$geo_info = Asset_host::get_extended_location($_conn, $geoloc, $ip_dip); if ($geo_info['html_icon'] != "") { $d_country_img = $geo_info['html_icon'] . " "; $dlnk = $current_url . preg_replace("/.*src\\='\\/ossim([^']+)'.*/", "\\1", $d_country_img); } else { $d_country_img = ""; $dlnk = ""; } $div2 = '<div id="' . $ip_dip . ';' . $ip_dip . ';' . $dst_host . '" ctx="' . $ctx . '" class="HostReportMenu">'; $bdiv2 = '</div>'; if ($fqdn == "yes") { qroPrintEntry('<FONT>' . $sip_fqdn . '</FONT>'); } qroPrintEntry($div1 . $s_country_img . BuildAddressLink($ip_sip, 32) . $ip_sip . '</A>' . $bdiv1, "", "", "nowrap"); qroPrintEntry('<img src="images/dash.png" border="0">'); qroPrintEntry($div2 . $d_country_img . BuildAddressLink($ip_dip, 32) . $ip_dip . '</A>' . $bdiv2, "", "", "nowrap"); if ($fqdn == "yes") { qroPrintEntry('<FONT>' . $dip_fqdn . '</FONT>'); } qroPrintEntry('<FONT>' . IPProto2str($proto) . '</FONT>'); $tmp = '<A HREF="base_stat_ports.php?port_type=2&proto=' . $proto . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . $num_unique_dport . '</A>'); $tmp = '<A HREF="base_stat_alerts.php?foo=1' . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . $num_unique . '</A>'); $tmp = '<A HREF="base_qry_main.php?new=1' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1' . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . $num_occurances . '</A>'); qroPrintEntryFooter(); } $i++; // report_data $report_data[] = array($ip_sip, '', $ip_dip, '', IPProto2str($proto), "", "", "", "", "", "", $num_unique_dport, $num_unique, $num_occurances, $s_country_img != '' || $d_country_img != '' ? $s_country_img . "####" . $d_country_img : '');
qroPrintEntry('<A HREF="' . $BASE_urlpath . '/help/base_app_faq.php#1">' . gettext("unknown") . '</A>'); } else { $country = strtolower(geoip_country_code_by_addr($gi, $currentIP)); $country_name = geoip_country_name_by_addr($gi, $currentIP); $homelan = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $currentIP)) || in_array($currentIP, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$currentIP}'><img src=\"" . Host::get_homelan_icon($currentIP, $icons, $match_cidr, $_conn) . "\" border=0></a>" : ""; if ($country) { $country_img = " <img src=\"/ossim/pixmaps/flags/" . $country . ".png\" title=\"" . $country_name . "\">"; $slnk = $current_url . "/pixmaps/flags/" . $country . ".png"; } else { $country_img = ""; $slnk = $homelan != "" ? $current_url . "/forensics/images/homelan.png" : ""; } $sip_aux = $sensors[$currentIP] != "" ? $sensors[$currentIP] : ($hosts[$currentIP] != "" ? $hosts[$currentIP] : $currentIP); $div = '<div id="' . $currentIP . ';' . $ip_aux . '" class="HostReportMenu">'; $bdiv = '</div>'; qroPrintEntry($div . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $country_img . $homelan . $bdiv, 'center', '', 'nowrap'); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $db, $dns_cache_lifetime) . ' '); } /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1&sort_order=occur_d'; if ($addr_type == 1) { if ($no_ip) { $url_criteria = BuildSrcIPFormVars(NULL_IP); } else { $url_criteria = BuildSrcIPFormVars($currentIP); } } else { if ($addr_type == 2) {
