="listr"><?= $info ?></td>
210			<td class="listr"><?= $state ?></td>
211			<td class="list">
212			<img src="/themes/<?= $g['theme'] ?>/images/icons/icon_x.gif" height="17" width="17" border="0"
213			onclick="removeState('<?= $srcip ?>', '<?= $dstip ?>');" style="cursor:pointer;"
214			name="i:<?= $srcip ?>:<?= $dstip ?>"
215			title="<?= gettext('Remove all state entries from') ?> <?= $srcip ?> <?= gettext('to') ?> <?= $dstip ?>" alt="" />
216			</td>
217	032d7999	jim-p	</tr>
218			<?php
219			$row++;
220			ob_flush();
221	a09d815a	Scott Ullrich	}
222	032d7999	jim-p
223			if ($row == 0): ?>
224			<tr>
225			<td class="list" colspan="4" align="center" valign="top">
226			<?= gettext("No states were found.") ?>
227			</td>
228			</tr>
229	5f601060	Phil Davis	<?php
230			endif;
231	032d7999	jim-p	pclose($fd);
232	92cc7528	Scott Ullrich	?>
233	5b3f9124	jim-p	</tbody>
234	a09d815a	Scott Ullrich	</table>
235			</td>
236			</tr>
237	032d7999	jim-p	<tr>
238			<td class="list" colspan="4" align="center" valign="top">
239	ac5934df	Renato Botelho	<?php if (isset($_POST['filter']) && !empty($_POST['filter'])): ?>
240	032d7999	jim-p	<?=gettext("States matching current filter")?>: <?= $row ?>
241			<?php endif; ?>
242			</td>
243			</tr>
244	92cc7528	Scott Ullrich	</table>
245	a09d815a	Scott Ullrich
246			<!-- End of tab content -->
247
248			</div>
249			</td>
250			</tr>
251	92cc7528	Scott Ullrich	</table>
252	1f97829e	Scott Ullrich
253	a09d815a	Scott Ullrich	<?php require("fend.inc"); ?>
254	92cc7528	Scott Ullrich	</body>
255			</html>

Project

General

Profile

pfSense