Project

General

Profile

Download (8.17 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
 * diag_tables.php
4
 *
5
 * part of pfSense (https://www.pfsense.org)
6
 * Copyright (c) 2004-2013 BSD Perimeter
7
 * Copyright (c) 2013-2016 Electric Sheep Fencing
8
 * Copyright (c) 2014-2024 Rubicon Communications, LLC (Netgate)
9
 * All rights reserved.
10
 *
11
 * Licensed under the Apache License, Version 2.0 (the "License");
12
 * you may not use this file except in compliance with the License.
13
 * You may obtain a copy of the License at
14
 *
15
 * http://www.apache.org/licenses/LICENSE-2.0
16
 *
17
 * Unless required by applicable law or agreed to in writing, software
18
 * distributed under the License is distributed on an "AS IS" BASIS,
19
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20
 * See the License for the specific language governing permissions and
21
 * limitations under the License.
22
 */
23

    
24
##|+PRIV
25
##|*IDENT=page-diagnostics-tables
26
##|*NAME=Diagnostics: pf Table IP addresses
27
##|*DESCR=Allow access to the 'Diagnostics: Tables' page.
28
##|*MATCH=diag_tables.php*
29
##|-PRIV
30

    
31
$pgtitle = array(gettext("Diagnostics"), gettext("Tables"));
32
$shortcut_section = "aliases";
33

    
34
require_once("guiconfig.inc");
35

    
36
exec("/sbin/pfctl -sT", $tables);
37

    
38
// Set default table
39
$tablename = "sshguard";
40

    
41
if ($_REQUEST['type'] && in_array($_REQUEST['type'], $tables)) {
42
	$tablename = $_REQUEST['type'];
43
} else {
44
	/* Invalid 'type' passed, do not take any actions that use the 'type' field. */
45
	unset($_REQUEST['type']);
46
}
47

    
48
// Gather selected alias metadata.
49
foreach (config_get_path('aliases/alias', []) as $alias) {
50
	if ( $alias['name'] == $tablename ) {
51
		$tmp = array();
52
		$tmp['type'] = $alias['type'];
53
		$tmp['name'] = $alias['name'];
54
		$tmp['url']  = $alias['url'];
55
		$tmp['freq'] = $alias['updatefreq'];
56
		break;
57
	}
58
}
59

    
60
# Determine if selected alias is either a bogons or URL table.
61
if (($tablename == "bogons") || ($tablename == "bogonsv6")) {
62
	$bogons = true;
63
} else if (preg_match('/urltable/i', $tmp['type'])) {
64
	$urltable = true;
65
} else {
66
	$bogons = $urltable = false;
67
}
68

    
69
if ($_REQUEST['delete']) {
70
	if (is_ipaddr($_REQUEST['delete']) || is_subnet($_REQUEST['delete'])) {
71
		exec("/sbin/pfctl -t " . escapeshellarg($_REQUEST['type']) . " -T delete " . escapeshellarg($_REQUEST['delete']), $delete);
72
		echo htmlentities($_REQUEST['delete']);
73
	}
74
	exit;
75
}
76

    
77
if ($_POST['clearall']) {
78
	$entries = array();
79
	exec("/sbin/pfctl -t " . escapeshellarg($tablename) . " -T show", $entries);
80
	if (is_array($entries)) {
81
		foreach ($entries as $entryA) {
82
			$entry = trim($entryA);
83
			exec("/sbin/pfctl -t " . escapeshellarg($tablename) . " -T delete " . escapeshellarg($entry), $delete);
84
		}
85
	}
86
	unset($entries);
87
}
88

