} qroPrintEntryHeader($i); /* Generating checkbox value -- nikns */ $addr_type == SOURCE_IP ? $src_ip = $myrow[0] : ($dst_ip = $myrow[0]); $tmp_rowid = $src_ip . "_" . $dst_ip; echo ' <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">'; echo ' <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>'; /* Check for a NULL IP which indicates an event (e.g. portscan) * which has no IP */ if ($no_ip) { qroPrintEntry('<A HREF="' . $BASE_urlpath . '/help/base_app_faq.php#1">' . gettext("unknown") . '</A>'); } else { $country = strtolower(geoip_country_code_by_addr($gi, $currentIP)); $country_name = geoip_country_name_by_addr($gi, $currentIP); $homelan = ($match_cidr = Net::is_ip_in_cache_cidr($_conn, $currentIP)) || in_array($currentIP, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$currentIP}'><img src=\"" . Host::get_homelan_icon($currentIP, $icons, $match_cidr, $_conn) . "\" border=0></a>" : ""; if ($country) { $country_img = " <img src=\"/ossim/pixmaps/flags/" . $country . ".png\" title=\"" . $country_name . "\">"; $slnk = $current_url . "/pixmaps/flags/" . $country . ".png"; } else { $country_img = ""; $slnk = $homelan != "" ? $current_url . "/forensics/images/homelan.png" : ""; } $sip_aux = $sensors[$currentIP] != "" ? $sensors[$currentIP] : ($hosts[$currentIP] != "" ? $hosts[$currentIP] : $currentIP); $div = '<div id="' . $currentIP . ';' . $ip_aux . '" class="HostReportMenu">'; $bdiv = '</div>'; qroPrintEntry($div . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $country_img . $homelan . $bdiv, 'center', '', 'nowrap'); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $db, $dns_cache_lifetime) . ' '); }
function host_row($host, $conn, $criterias, $has_criterias, $networks, $hosts_ips, $icons) { $ip = $host->get_ip(); $gi = geoip_open("/usr/share/geoip/GeoIP.dat", GEOIP_STANDARD); $country = strtolower(geoip_country_code_by_addr($gi, $ip)); $country_name = geoip_country_name_by_addr($gi, $ip); geoip_close($gi); if ($country) { $country_img = " <img src=\"../pixmaps/flags/" . $country . ".png\" alt=\"{$country_name}\" title=\"{$country_name}\">"; } else { $country_img = ""; } $homelan = ($match_cidr = Net::is_ip_in_cache_cidr($conn, $ip, $networks)) || in_array($ip, $hosts_ips) ? " <a href=\"javascript:;\" class=\"scriptinfo\" style=\"text-decoration:none\" ip=\"" . $ip . "\"><img src=\"" . Host::get_homelan_icon($ip, $icons, $match_cidr, $conn) . "\" border=0></a>" : ""; $os = Host_os::get_os_pixmap($conn, $ip); $row = ' <tr> <td style="padding-bottom:10px" class="nobborder"> <table class="noborder" style="background-color:white"> <tr> <td class="nobborder"><a href="../report/host_report.php?host=' . $ip . '" id="' . $ip . ';' . $host->get_hostname() . '" class="HostReportMenu" style="color:#17457c;text-decoration:underline;font-size:15px;text-align:left"><b>' . $ip . '</b> <font style="font-size:12px">HostName: <b>' . $host->get_hostname() . '</b>' . $country_img . $homelan . ' ' . $os . '</font></a></td> </tr> <tr> <td class="nobborder"> <table class="noborder" style="background-color:white" height="100%"><tr>'; foreach ($criterias as $type => $subtypes_arr) { $row .= '<td class="nobborder" valign="top">' . Util::print_gadget($type, "white", criteria_row($conn, $ip, $type, $subtypes_arr, $has_criterias)) . '</td>'; } $row .= ' </tr></table> </td> </tr> </table> </td> </tr>'; echo str_replace("\n", "", str_replace("\r", "", $row)); }
