if (preg_match("/^[A-F0-9]{32}\$/i", $_GET["sensor"])) { $_GET["ctx"] = $_GET["sensor"]; unset($_GET["sensor"]); } // ********* IP and Host Searches *********** if ($_GET["search_str"] == "search term") { unset($_GET["search_str"]); } $ips_submit = array(_("Src or Dst IP"), _("Src IP"), _("Dst IP")); $host_submit = array(_("Src or Dst Host"), _("Src Host"), _("Dst Host")); // Conversion: Searching by hostname, but IP selected if ($_GET["search_str"] != "" && in_array($_GET["submit"], $ips_submit) && !preg_match("/\\d+\\.\\d+\\.\\d+\\.\\d+/", $_GET["search_str"])) { $negated_op = preg_match('/^\\!/', $_GET["search_str"]) ? '!' : ''; $_GET["search_str"] = Util::htmlentities(preg_replace("/[^0-9A-Za-z\\!\\-\\_\\.]/", "", $_GET["search_str"])); // htmlentities for fortify test $_ips_aux = Asset_host::get_ips_by_name($conn_aux, $_GET["search_str"]); $_GET["search_str"] = $negated_op . implode(" OR {$negated_op}", array_keys($_ips_aux)); } // Conversion: Searching by IP, but Host selected if ($_GET["search_str"] != "" && in_array($_GET["submit"], $host_submit) && preg_match("/^\\!?\\d+\\.\\d+\\.\\d+\\.\\d+\$/", $_GET["search_str"])) { $_GET['submit'] = str_replace(" Host", " IP", $_GET['submit']); } // Hostname if ($_GET["search_str"] != "" && in_array($_GET["submit"], $host_submit) && !preg_match("/\\d+\\.\\d+\\.\\d+\\.\\d+/", $_GET["search_str"])) { $negated_op = preg_match('/^\\!/', $_GET["search_str"]) ? 'NOT IN' : 'IN'; $_GET["search_str"] = Util::htmlentities(preg_replace("/[^0-9A-Za-z\\!\\-\\_\\.]/", "", $_GET["search_str"])); // htmlentities for fortify test $hids = Asset_host::get_id_by_name($conn_aux, $_GET["search_str"]); $htype = $_GET["submit"] == _("Src or Dst Host") ? "both" : ($_GET["submit"] == _("Src Host") ? "src" : "dst"); $_SESSION["hostid"] = array(array_shift(array_keys($hids)), $_GET["search_str"], $htype, $negated_op); unset($_GET["search_str"]);
if (ossim_error()) { $info_error[] = ossim_get_error(); ossim_clean_error(); } // Destinations if ($dst != '') { $all_destinations = explode("\n", $dst); $tdestinations = array(); // sources for tshark foreach ($all_destinations as $destination) { $destination = trim($destination); $destination_type = NULL; if (ossim_error() == FALSE) { if (!preg_match("/\\//", $destination)) { if (!preg_match('/^(\\d+)\\.(\\d+)\\.(\\d+)\\.(\\d+)$/', $destination)) { $ips = @array_keys(Asset_host::get_ips_by_name($dbconn, $destination)); $destination = count($ips) > 0 ? $ips[0] : ''; } // resolve to ip ossim_valid($destination, OSS_IP_ADDR, 'illegal:' . _('Destination ip')); $destination_type = 'host'; } else { ossim_valid($destination, OSS_IP_CIDR, 'illegal:' . _('Destination cidr')); $destination_type = 'net'; } } if (ossim_error()) { $info_error[] = ossim_get_error(); ossim_clean_error(); } else { $tdestinations[] = $destination;