Skip to content

O
OpnSense
Commit 4a2943f7 authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

diagnostics: merge reworked firewall pages from master

parent 9033011d
Expand all Show whitespace changes
Inline Side-by-side
Showing with 497 additions and 550 deletions
src/www/diag_pf_info.php
View file @ 4a2943f7
......@@ -29,68 +29,73 @@
require_once("guiconfig.inc");
$pgtitle = gettext("Diagnostics: pfInfo");
$data_tabs = array("info", "memory", "timeouts", "interfaces");
if($_REQUEST['getactivity']) {
$text = `/sbin/pfctl -vvsi`;
$text .= "<p/>";
$text .= `/sbin/pfctl -vvsm`;
$text .= "<p/>";
$text .= `/sbin/pfctl -vvst`;
$text .= "<p/>";
$text .= `/sbin/pfctl -vvsI`;
echo $text;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['getactivity'])) {
$diag = configd_run("filter diag info json");
echo $diag;
}
exit;
}
include("head.inc");
?>
<body>
<?php include("fbegin.inc"); ?>
<script type="text/javascript">
jQuery(document).ready(function() {setTimeout('getpfinfo()', 500);});
//<![CDATA[
$( document ).ready(function() {
function getpfinfo() {
jQuery.ajax({
type: "POST",
type: "post",
url: "/diag_pf_info.php",
data: 'getactivity=yes',
async: false,
complete: activitycallback
dataType: "json",
success: function(data) {
// push data into tabs
$.each(data, function(key, value) {
if ($("#data_"+key.toLowerCase()).length) {
$("#data_"+key.toLowerCase()).html(value);
}
});
setTimeout(getpfinfo, 2000);
}
function activitycallback(transport) {
jQuery('#pfactivitydiv').html('<font face="Courier" size="2"><pre style="text-align:left;">' + transport.responseText + '<\/pre><\/font>');
setTimeout('getpfinfo()', 2000);
});
}
//]]>
</script>
getpfinfo();
});
</script>
<section class="page-content-main">
<div class="container-fluid col-xs-12 col-sm-10 col-md-9">
<div class="container-fluid col-xs-12">
<div class="row">
<section class="col-xs-12">
<?php
if($savemsg) {
echo "<div id=\"savemsg\">";
print_info_box($savemsg);
echo "</div>";
}
if (isset($input_errors) && count($input_errors) > 0)
print_input_errors($input_errors);
?>
<div id="pfactivitydiv">
<ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
<?php
foreach($data_tabs as $i => $tabname):?>
<li <?= $i == 0 ? 'class="active"' : '';?>>
<a data-toggle="tab" href="#<?=$tabname;?>" id="<?=$tabname;?>_tab">
<?=ucfirst($tabname);?>
</a>
</li>
<?php
endforeach;?>
</ul>
<div class="tab-content content-box tab-content">
<?php
foreach($data_tabs as $i => $tabname):?>
<div id="<?=$tabname;?>" class="tab-pane fade in <?= $i == 0 ? 'active' : '';?>">
<div class="container-fluid">
<pre id="data_<?=$tabname;?>" class="pre-scrollable" >
<?=gettext("Gathering PF information, please wait...");?>
</pre>
</div>
</div>
<?php
endforeach;?>
</div>
</section>
</div>
</div>
</section>
<?php include("foot.inc"); ?>
src/www/diag_states_summary.php
View file @ 4a2943f7
......@@ -27,18 +27,21 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
exec("/sbin/pfctl -s state", $states);
$srcipinfo = array();
$dstipinfo = array();
$allipinfo = array();
$pairipinfo = array();
require_once("guiconfig.inc");
function addipinfo(&$iparr, $ip, $proto, $srcport, $dstport) {
if (!isset($iparr[$ip]['seen'])) {
$iparr[$ip] = array("seen" => 0, "protos" => array());
}
if (!isset($iparr[$ip]['protos'][$proto])) {