*/ if ($no_ip) { qroPrintEntry(gettext("unknown")); } else { $geo_info = Asset_host::get_extended_location($_conn, $geoloc, $currentIP); if ($geo_info['html_icon'] != '') { $country_img = $geo_info['html_icon'] . ' '; $slnk = $current_url . preg_replace("/.*src\\='\\/ossim([^']+)'.*/", "\\1", $country_img); } else { $country_img = ""; $slnk = ""; } $div = '<div id="' . $currentIP . ';' . $currentIP . ';' . $host_id . '" class="HostReportMenu" style="padding:0px 0px 0px 25px">'; // '.getrepbgcolor($prio,1).' $bdiv = '</div>'; qroPrintEntry($div . $country_img . ' ' . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . getrepimg($prio, $rel, $act, $currentIP) . $bdiv, 'left', '', 'nowrap'); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $ctx, $db) . ' '); } /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&sort_order=occur_d'; if ($no_ip) { $url_criteria_src = BuildSrcIPFormVars(NULL_IP); } else { $url_criteria_src = BuildSrcIPFormVars($currentIP); } if ($no_ip) { $url_criteria_dst = BuildDstIpFormVars(NULL_IP); } else {
if ($no_ip) { qroPrintEntry(gettext("unknown")); qroPrintEntry(gettext("N/A"), "center", "middle"); } else { $geo_info = Asset_host::get_extended_location($_conn, $geoloc, $currentIP); if ($geo_info['html_icon'] != '') { $country_img = $geo_info['html_icon'] . ' '; $slnk = $current_url . preg_replace("/.*src\\='\\/ossim([^']+)'.*/", "\\1", $country_img); } else { $country_img = ""; $slnk = ""; } $div = '<div id="' . $currentIP . ';' . $currentIP . ';' . $host_id . '" ctx="' . (Session::show_entities() ? $ctx : Session::get_default_ctx()) . '" class="HostReportMenu" style="padding:0px 0px 0px 25px">'; //'.getrepbgcolor($prio,1).' $bdiv = '</div>'; qroPrintEntry($div . $country_img . " " . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $bdiv, 'left', '', 'nowrap'); qroPrintEntry(getrepimg($prio, $rel, $act, $currentIP), "center", "middle"); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $ctx, $db) . ' '); } /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&sort_order=occur_d'; if ($addr_type == 1) { if ($no_ip) { $url_criteria = BuildSrcIPFormVars(NULL_IP); } else { $url_criteria = BuildSrcIPFormVars($currentIP); } } else {
$d_country = strtolower(geoip_country_code_by_addr($gi, $ip_dip)); $d_country_name = geoip_country_name_by_addr($gi, $ip_dip); $homelan_dip = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $ip_dip)) || in_array($ip_dip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$ip_dip}'><img src=\"" . Host::get_homelan_icon($ip_dip, $icons, $match_cidr, $_conn) . "\" border=0></a>" : ""; if ($d_country) { $d_country_img = " <img src=\"/ossim/pixmaps/flags/" . $d_country . ".png\" title=\"" . $d_country_name . "\">"; $dlnk = $current_url . "/pixmaps/flags/" . $d_country . ".png"; } else { $d_country_img = ""; $dlnk = $homelan_dip != "" ? $current_url . "/forensics/images/homelan.png" : ""; } if ($fqdn == "yes") { qroPrintEntry('<FONT>' . $sip_fqdn . '</FONT>'); } qroPrintEntry(BuildAddressLink(baseLong2IP($sip), 32) . $ip_sip . '</A>' . $s_country_img . $homelan_sip, "", "", "nowrap"); qroPrintEntry('<img src="images/dash.png" border="0">'); qroPrintEntry(BuildAddressLink(baseLong2IP($dip), 32) . $ip_dip . '</A>' . $d_country_img . $homelan_dip, "", "", "nowrap"); if ($fqdn == "yes") { qroPrintEntry('<FONT>' . $dip_fqdn . '</FONT>'); } qroPrintEntry('<FONT>' . IPProto2str($proto) . '</FONT>'); $tmp = '<A HREF="base_stat_ports.php?port_type=2&proto=' . $proto . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . $num_unique_dport . '</A>'); $tmp = '<A HREF="base_stat_alerts.php?foo=1' . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . $num_unique . '</A>'); $tmp = '<A HREF="base_qry_main.php?new=1' . '&num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1' . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . $num_occurances . '</A>'); qroPrintEntryFooter(); } $i++; // report_data $report_data[] = array($ip_sip, $slnk, $ip_dip, $dlnk, IPProto2str($proto), "", "", "", "", "", "", $num_unique_dport, $num_unique, $num_occurances);