/ - Diff - UnivNautes - Redmine Entr’ouvert

« Précédent | Suivant »

Révision 481b97b0

Ajouté par jim-p il y a presque 10 ans

ID 481b97b0abcb438dfa480806e53db8862946d90e
Parent 4320083f
Enfant ec26979b

Consider tracker IDs when looking up filter log entries, if present

     	return ':' . $portstr;
+    }
     function find_rule_by_number($rulenum, $type="rules") {
     function find_rule_by_number($rulenum, $trackernum, $type="block") {
     	global $g;
     	/* Passing arbitrary input to grep could be a Very Bad Thing(tm) */
     	if (!(is_numeric($rulenum)))
     	if (!is_numeric($rulenum) || !is_numeric($trackernum) || !in_array($type, array('pass', 'block', 'match', 'rdr')))
     		return;
     	if ($trackernum == "0")
     		$lookup_pattern = "^@{$rulenum}\([0-9]+\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]";
     	else
     		$lookup_pattern = "^@[0-9]+\({$trackernum}\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]";
     	/* At the moment, miniupnpd is the only thing I know of that
     	   generates logging rdr rules */
     	unset($buffer);
     	if ($type == "rdr")
     		$_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | grep '^@'", $buffer);
     		$_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | grep " . escapeshellarg("^@{$rulenum}"), $buffer);
     	else {
     		if (file_exists("{$g['tmp_path']}/rules.debug"))
     			$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg("^@{$rulenum} {$type}"), $buffer);
     			$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer);
     		else
     			$_gb = exec("/sbin/pfctl -vvPsr | grep " . escapeshellarg("^@{$rulenum}"), $buffer);
     			$_gb = exec("/sbin/pfctl -vvPsr | grep " . escapeshellarg($lookup_pattern), $buffer);
+    	}
     	if (is_array($buffer))
     		return $buffer[0];
-...
+    	}
     	unset($buffer, $_gb);
     	if (file_exists("{$g['tmp_path']}/rules.debug"))
     		$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+ ' | /usr/bin/egrep -v '^@[0-9]+ (nat|rdr|binat|no|scrub)'", $buffer);
     		$_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]' | /usr/bin/egrep -v '^@[0-9]+\([0-9]+\)[[:space:]](nat|rdr|binat|no|scrub)'", $buffer);
     	else
     		$_gb = exec("/sbin/pfctl -vvPsr | grep '^@'", $buffer);
     		$_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]'", $buffer);
     	if (is_array($buffer)) {
     		foreach ($buffer as $line) {
     			list($key, $value) = explode (" ", $line, 2);
     			# pfctl rule number output with tracker number: @dd(dddddddddd)
     			$matches = array();
     			if (preg_match('/\@(?P<rulenum>\d+)\((?<trackernum>\d+)\)/', $key, $matches) == 1) {
     				if ($matches['trackernum'] > 0)
     					$key = $matches['trackernum'];
     				else
     					$key = "@{$matches['rulenum']}";
+    			}
     			$buffer_rules_normal[$key] = $value;
+    		}
+    	}
-...
     	unset($GLOBALS['buffer_rules_rdr']);
+    }
     function find_rule_by_number_buffer($rulenum, $type){
     function find_rule_by_number_buffer($rulenum, $trackernum, $type){
     	global $g, $buffer_rules_rdr, $buffer_rules_normal;
     	if ($trackernum == "0")
     		$lookup_key = "@{$rulenum}";
     	else
     		$lookup_key = $trackernum;
     	if ($type == "rdr")	{
     		$ruleString = $buffer_rules_rdr["@".$rulenum];
     		$ruleString = $buffer_rules_rdr[$lookup_key];
     		//TODO: get the correct 'description' part of a RDR log line. currently just first 30 characters..
     		$rulename = substr($ruleString,0,30);
     	} else {
     		$ruleString = $buffer_rules_normal["@".$rulenum];
     		$ruleString = $buffer_rules_normal[$lookup_key];
     		list(,$rulename,) = explode("\"",$ruleString);
     		$rulename = str_replace("USER_RULE: ",'<img src="/themes/'.$g['theme'].'/images/icons/icon_frmfld_user.png" width="11" height="12" title="USER_RULE" alt="USER_RULE"/> ',$rulename);
+    	}
     	return $rulename." (@".$rulenum.")";
     	return "{$rulename} ({$lookup_key})";
+    }
     function find_action_image($action) {

     $rulenum = getGETPOSTsettingvalue('getrulenum', null);
     if($rulenum) {
     	list($rulenum, $type) = explode(',', $rulenum);
     	$rule = find_rule_by_number($rulenum, $type);
     	list($rulenum, $tracker, $type) = explode(',', $rulenum);
     	$rule = find_rule_by_number($rulenum, $tracker, $type);
     	echo gettext("The rule that triggered this action is") . ":\n\n{$rule}";
     	exit;
+    }
-...
     			<tr class="<?=$evenRowClass?>">
     			  <td class="listMRlr nowrap" align="center" sorttable_customkey="<?=$filterent['act']?>">
     			  <center>
     			  <a onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['act']}"; ?>', outputrule);">
     			  <img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" align="middle" alt="<?php echo $filterent['act'];?>" title="<?php echo $filterent['act'];?>" />
     			  <a onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['tracker']},{$filterent['act']}"; ?>', outputrule);">
     			  <img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" align="middle" alt="<?php echo $filterent['act'] .'/'. $filterent['tracker'];?>" title="<?php echo $filterent['act'] .'/'. $filterent['tracker'];?>" />
     			  <?php if ($filterent['count']) echo $filterent['count'];?></a></center></td>
     			  <td class="listMRr" nowrap="nowrap"><?php echo htmlspecialchars($filterent['time']);?></td>
     			  <td class="listMRr" nowrap="nowrap">
-...
     				<?php echo htmlspecialchars($filterent['interface']);?></td>
     			  <?php
     			  if ($config['syslog']['filterdescriptions'] === "1")
     				echo("<td class=\"listMRr nowrap\">".find_rule_by_number_buffer($filterent['rulenum'],$filterent['act'])."</td>");
     				echo("<td class=\"listMRr nowrap\">".find_rule_by_number_buffer($filterent['rulenum'],$filterent['tracker'],$filterent['act'])."</td>");
     			  $int = strtolower($filterent['interface']);
     			  $proto = strtolower($filterent['proto']);
-...
     			<?php if (isset($config['syslog']['filterdescriptions']) && $config['syslog']['filterdescriptions'] === "2"):?>
     			<tr class="<?=$evenRowClass?>">
     			  <td colspan="2" class="listMRDescriptionL listMRlr" />
     			  <td colspan="4" class="listMRDescriptionR listMRr nowrap"><?=find_rule_by_number_buffer($filterent['rulenum'],$filterent['act']);?></td>
     			  <td colspan="4" class="listMRDescriptionR listMRr nowrap"><?=find_rule_by_number_buffer($filterent['rulenum'],$filterent['tracker'],$filterent['act']);?></td>
     			</tr>
     			<?php endif;
     			endforeach;

Formats disponibles : Unified diff

Projet

Général

Profil

UnivNautes

Révision 481b97b0

Ajouté par jim-p il y a presque 10 ans