function DisplayProcessing() { global $self; global $ListNOption; global $TopNOption; global $OutputFormatOption; global $IPStatOption; global $IPStatOrder; global $LimitScale; require_once 'classes/Session.inc'; require_once 'classes/Sensor.inc'; require_once 'ossim_db.inc'; $db_aux = new ossim_db(); $conn_aux = $db_aux->connect(); $sensors_list = Sensor::get_list($conn_aux); $db_aux->close($conn_aux); $detail_opts = $_SESSION['detail_opts']; $process_form = $_SESSION['process_form']; $type = $detail_opts['type'] == "flows" ? 0 : ($detail_opts['type'] == "packets" ? 1 : 2); ?> <a name="processing"></a> <table style='width:100%;margin-top:15px;margin-bottom:5px;border:none'><tr> <td class='nobborder'><b><?php echo _("Netflow Processing"); ?> </b></td> <td class='noborder' style='text-align:center'> [ <a href='javascript:lastsessions()'><?php echo _("List last 500 sessions"); ?> </a> ] [ <a href='javascript:launch("2","<?php echo $type; ?> ")'><?php echo _("Top 10 Src IPs"); ?> </a> ] [ <a href='javascript:launch("3","<?php echo $type; ?> ")'><?php echo _("Top 10 Dst IPs"); ?> </a> ] [ <a href='javascript:launch("5","<?php echo $type; ?> ")'><?php echo _("Top 10 Src Port"); ?> </a> ] [ <a href='javascript:launch("6","<?php echo $type; ?> ")'><?php echo _("Top 10 Dst Port"); ?> </a> ] [ <a href='javascript:launch("13","<?php echo $type; ?> ")'><?php echo _("Top 10 Proto"); ?> </a> ] </td></tr></table> <form action="<?php echo $self; ?> " onSubmit="return ValidateProcessForm()" id="FlowProcessingForm" method="POST"> <TABLE border="0" cellspacing="3" cellpadding="3" style='font-size:14px;font-weight:bold;width:100%'> <tr> <TD><?php echo _("Source"); ?> :</TD> <TD><?php echo _("Filter"); ?> :</TD> <TD><?php echo _("Options"); ?> :</TD> </tr> <TR> <TD style='vertical-align:top;border:none'> <SELECT name="srcselector[]" id='SourceSelector' size="6" style="width: 100%" multiple> <?php foreach ($process_form['srcselector'] as $selected_channel) { $_tmp[$selected_channel] = 1; } $i = 0; foreach (array_keys($_SESSION['profileinfo']['channel']) as $channel) { $has_perm = 0; foreach ($sensors_list as $s) { if ($channel == $s->get_name()) { $has_perm = 1; } } if (Session::am_i_admin()) { $has_perm = 1; } if (!$has_perm) { continue; } $checked = array_key_exists($channel, $_tmp) ? 'selected' : ''; print "<OPTION value='{$channel}' {$checked}>{$channel}</OPTION>\n"; } ?> </SELECT><br> <INPUT class="lbutton" TYPE="button" NAME="JSbutton2" Value="<?php echo _("All Sources"); ?> " onClick="SelectAllSources()"> </TD> <td style="vertical-align:top;border:none"> <textarea name="filter" id="filter" multiline="true" wrap="phisical" rows="6" cols="50"><?php if (is_array($process_form)) { $display_filter = array_key_exists('editfilter', $process_form) ? $process_form['editfilter'] : $process_form['filter']; } else { $display_filter = array(); } if (count($display_filter) < 1 && GET('ip') != "") { $display_filter[0] = "src ip " . GET('ip') . " or dst ip " . GET('ip'); } foreach ($display_filter as $line) { print htmlspecialchars(stripslashes($line)) . "\n"; } ?> </textarea><br> <?php $deletefilter_display_style = is_array($process_form) && array_key_exists('editfilter', $process_form) ? '' : 'style="display:none;"'; ?> <input type="image" name="filter_delete" id="filter_delete" title="<?php echo _("Delete filter"); ?> " align="right" onClick="HandleFilter(3)" value="" src="icons/trash.png" <?php echo $deletefilter_display_style; ?> > <input type="hidden" name="filter_name" id="filter_name" value="none"> <span id="filter_span">and <select name="DefaultFilter" id="DefaultFilter" onChange="HandleFilter(0)" size="1"> <?php print "<option value='-1' label='none'><none></option>\n"; foreach ($_SESSION['DefaultFilters'] as $name) { $checked = $process_form['DefaultFilter'] == $name ? 'selected' : ''; print "<option value='{$name}' {$checked}>{$name}</option>\n"; } $editfilter_display_style = 'style="display:none;"'; foreach ($_SESSION['DefaultFilters'] as $name) { if ($process_form['DefaultFilter'] == $name) { $editfilter_display_style = ''; } } ?> </select></span> <input type="image" name="filter_save" id="filter_save" title="<?php echo _("Save filter"); ?> " onClick="HandleFilter(2)" value="" src="icons/save.png" border="0" align="absmiddle"> <input type="image" name="filter_edit" id="filter_edit" title="<?php echo _("Edit filter"); ?> " <?php echo $editfilter_display_style; ?