Révision 481b97b0
Ajouté par jim-p il y a presque 10 ans
etc/inc/filter_log.inc | ||
---|---|---|
209 | 209 |
return ':' . $portstr; |
210 | 210 |
} |
211 | 211 |
|
212 |
function find_rule_by_number($rulenum, $type="rules") {
|
|
212 |
function find_rule_by_number($rulenum, $trackernum, $type="block") {
|
|
213 | 213 |
global $g; |
214 | 214 |
|
215 | 215 |
/* Passing arbitrary input to grep could be a Very Bad Thing(tm) */ |
216 |
if (!(is_numeric($rulenum)))
|
|
216 |
if (!is_numeric($rulenum) || !is_numeric($trackernum) || !in_array($type, array('pass', 'block', 'match', 'rdr')))
|
|
217 | 217 |
return; |
218 |
|
|
219 |
if ($trackernum == "0") |
|
220 |
$lookup_pattern = "^@{$rulenum}\([0-9]+\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]"; |
|
221 |
else |
|
222 |
$lookup_pattern = "^@[0-9]+\({$trackernum}\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]"; |
|
223 |
|
|
218 | 224 |
/* At the moment, miniupnpd is the only thing I know of that |
219 | 225 |
generates logging rdr rules */ |
220 | 226 |
unset($buffer); |
221 | 227 |
if ($type == "rdr") |
222 |
$_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | grep '^@'", $buffer);
|
|
228 |
$_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | grep " . escapeshellarg("^@{$rulenum}"), $buffer);
|
|
223 | 229 |
else { |
224 | 230 |
if (file_exists("{$g['tmp_path']}/rules.debug")) |
225 |
$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg("^@{$rulenum} {$type}"), $buffer);
|
|
231 |
$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer);
|
|
226 | 232 |
else |
227 |
$_gb = exec("/sbin/pfctl -vvPsr | grep " . escapeshellarg("^@{$rulenum}"), $buffer);
|
|
233 |
$_gb = exec("/sbin/pfctl -vvPsr | grep " . escapeshellarg($lookup_pattern), $buffer);
|
|
228 | 234 |
} |
229 | 235 |
if (is_array($buffer)) |
230 | 236 |
return $buffer[0]; |
... | ... | |
248 | 254 |
} |
249 | 255 |
unset($buffer, $_gb); |
250 | 256 |
if (file_exists("{$g['tmp_path']}/rules.debug")) |
251 |
$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+ ' | /usr/bin/egrep -v '^@[0-9]+ (nat|rdr|binat|no|scrub)'", $buffer);
|
|
257 |
$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]' | /usr/bin/egrep -v '^@[0-9]+\([0-9]+\)[[:space:]](nat|rdr|binat|no|scrub)'", $buffer);
|
|
252 | 258 |
else |
253 |
$_gb = exec("/sbin/pfctl -vvPsr | grep '^@'", $buffer); |
|
259 |
$_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]'", $buffer); |
|
260 |
|
|
254 | 261 |
if (is_array($buffer)) { |
255 | 262 |
foreach ($buffer as $line) { |
256 | 263 |
list($key, $value) = explode (" ", $line, 2); |
264 |
# pfctl rule number output with tracker number: @dd(dddddddddd) |
|
265 |
$matches = array(); |
|
266 |
if (preg_match('/\@(?P<rulenum>\d+)\((?<trackernum>\d+)\)/', $key, $matches) == 1) { |
|
267 |
if ($matches['trackernum'] > 0) |
|
268 |
$key = $matches['trackernum']; |
|
269 |
else |
|
270 |
$key = "@{$matches['rulenum']}"; |
|
271 |
} |
|
257 | 272 |
$buffer_rules_normal[$key] = $value; |
258 | 273 |
} |
259 | 274 |
} |
... | ... | |
265 | 280 |
unset($GLOBALS['buffer_rules_rdr']); |
266 | 281 |
} |
267 | 282 |
|
268 |
function find_rule_by_number_buffer($rulenum, $type){ |
|
283 |
function find_rule_by_number_buffer($rulenum, $trackernum, $type){
|
|
269 | 284 |
global $g, $buffer_rules_rdr, $buffer_rules_normal; |
270 |
|
|
285 |
|
|
286 |
if ($trackernum == "0") |
|
287 |
$lookup_key = "@{$rulenum}"; |
|
288 |
else |
|
289 |
$lookup_key = $trackernum; |
|
290 |
|
|
271 | 291 |
if ($type == "rdr") { |
272 |
$ruleString = $buffer_rules_rdr["@".$rulenum];
|
|
292 |
$ruleString = $buffer_rules_rdr[$lookup_key];
|
|
273 | 293 |