$iparr[$ip]['protos'][$proto] = array("seen" => 0, 'srcports' => array(), 'dstports' => array());
}
$iparr[$ip]['seen']++;
$iparr[$ip]['protos'][$proto]['seen']++;
if (!empty($srcport)) {
if (!isset($iparr[$ip]['protos'][$proto]['srcports'][$srcport])) {
$iparr[$ip]['protos'][$proto]['srcports'][$srcport] = 0;
}
$iparr[$ip]['protos'][$proto]['srcports'][$srcport]++;
}
if (!empty($dstport)) {
......@@ -46,58 +49,46 @@ function addipinfo(&$iparr, $ip, $proto, $srcport, $dstport) {
}
}
$row = 0;
if(count($states) > 0) {
foreach($states as $line) {
$line_split = preg_split("/\s+/", $line);
$iface = array_shift($line_split);
$proto = array_shift($line_split);
$state = array_pop($line_split);
$info = implode(" ", $line_split);
/* Handle NAT cases
Replaces an external IP + NAT by the internal IP */
if (strpos($info, ') ->') !== FALSE) {
/* Outbound NAT */
$info = preg_replace('/(\S+) \((\S+)\)/U', "$2", $info);
} elseif (strpos($info, ') <-') !== FALSE) {
/* Inbound NAT/Port Forward */
$info = preg_replace('/(\S+) \((\S+)\)/U', "$1", $info);
}
/* break up info and extract $srcip and $dstip */
$ends = preg_split("/\<?-\>?/", $info);
function sort_by_ip($a, $b) {
return ip2ulong($a) < ip2ulong($b) ? -1 : 1;
}
if (strpos($info, '->') === FALSE) {
$srcinfo = $ends[count($ends) - 1];
$dstinfo = $ends[0];
} else {
$srcinfo = $ends[0];
$dstinfo = $ends[count($ends) - 1];
function build_port_info($portarr, $proto) {
if (empty($portarr)) {
return '';
}
/* Handle IPv6 */
$parts = explode(":", $srcinfo);
$partcount = count($parts);
if ($partcount <= 2) {
$srcip = trim($parts[0]);
$srcport = trim($parts[1]);
} else {
preg_match("/([0-9a-f:]+)(\[([0-9]+)\])?/i", $srcinfo, $matches);
$srcip = $matches[1];
$srcport = trim($matches[3]);
$ports = array();
asort($portarr);
foreach (array_reverse($portarr, TRUE) as $port => $count) {
$str = "";
$service = getservbyport($port, strtolower($proto));
$port = "{$proto}/{$port}";
if (!empty($service)) {
$port = "{$port} ({$service})";
}
$ports[] = "{$port}: {$count}";
}
return implode($ports, ', ');
}
$srcipinfo = array();
$dstipinfo = array();
$allipinfo = array();
$pairipinfo = array();
$parts = explode(":", $dstinfo);
$partcount = count($parts);
if ($partcount <= 2) {
$dstip = trim($parts[0]);
$dstport = trim($parts[1]);
$states = json_decode(configd_run("filter list states json"), true);
if(isset($states['details'])) {
foreach($states['details'] as $state) {
if (isset($state['nat_addr']) && $states['direction'] == 'out') {
$srcip = $state['nat_addr'] ;
$srcport = $state['nat_port'] ;
} else {
preg_match("/([0-9a-f:]+)(\[([0-9]+)\])?/i", $dstinfo, $matches);
$dstip = $matches[1];
$dstport = trim($matches[3]);
$srcip = $state['src_addr'] ;
$srcport = $state['src_port'] ;
}
$dstip = $state['dst_addr'] ;
$dstport = $state['dst_port'] ;
$proto = $state['proto'];
addipinfo($srcipinfo, $srcip, $proto, $srcport, $dstport);
addipinfo($dstipinfo, $dstip, $proto, $srcport, $dstport);
......@@ -109,76 +100,52 @@ if(count($states) > 0) {
}
}
function sort_by_ip($a, $b) {
return ip2ulong($a) < ip2ulong($b) ? -1 : 1;
}
function build_port_info($portarr, $proto) {
if (!$portarr)
return '';
$ports = array();
asort($portarr);
foreach (array_reverse($portarr, TRUE) as $port => $count) {
$str = "";
$service = getservbyport($port, strtolower($proto));
$port = "{$proto}/{$port}";
if ($service)
