Projet

Général

Profil

« Précédent | Suivant » 

Révision efa26483

Ajouté par Renato Botelho il y a presque 10 ans

Add ICMP to filter parser, it should fix #3663

Voir les différences:

etc/inc/filter_log.inc
174 174 
				$flent['urg'] = $rule_data[$field++];
175 175 
				$flent['options'] = explode(";",$rule_data[$field++]);
176 176 
			}
177 
		} else if ($flent['protoid'] == '1') { // ICMP
178 
			$flent['src'] = $flent['srcip'];
179 
			$flent['dst'] = $flent['dstip'];
180 

  		




  
  181
  
    
			$flent['icmp_type'] = $rule_data[$field++];


  		




  
  182
  
    

  		




  
  183
  
    
			switch ($flent['icmp_type']) {


  		




  
  184
  
    
			case "request":


  		




  
  185
  
    
			case "reply":


  		




  
  186
  
    
				$flent['icmp_id'] = $rule_data[$field++];


  		




  
  187
  
    
				$flent['icmp_seq'] = $rule_data[$field++];


  		




  
  188
  
    
				break;


  		




  
  189
  
    
			case "unreachproto":


  		




  
  190
  
    
				$flent['icmp_dstip'] = $rule_data[$field++];


  		




  
  191
  
    
				$flent['icmp_protoid'] = $rule_data[$field++];


  		




  
  192
  
    
				break;


  		




  
  193
  
    
			case "unreachport":


  		




  
  194
  
    
				$flent['icmp_dstip'] = $rule_data[$field++];


  		




  
  195
  
    
				$flent['icmp_protoid'] = $rule_data[$field++];


  		




  
  196
  
    
				$flent['icmp_port'] = $rule_data[$field++];


  		




  
  197
  
    
				break;


  		




  
  198
  
    
			case "unreach":


  		




  
  199
  
    
			case "timexceed":


  		




  
  200
  
    
			case "paramprob":


  		




  
  201
  
    
			case "redirect":


  		




  
  202
  
    
			case "maskreply":


  		




  
  203
  
    
				$flent['icmp_descr'] = $rule_data[$field++];


  		




  
  204
  
    
				break;


  		




  
  205
  
    
			case "needfrag":


  		




  
  206
  
    
				$flent['icmp_dstip'] = $rule_data[$field++];


  		




  
  207
  
    
				$flent['icmp_mtu'] = $rule_data[$field++];


  		




  
  208
  
    
				break;


  		




  
  209
  
    
			case "tstamp":


  		




  
  210
  
    
				$flent['icmp_id'] = $rule_data[$field++];


  		




  
  211
  
    
				$flent['icmp_seq'] = $rule_data[$field++];


  		




  
  212
  
    
				break;


  		




  
  213
  
    
			case "tstampreply":


  		




  
  214
  
    
				$flent['icmp_id'] = $rule_data[$field++];


  		




  
  215
  
    
				$flent['icmp_seq'] = $rule_data[$field++];


  		




  
  216
  
    
				$flent['icmp_otime'] = $rule_data[$field++];


  		




  
  217
  
    
				$flent['icmp_rtime'] = $rule_data[$field++];


  		




  
  218
  
    
				$flent['icmp_ttime'] = $rule_data[$field++];


  		




  
  219
  
    
				break;


  		




  
  220
  
    
			default :


  		




  
  221
  
    
				$flent['icmp_descr'] = $rule_data[$field++];


  		




  
  222
  
    
				break;


  		




  
  223
  
    
			}


  		




  
  224
  
    

  		




  177
  225
  
    
		} else if ($flent['protoid'] == '112') { // CARP


  		




  178
  226
  
    
			$flent['type'] = $rule_data[$field++];


  		




  179
  227
  
    
			$flent['ttl'] = $rule_data[$field++];


  		












Formats disponibles :  Unified diff