echo gettext("SID"); ?> </th> <th class="listhdrr" axis="string"><?php echo gettext("Description"); ?> </th> </tr> </thead> <tbody> <?php /* make sure alert file exists */ if (file_exists("{$snortlogdir}/snort_{$if_real}{$snort_uuid}/alert")) { exec("tail -{$anentries} -r {$snortlogdir}/snort_{$if_real}{$snort_uuid}/alert > /tmp/alert_{$snort_uuid}"); if (file_exists("/tmp/alert_{$snort_uuid}")) { $tmpblocked = array_flip(snort_get_blocked_ips()); $counter = 0; /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */ /* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */ $fd = fopen("/tmp/alert_{$snort_uuid}", "r"); while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) { if (count($fields) < 13) { continue; } /* Time */ $alert_time = substr($fields[0], strpos($fields[0], '-') + 1, -8); /* Date */ $alert_date = substr($fields[0], 0, strpos($fields[0], '-')); /* Description */ $alert_descr = $fields[4]; $alert_descr_url = urlencode($fields[4]);
</th> </tr> </thead> <tbody> <?php /* set the arrays */ $blocked_ips_array = array(); if (is_array($blocked_ips)) { foreach ($blocked_ips as $blocked_ip) { if (empty($blocked_ip)) { continue; } $blocked_ips_array[] = trim($blocked_ip, " \n\t"); } } $blocked_ips_array = snort_get_blocked_ips(); if (!empty($blocked_ips_array)) { $tmpblocked = array_flip($blocked_ips_array); $src_ip_list = array(); foreach (glob("{$snortlogdir}/*/alert") as $alertfile) { $fd = fopen($alertfile, "r"); if ($fd) { /* 0 1 2 3 4 5 6 7 8 9 10 11 12 /* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */ while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) { if (count($fields) < 13) { continue; } if (isset($tmpblocked[$fields[6]])) { if (!is_array($src_ip_list[$fields[6]])) { $src_ip_list[$fields[6]] = array();