$port = "{$port} ({$service})";
$ports[] = "{$port}: {$count}";
function print_summary_table($label, $iparr, $sort = TRUE) {
if ($sort) {
uksort($iparr, "sort_by_ip");
}
return implode($ports, ', ');
}
function print_summary_table($label, $iparr, $sort = TRUE) { ?>
?>
<section class="col-xs-12">
<div class="content-box">
<header class="content-box-head container-fluid">
<h3><?php echo $label; ?></h3>
<h3><?=$label; ?></h3>
</header>
<div class="table-responsive">
<table class="table table-striped table-sort sortable __nomb">
<table class="table table-striped">
<tr>
<td class="listhdrr"><?=gettext("IP");?></td>
<td class="listhdrr"># <?=gettext("States");?></td>
<td class="listhdrr"><?=gettext("Proto");?></td>
<td class="listhdrr"># <?=gettext("States");?></td>
<td class="listhdrr"><?=gettext("Src Ports");?></td>
<td class="listhdrr"><?=gettext("Dst Ports");?></td>
<td><?=gettext("IP");?></td>
<td># <?=gettext("States");?></td>
<td><?=gettext("Proto");?></td>
<td># <?=gettext("States");?></td>
<td><?=gettext("Src Ports");?></td>
<td><?=gettext("Dst Ports");?></td>
</tr>
<?php if ($sort)
uksort($iparr, "sort_by_ip");
<?php
foreach($iparr as $ip => $ipinfo) { ?>
<tr>
<td class="vncell"><?php echo $ip; ?></td>
<td class="vncell"><?php echo $ipinfo['seen']; ?></td>
<td class="vncell">&nbsp;</td>
<td class="vncell">&nbsp;</td>
<td class="vncell">&nbsp;</td>
<td class="vncell">&nbsp;</td>
<td><?= $ip; ?></td>
<td><?= $ipinfo['seen']; ?></td>
<td colspan="4">&nbsp;</td>
</tr>
<?php foreach($ipinfo['protos'] as $proto => $protoinfo) { ?>
<?php foreach($ipinfo['protos'] as $proto => $protoinfo) { ?>
<tr>
<td class="list">&nbsp;</td>
<td class="list">&nbsp;</td>
<td class="listlr"><?php echo $proto; ?></td>
<td class="listr" align="center"><?php echo $protoinfo['seen']; ?></td>
<td class="listr" align="center"><span title="<?php echo build_port_info($protoinfo['srcports'], $proto); ?>"><?php echo count($protoinfo['srcports']); ?></span></td>
<td class="listr" align="center"><span title="<?php echo build_port_info($protoinfo['dstports'], $proto); ?>"><?php echo count($protoinfo['dstports']); ?></span></td>
<td colspan="2">&nbsp;</td>
<td><?=$proto; ?></td>
<td ><?=$protoinfo['seen']; ?></td>
<td ><span data-toggle="tooltip" title="<?=build_port_info($protoinfo['srcports'], $proto); ?>"><?=count($protoinfo['srcports']); ?></span></td>
<td ><span data-toggle="tooltip" title="<?=build_port_info($protoinfo['dstports'], $proto); ?>"><?=count($protoinfo['dstports']); ?></span></td>
</tr>
<?php } ?>
<?php } ?>
</table>
</div>
</div>
</section>
<?php
}
$pgtitle = array(gettext("Diagnostics"),gettext("State Table Summary"));
require_once("guiconfig.inc");
include("head.inc");
echo "<body>";
include("fbegin.inc");
......@@ -186,18 +153,12 @@ include("fbegin.inc");
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?
print_summary_table(gettext("By Source IP"), $srcipinfo);
print_summary_table(gettext("By Destination IP"), $dstipinfo);
print_summary_table(gettext("Total per IP"), $allipinfo);
print_summary_table(gettext("By IP Pair"), $pairipinfo, FALSE);
?>
</section>
</div>
</div>
</section>
......
src/www/diag_system_pftop.php
View file @ 4a2943f7
This diff is collapsed.
src/www/diag_tables.php
View file @ 4a2943f7
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023