    
89
if ($_POST['Download'] && ($bogons || $urltable)) {
90

    
91
	if ($bogons) {				// If selected table is either bogons or bogonsv6.
92
		$mwexec_bg_cmd = '/etc/rc.update_bogons.sh now';
93
		$table_type = 'bogons';
94
		$db_name = 'bogons';
95
	} else if ($urltable) {		//  If selected table is a URL table alias.
96
		$mwexec_bg_cmd = '/etc/rc.update_urltables now forceupdate ' . $tablename;
97
		$table_type = 'urltables';
98
		$db_name = $tablename;
99
	}
100

    
101
	mwexec_bg($mwexec_bg_cmd);
102
	$maxtimetowait = 0;
103
	$loading = true;
104
	while ($loading == true) {
105
		$isrunning = `/bin/ps awwwux | /usr/bin/grep -v grep | /usr/bin/grep $table_type`;
106
		if ($isrunning == "") {
107
			$loading = false;
108
		}
109
		$maxtimetowait++;
110
		if ($maxtimetowait > 89) {
111
			$loading = false;
112
		}
113
		sleep(1);
114
	}
115
	if ($maxtimetowait < 90) {
116
		$savemsg = sprintf(gettext("The %s file contents have been updated."), $db_name);
117
	}
118
}
119

    
120
$entries = array();
121
exec("/sbin/pfctl -t " . escapeshellarg($tablename) . " -T show", $entries);
122

    
123
include("head.inc");
124

    
125
if ($savemsg) {
126
	print_info_box($savemsg, 'success');
127
}
128

    
129
if ($tablename == "sshguard") {
130
	$displayname = gettext("SSH and GUI Lockout Table");
131
} else {
132
	$displayname = sprintf(gettext("%s Table"), ucfirst($tablename));
133
}
134

    
135
$form = new Form(false);
136

    
137
$section = new Form_Section('Table to Display');
138
$group = new Form_Group("Table");
139

    
140
$group->add(new Form_Select(
141
	'type',
142
	null,
143
	$tablename,
144
	array_combine($tables, $tables)
145
))->setHelp('Select a user-defined alias name or system table name to view its contents. %s' .
146
	'Aliases become Tables when loaded into the active firewall ruleset. ' .
147
	'The contents displayed on this page reflect the current addresses inside tables used by the firewall.', '<br/><br/>');
148

    
149
if ($bogons || $urltable || !empty($entries)) {
150
	if ($bogons || $urltable) {
151
		$group->add(new Form_Button(
152
			'Download',
153
			'Update',
154
			null,
155
			'fa-solid fa-arrows-rotate'
156
		))->addClass('btn-success btn-sm');
157
	} elseif (!empty($entries)) {
158
		$group->add(new Form_Button(
159
			'clearall',
160
			'Empty Table',
161
			null,
162
			'fa-solid fa-trash-can'
163
		))->addClass('btn-danger btn-sm');
164
	}
165
}
166

    
167
$section->add($group);
168
$form->add($section);
169
print $form;
170

    
171
if ($bogons || $urltable || !empty($entries)) {
172
?>
173
<div>
174
	<div class="infoblock blockopen">
175
<?php
176
	if ($bogons) {
177
		$table_file = '/etc/' . escapeshellarg($tablename);
178
	} else if ($urltable) {
179
		$table_file = '/var/db/aliastables/' . escapeshellarg($tablename) . '.txt';
180
	} else {
181
		$table_file = '';
182
	}
183

    
184
	$datestrregex = '(Mon|Tue|Wed|Thu|Fri|Sat|Sun).* GMT';
185
	$datelineregex = 'last.*' . $datestrregex;
186

    
187
	$last_updated = exec('/usr/bin/grep -i -m 1 -E "^# ' . $datelineregex . '" ' . $table_file . '|/usr/bin/grep -i -m 1 -E -o "' . $datestrregex . '"');
188

    
189
	if ($last_updated != "") {
190
		$last_update_msg = sprintf(gettext("Table last updated on %s."), $last_updated);
191
	} else {
192
		$last_update_msg = gettext("Date of last update of table is unknown.");
193
	}
194

