</tr>
<?php
/* set the arrays */
exec('/sbin/pfctl -t snort2c -T show > /tmp/snort_block.cache');
$blocked_ips_array = str_replace(' ', '', array_filter(explode("\n", file_get_contents('/tmp/snort_block.cache'))));
foreach (glob("/var/log/snort/alert_*") as $alert) {
$alerts_array = array_reverse(explode("\n\n", file_get_contents("{$alert}")));
$logent = $bnentries;
if ($blocked_ips_array[0] != '' && $alerts_array[0] != '') {
/* build the list and compare blocks to alerts */
$counter = 0;
foreach ($alerts_array as $fileline) {
$counter++;
$alert_ip_src = get_snort_alert_ip_src($fileline);
$alert_ip_disc = get_snort_alert_disc($fileline);
$alert_ip_src_array[] = get_snort_alert_ip_src($fileline);
if (in_array("{$alert_ip_src}", $blocked_ips_array)) {
$input[] = "[{$alert_ip_src}] " . "[{$alert_ip_disc}]\n";
}
}
foreach ($blocked_ips_array as $alert_block_ip) {
if (!in_array($alert_block_ip, $alert_ip_src_array)) {
$input[] = "[{$alert_block_ip}] " . "[N\\A]\n";
}
}
/* reduce double occurrences */
$result = array_unique($input);
/* buil final list, preg_match, buld html */
$counter2 = 0;
foreach ($result as $fileline2) {
if ($logent <= $counter2) {
}
/* Protocol */
/* Detect alert file type */
if ($snortalertlogt == 'full') {
$alert_proto_str = get_snort_alert_proto_full($fileline);
} else {
$alert_proto_str = get_snort_alert_proto($fileline);
}
if ($alert_proto_str != '') {
$alert_proto_match = array(" TTL", '{', '}');
$alert_proto = str_replace($alert_proto_match, '', "{$alert_proto_str}");
} else {
$alert_proto = 'empty';
}
/* IP SRC */
$alert_ip_src_str = get_snort_alert_ip_src($fileline);
if ($alert_ip_src_str != '') {
$alert_ip_src = $alert_ip_src_str;
} else {
$alert_ip_src = 'empty';
}
/* IP SRC Port */
$alert_src_p_str = get_snort_alert_src_p($fileline);
if ($alert_src_p_str != '') {
$alert_src_p_match = array(' -', ':');
$alert_src_p = str_replace($alert_src_p_match, '', "{$alert_src_p_str}");
} else {
$alert_src_p = 'empty';
}
/* Flow */
$alert_flow_str = get_snort_alert_flow($fileline);
