Révision 715d2895
Ajouté par jim-p il y a presque 10 ans
| usr/local/www/diag_packet_capture.php | ||
|---|---|---|
| 37 | 37 |
|
| 38 | 38 |
$allowautocomplete = true; |
| 39 | 39 |
|
| 40 |
function fixup_not($value) {
|
|
| 41 |
return str_replace("!", "not ", $value);
|
|
| 42 |
} |
|
| 43 |
function strip_not($value) {
|
|
| 44 |
return ltrim($value, '!'); |
|
| 45 |
} |
|
| 46 |
|
|
| 40 | 47 |
if ($_POST['downloadbtn'] == gettext("Download Capture"))
|
| 41 | 48 |
$nocsrf = true; |
| 42 | 49 |
|
| ... | ... | |
| 50 | 57 |
$count = 100;//default number of packets to capture |
| 51 | 58 |
|
| 52 | 59 |
$fams = array('ip', 'ip6');
|
| 53 |
$protos = array('icmp', 'icmp6', 'tcp', 'udp', 'arp', 'carp', 'esp');
|
|
| 60 |
$protos = array('icmp', 'icmp6', 'tcp', 'udp', 'arp', 'carp', 'esp',
|
|
| 61 |
'!icmp', '!icmp6', '!tcp', '!udp', '!arp', '!carp', '!esp'); |
|
| 54 | 62 |
|
| 55 | 63 |
$input_errors = array(); |
| 56 | 64 |
|
| ... | ... | |
| 83 | 91 |
if ($fam !== "" && $fam !== "ip" && $fam !== "ip6") {
|
| 84 | 92 |
$input_errors[] = gettext("Invalid address family.");
|
| 85 | 93 |
} |
| 86 |
if ($proto !== "" && !in_array($proto, $protos)) {
|
|
| 94 |
if ($proto !== "" && !in_array(strip_not($proto), $protos)) {
|
|
| 87 | 95 |
$input_errors[] = gettext("Invalid protocol.");
|
| 88 | 96 |
} |
| 89 | 97 |
|
| 90 | 98 |
if ($host != "") {
|
| 91 |
if (!is_subnet($host) && !is_ipaddr($host)) {
|
|
| 99 |
if (!is_subnet(strip_not($host)) && !is_ipaddr(strip_not($host))) {
|
|
| 92 | 100 |
$input_errors[] = sprintf(gettext("A valid IP address or CIDR block must be specified. [%s]"), $host);
|
| 93 | 101 |
} |
| 94 | 102 |
} |
| 95 | 103 |
if ($port != "") {
|
| 96 |
if (!is_port($port)) {
|
|
| 104 |
if (!is_port(strip_not($port))) {
|
|
| 97 | 105 |
$input_errors[] = gettext("Invalid value specified for port.");
|
| 98 | 106 |
} |
| 99 | 107 |
} |
| ... | ... | |
| 225 | 233 |
<select name="proto"> |
| 226 | 234 |
<option value="">Any</option> |
| 227 | 235 |
<option value="icmp" <?php if ($proto == "icmp") echo "selected=\"selected\""; ?>>ICMP</option> |
| 236 |
<option value="!icmp" <?php if ($proto == "!icmp") echo "selected=\"selected\""; ?>>Exclude ICMP</option> |
|
| 228 | 237 |
<option value="icmp6" <?php if ($proto == "icmp6") echo "selected=\"selected\""; ?>>ICMPv6</option> |
| 238 |
<option value="!icmp6" <?php if ($proto == "!icmp6") echo "selected=\"selected\""; ?>>Exclude ICMPv6</option> |
|
| 229 | 239 |
<option value="tcp" <?php if ($proto == "tcp") echo "selected=\"selected\""; ?>>TCP</option> |
| 240 |
<option value="!tcp" <?php if ($proto == "!tcp") echo "selected=\"selected\""; ?>>Exclude TCP</option> |
|
| 230 | 241 |
<option value="udp" <?php if ($proto == "udp") echo "selected=\"selected\""; ?>>UDP</option> |