//TODO: get the correct 'description' part of a RDR log line. currently just first 30 characters.. |
274 | 294 |
$rulename = substr($ruleString,0,30); |
275 | 295 |
} else { |
276 |
$ruleString = $buffer_rules_normal["@".$rulenum];
|
|
296 |
$ruleString = $buffer_rules_normal[$lookup_key];
|
|
277 | 297 |
list(,$rulename,) = explode("\"",$ruleString); |
278 | 298 |
$rulename = str_replace("USER_RULE: ",'<img src="/themes/'.$g['theme'].'/images/icons/icon_frmfld_user.png" width="11" height="12" title="USER_RULE" alt="USER_RULE"/> ',$rulename); |
279 | 299 |
} |
280 |
return $rulename." (@".$rulenum.")";
|
|
300 |
return "{$rulename} ({$lookup_key})";
|
|
281 | 301 |
} |
282 | 302 |
|
283 | 303 |
function find_action_image($action) { |
usr/local/www/diag_logs_filter.php | ||
---|---|---|
72 | 72 |
|
73 | 73 |
$rulenum = getGETPOSTsettingvalue('getrulenum', null); |
74 | 74 |
if($rulenum) { |
75 |
list($rulenum, $type) = explode(',', $rulenum); |
|
76 |
$rule = find_rule_by_number($rulenum, $type); |
|
75 |
list($rulenum, $tracker, $type) = explode(',', $rulenum);
|
|
76 |
$rule = find_rule_by_number($rulenum, $tracker, $type);
|
|
77 | 77 |
echo gettext("The rule that triggered this action is") . ":\n\n{$rule}"; |
78 | 78 |
exit; |
79 | 79 |
} |
... | ... | |
341 | 341 |
<tr class="<?=$evenRowClass?>"> |
342 | 342 |
<td class="listMRlr nowrap" align="center" sorttable_customkey="<?=$filterent['act']?>"> |
343 | 343 |
<center> |
344 |
<a onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['act']}"; ?>', outputrule);"> |
|
345 |
<img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" align="middle" alt="<?php echo $filterent['act'];?>" title="<?php echo $filterent['act'];?>" />
|
|
344 |
<a onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['tracker']},{$filterent['act']}"; ?>', outputrule);">
|
|
345 |
<img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" align="middle" alt="<?php echo $filterent['act'] .'/'. $filterent['tracker'];?>" title="<?php echo $filterent['act'] .'/'. $filterent['tracker'];?>" />
|
|
346 | 346 |
<?php if ($filterent['count']) echo $filterent['count'];?></a></center></td> |
347 | 347 |
<td class="listMRr" nowrap="nowrap"><?php echo htmlspecialchars($filterent['time']);?></td> |
348 | 348 |
<td class="listMRr" nowrap="nowrap"> |
... | ... | |
352 | 352 |
<?php echo htmlspecialchars($filterent['interface']);?></td> |
353 | 353 |
<?php |
354 | 354 |
if ($config['syslog']['filterdescriptions'] === "1") |
355 |
echo("<td class=\"listMRr nowrap\">".find_rule_by_number_buffer($filterent['rulenum'],$filterent['act'])."</td>"); |
|
355 |
echo("<td class=\"listMRr nowrap\">".find_rule_by_number_buffer($filterent['rulenum'],$filterent['tracker'],$filterent['act'])."</td>");
|
|
356 | 356 |
|
357 | 357 |
$int = strtolower($filterent['interface']); |
358 | 358 |
$proto = strtolower($filterent['proto']); |
... | ... | |
390 | 390 |
<?php if (isset($config['syslog']['filterdescriptions']) && $config['syslog']['filterdescriptions'] === "2"):?> |
391 | 391 |
<tr class="<?=$evenRowClass?>"> |
392 | 392 |
<td colspan="2" class="listMRDescriptionL listMRlr" /> |
393 |
<td colspan="4" class="listMRDescriptionR listMRr nowrap"><?=find_rule_by_number_buffer($filterent['rulenum'],$filterent['act']);?></td> |
|
393 |
<td colspan="4" class="listMRDescriptionR listMRr nowrap"><?=find_rule_by_number_buffer($filterent['rulenum'],$filterent['tracker'],$filterent['act']);?></td>
|
|
394 | 394 |
</tr> |
395 | 395 |
<?php endif; |
396 | 396 |
endforeach; |
Formats disponibles : Unified diff
Consider tracker IDs when looking up filter log entries, if present