Révision ac5934df
Ajouté par Renato Botelho il y a plus de 9 ans
usr/local/www/diag_dump_states.php | ||
---|---|---|
43 | 43 |
require_once("interfaces.inc"); |
44 | 44 |
|
45 | 45 |
/* handle AJAX operations */ |
46 |
if($_GET['action']) { |
|
47 |
if($_GET['action'] == "remove") { |
|
48 |
if (is_ipaddr($_GET['srcip']) and is_ipaddr($_GET['dstip'])) { |
|
49 |
$retval = mwexec("/sbin/pfctl -k " . escapeshellarg($_GET['srcip']) . " -k " . escapeshellarg($_GET['dstip'])); |
|
50 |
echo htmlentities("|{$_GET['srcip']}|{$_GET['dstip']}|{$retval}|"); |
|
51 |
} else { |
|
52 |
echo gettext("invalid input"); |
|
53 |
} |
|
54 |
return; |
|
46 |
if(isset($_POST['action']) && $_POST['action'] == "remove") { |
|
47 |
if (isset($_POST['srcip']) && isset($_POST['dstip']) && is_ipaddr($_POST['srcip']) && is_ipaddr($_POST['dstip'])) { |
|
48 |
$retval = mwexec("/sbin/pfctl -k " . escapeshellarg($_POST['srcip']) . " -k " . escapeshellarg($_POST['dstip'])); |
|
49 |
echo htmlentities("|{$_POST['srcip']}|{$_POST['dstip']}|{$retval}|"); |
|
50 |
} else { |
|
51 |
echo gettext("invalid input"); |
|
55 | 52 |
} |
53 |
return; |
|
56 | 54 |
} |
57 | 55 |
|
58 |
if ($_GET['filter'] && ($_GET['killfilter'] == "Kill")) {
|
|
59 |
if (is_ipaddr($_GET['filter'])) {
|
|
60 |
$tokill = escapeshellarg($_GET['filter'] . "/32");
|
|
61 |
} elseif (is_subnet($_GET['filter'])) {
|
|
62 |
$tokill = escapeshellarg($_GET['filter']);
|
|
56 |
if (isset($_POST['filter']) && isset($_POST['killfilter'])) {
|
|
57 |
if (is_ipaddr($_POST['filter'])) {
|
|
58 |
$tokill = escapeshellarg($_POST['filter'] . "/32");
|
|
59 |
} elseif (is_subnet($_POST['filter'])) {
|
|
60 |
$tokill = escapeshellarg($_POST['filter']);
|
|
63 | 61 |
} else { |
64 | 62 |
// Invalid filter |
65 | 63 |
$tokill = ""; |
... | ... | |
90 | 88 |
jQuery('img[name="i:' + srcip + ":" + dstip + '"]').each(busy); |
91 | 89 |
|
92 | 90 |
jQuery.ajax( |
93 |
"<?=$_SERVER['SCRIPT_NAME'];?>" + |
|
94 |
"?action=remove&srcip=" + srcip + "&dstip=" + dstip, |
|
95 |
{ type: "get", complete: removeComplete } |
|
91 |
"<?=$_SERVER['SCRIPT_NAME'];?>", |
|
92 |
{ |
|
93 |
type: "post", |
|
94 |
data: { |
|
95 |
action: "remove", |
|
96 |
srcip: srcip, |
|
97 |
dstip: dstip |
|
98 |
}, |
|
99 |
complete: removeComplete |
|
100 |
} |
|
96 | 101 |
); |
97 | 102 |
} |
98 | 103 |
|
... | ... | |
136 | 141 |
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="states"> |
137 | 142 |
<tr> |
138 | 143 |
<td> |
139 |
<form action="<?=$_SERVER['SCRIPT_NAME'];?>" method="get" name="iform">
|
|
144 |
<form action="<?=$_SERVER['SCRIPT_NAME'];?>" method="post" name="iform">
|
|
140 | 145 |
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="filter"> |
141 | 146 |
<tr> |
142 | 147 |
<td> |
... | ... | |
144 | 149 |
</td> |
145 | 150 |
<td style="font-weight:bold;" align="right"> |
146 | 151 |
<?=gettext("Filter expression:");?> |
147 |
<input type="text" name="filter" class="formfld search" value="<?=htmlspecialchars($_GET['filter']);?>" size="30" />
|
|
152 |
<input type="text" name="filter" class="formfld search" value="<?=htmlspecialchars($_POST['filter']);?>" size="30" />
|
|
148 | 153 |
<input type="submit" class="formbtn" value="<?=gettext("Filter");?>" /> |
149 |
<?php if (is_ipaddr($_GET['filter']) || is_subnet($_GET['filter'])): ?>
|
|
154 |
<?php if (isset($_POST['filter']) && (is_ipaddr($_POST['filter']) || is_subnet($_POST['filter']))): ?>
|
|
150 | 155 |
<input type="submit" class="formbtn" name="killfilter" value="<?=gettext("Kill");?>" /> |
151 | 156 |
<?php endif; ?> |
152 | 157 |
</td> |
... | ... | |
171 | 176 |
<?php |
172 | 177 |
$row = 0; |
173 | 178 |
/* get our states */ |
174 |
$grepline = ($_GET['filter']) ? "| /usr/bin/egrep " . escapeshellarg(htmlspecialchars($_GET['filter'])) : "";
|
|
179 |
$grepline = (isset($_POST['filter'])) ? "| /usr/bin/egrep " . escapeshellarg(htmlspecialchars($_POST['filter'])) : "";
|
|
175 | 180 |
$fd = popen("/sbin/pfctl -s state {$grepline}", "r" ); |
176 | 181 |
while ($line = chop(fgets($fd))) { |
177 | 182 |
if($row >= 10000) |
... | ... | |
227 | 232 |
</tr> |
228 | 233 |
<tr> |
229 | 234 |
<td class="list" colspan="4" align="center" valign="top"> |
230 |
<?php if (!empty($_GET['filter'])): ?>
|
|
235 |
<?php if (isset($_POST['filter']) && !empty($_POST['filter'])): ?>
|
|
231 | 236 |
<?=gettext("States matching current filter")?>: <?= $row ?> |
232 | 237 |
<?php endif; ?> |
233 | 238 |
</td> |
Formats disponibles : Unified diff
While I'm touching this file, replace GET by POST