    
195
	$records_count_msg = sprintf(gettext("%s records."), number_format(count($entries), 0, gettext("."), gettext(",")));
196

    
197
	# Display up to 10 comment lines (lines that begin with '#').
198
	unset($comment_lines);
199
	$res = exec('/usr/bin/grep -i -m 10 -E "^#" ' . $table_file, $comment_lines);
200

    
201
	foreach ($comment_lines as $comment_line) {
202
		$table_comments .= "$comment_line" . "<br />";
203
	}
204

    
205
	if ($table_comments) {
206
		print_info_box($last_update_msg . " &nbsp; &nbsp; " . $records_count_msg . "<br />" .
207
		'<span style="display:none" class="infoblock">' . ' ' . gettext("Hide table comments.") . '<br />' . $table_comments . '</span>' .
208
		'<span style="display:none"   id="showtblcom">' . ' ' . gettext("Show table comments.") . '</span>' .
209
		'' , 'info', false);
210
	} else {
211
		print_info_box($last_update_msg . "&nbsp; &nbsp; " . $records_count_msg, 'info', false);
212
	}
213
?>
214
	</div>
215
</div>
216
<?php
217
}
218
?>
219

    
220
<script type="text/javascript">
221
//<![CDATA[
222
events.push(function() {
223

    
224
	$('#showtblcom').show();
225

    
226
	$('[id^="showinfo1"]').click(function() {
227
			$('#showtblcom').toggle();
228
	});
229

    
230
	$('a[data-entry]').on('click', function() {
231
		var el = $(this);
232

    
233
		$.ajax(
234
			'/diag_tables.php',
235
			{
236
				type: 'post',
237
				data: {
238
					type: '<?=htmlspecialchars(addslashes($tablename))?>',
239
					delete: $(this).data('entry')
240
				},
241
				success: function() {
242
					el.parents('tr').remove();
243
				},
244
		});
245
	});
246

    
247
	// Auto-submit the form on table selector change
248
	$('#type').on('change', function() {
249
        $('form').submit();
250
    });
251
});
252
//]]>
253
</script>
254

    
255
<?php
256
if (empty($entries)) {
257
	print_info_box(gettext("No entries exist in this table."), 'warning', false);
258
} else {
259
?>
260
<div class="panel panel-default">
261
	<div class="panel-heading"><h2 class="panel-title"><?=$displayname?></h2></div>
262
	<div class="panel-body">
263
		<div class="table-responsive">
264
			<table class="table table-striped table-hover table-condensed">
265
				<thead>
266
					<tr>
267
						<th><?=gettext("IP Address")?></th>
268
						<th></th>
269
					</tr>
270
				</thead>
271
				<tbody>
272
<?php
273
		// This is a band-aid for a yet to be root caused performance issue with large tables.  Suspected is css and/or sorting.
274
 		if (count($entries) > 3000) {
275
			print "<tr><td colspan='2'><pre>";
276
			foreach ($entries as $entry) {
277
				$entry = trim($entry);
278
					print $entry . "\n";
279
			}
280
			print "</pre></td></tr>";
281
		} else {
282
?>
283
<?php
284
		foreach ($entries as $entry):
285
			$entry = trim($entry);
286
?>
287
					<tr>
288
						<td>
289
							<?=$entry?>
290
						</td>
291
						<td>
292
							<?php if (!$bogons && !$urltable): ?>
293
								<a style="cursor: pointer;" data-entry="<?=htmlspecialchars($entry)?>">
294
									<i class="fa-solid fa-trash-can" title="<?= gettext("Remove this entry") ?>"></i>
295
								</a>
296
							<?php endif ?>
297
						</td>
298
					</tr>
299
<?php endforeach ?>
300
<?php } ?>
301
				</tbody>
302
			</table>
303
		</div>
304
	</div>
305
</div>
306

    
307
<?php
308
}
309

    
310
include("foot.inc");
(34-34/232)