| 242 |
<option value="!udp" <?php if ($proto == "!udp") echo "selected=\"selected\""; ?>>Exclude UDP</option> |
|
| 231 | 243 |
<option value="arp" <?php if ($proto == "arp") echo "selected=\"selected\""; ?>>ARP</option> |
| 244 |
<option value="!arp" <?php if ($proto == "!arp") echo "selected=\"selected\""; ?>>Exclude ARP</option> |
|
| 232 | 245 |
<option value="carp" <?php if ($proto == "carp") echo "selected=\"selected\""; ?>>CARP (VRRP)</option> |
| 246 |
<option value="!carp" <?php if ($proto == "!carp") echo "selected=\"selected\""; ?>>Exclude CARP (VRRP)</option> |
|
| 233 | 247 |
<option value="esp" <?php if ($proto == "esp") echo "selected=\"selected\""; ?>>ESP</option> |
| 234 | 248 |
</select> |
| 235 | 249 |
<br /><?=gettext("Select the protocol to capture, or Any.");?>
|
| ... | ... | |
| 331 | 345 |
$matches[] = $fam; |
| 332 | 346 |
|
| 333 | 347 |
if (in_array($proto, $protos)) {
|
| 334 |
if ($proto == "carp") {
|
|
| 335 |
$matches[] = 'proto 112'; |
|
| 336 |
} else {
|
|
| 337 |
$matches[] = $proto; |
|
| 338 |
} |
|
| 348 |
$matches[] = fixup_not($proto); |
|
| 339 | 349 |
} |
| 340 | 350 |
|
| 341 | 351 |
if ($port != "") |
| 342 |
$matches[] = "port ".$port;
|
|
| 352 |
$matches[] = "port ".fixup_not($port);
|
|
| 343 | 353 |
|
| 344 | 354 |
if ($host != "") {
|
| 345 | 355 |
if (is_ipaddr($host)) |
| 346 |
$matches[] = "host " . $host;
|
|
| 356 |
$matches[] = "host " . fixup_not($host);
|
|
| 347 | 357 |
elseif (is_subnet($host)) |
| 348 |
$matches[] = "net " . $host;
|
|
| 358 |
$matches[] = "net " . fixup_not($host);
|
|
| 349 | 359 |
} |
| 350 | 360 |
|
| 351 | 361 |
if ($count != "0" ) {
|
| ... | ... | |
| 359 | 369 |
if ($action == gettext("Start")) {
|
| 360 | 370 |
$matchstr = implode($matches, " and "); |
| 361 | 371 |
echo("<strong>" . gettext("Packet Capture is running.") . "</strong><br />");
|
| 362 |
mwexec_bg ("/usr/sbin/tcpdump -i $selectedif $disablepromiscuous $searchcount -s $snaplen -w $fp$fn $matchstr");
|
|
| 372 |
mwexec_bg ("/usr/sbin/tcpdump -i {$selectedif} {$disablepromiscuous} {$searchcount} -s {$snaplen} -w {$fp}{$fn} {$matchstr}");
|
|
| 363 | 373 |
} else {
|
| 364 | 374 |
//action = stop |
| 365 | 375 |
echo("<strong>" . gettext("Packet Capture stopped.") . "<br /><br />" . gettext("Packets Captured:") . "</strong><br />");
|
| ... | ... | |
| 389 | 399 |
$detail_args = "-q"; |
| 390 | 400 |
break; |
| 391 | 401 |
} |
| 392 |
system("/usr/sbin/tcpdump $disabledns $detail_args -r $fp$fn");
|
|
| 402 |
system("/usr/sbin/tcpdump {$disabledns} {$detail_args} -r {$fp}{$fn}");
|
|
| 393 | 403 |
|
| 394 | 404 |
conf_mount_ro(); |
| 395 | 405 |
?> |
Formats disponibles : Unified diff
Allow for negation of protocol, host, or port number when capturing packets.