> onClick="HandleFilter(1)" value="" src="icons/edit.png"> <script language="Javascript" type="text/javascript"> var DefaultFilters = new Array(); <?php foreach ($_SESSION['DefaultFilters'] as $name) { print "DefaultFilters.push('{$name}');\n"; } if (array_key_exists('editfilter', $process_form)) { print "edit_filter = '" . $process_form['DefaultFilter'] . "';\n"; } ?> </script> </td> <!-- Options start here --> <td style='padding: 0px;vertical-align:top;border:none'> <table border="0"id="ProcessOptionTable" style="font-size:14px;font-weight:bold;border:none;width:100%"> <tr><td> <?php $i = 0; foreach (array('List Flows', 'Stat TopN') as $s) { $checked = $process_form['modeselect'] == $i ? 'checked' : ''; print "<input type='radio' onClick='SwitchOptionTable({$i})' name='modeselect' id='modeselect{$i}' value='{$i}' {$checked}>{$s} "; $i++; } $list_display_style = $process_form['modeselect'] == 0 ? '' : 'style="display:none;"'; $stat_display_style = $process_form['modeselect'] == 0 ? 'style="display:none;"' : ''; $formatselect_display_opts = $process_form['modeselect'] == 1 && $process_form['stattype'] != 0 ? 'style="display:none;"' : ''; ?> </td> <td align="right" style="border:none"> <input class="button" type="button" name="JSbutton1" value="<?php echo _("Clear Form"); ?> " onClick="ResetProcessingForm()"> <input class="button" type="submit" name="process" value="<?php echo _("Process"); ?> " style="font-weight:bold" id="process_button" onClick="form_ok=true;" size="1"> </td> </tr> <tr id="listNRow" <?php echo $list_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Limit to"); ?> :</td> <td class='TDnfprocControl'> <select name="listN" id="listN" style="margin-left:1" size="1"> <?php for ($i = 0; $i < count($ListNOption); $i++) { $checked = $process_form['listN'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $ListNOption[$i] . "</OPTION>\n"; } ?> </select> <?php echo _("Flows"); ?> <br> </td> </tr> <tr id="topNRow" <?php echo $stat_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Top"); ?> :</td> <td class='TDnfprocControl'> <select name="topN" id="TopN" size="1"> <?php for ($i = 0; $i < count($TopNOption); $i++) { $checked = $process_form['topN'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $TopNOption[$i] . "</OPTION>\n"; } ?> </select> </td> </tr> <tr id="stattypeRow" <?php echo $stat_display_style; ?> > <td class="TDnfprocLabel"><?php echo _("Stat"); ?> :</td> <td class="TDnfprocControl"> <select name="stattype" id="StatTypeSelector" onChange="ShowHideOptions()" size="1"> <?php for ($i = 0; $i < count($IPStatOption); $i++) { $checked = $process_form['stattype'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $IPStatOption[$i] . "</OPTION>\n"; } ?> </select> <?php echo _("order by"); ?> <select name='statorder' id="statorder" size='1'> <?php for ($i = 0; $i < count($IPStatOrder); $i++) { $checked = $process_form['statorder'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $IPStatOrder[$i] . "</OPTION>\n"; } ?> </select> </td> </tr> <tr id="AggregateRow" <?php echo $formatselect_display_opts; ?> > <td class='TDnfprocLabel'><?php echo _("Aggregate"); ?> </td> <td class='TDnfprocControl'> <input type="checkbox" name="aggr_proto" id="aggr_proto" value="checked" style="margin-left:1" <?php echo $process_form['aggr_proto']; ?> > <?php echo _("proto"); ?> <br> <input type="checkbox" name="aggr_srcport" id="aggr_srcport" value="checked" style="margin-left:1" <?php echo $process_form['aggr_srcport']; ?> > <?php echo _("srcPort"); ?> <input type="checkbox" name="aggr_srcip" id="aggr_srcip" value="checked" style="margin-left:1" <?php echo $process_form['aggr_srcip']; ?> > <select name="aggr_srcselect" id="aggr_srcselect" onChange="NetbitEntry('src')" size="1"> <?php $i = 0; foreach (array('srcIP', 'srcIPv4/', 'srcIPv6/') as $s) { $checked = $process_form['aggr_srcselect'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } $_style = $process_form['aggr_srcselect'] == 0 ? 'style="display:none"' : ''; ?> </select> <input size="3" type="text" name="aggr_srcnetbits" id="aggr_srcnetbits" value="<?php echo $process_form['aggr_srcnetbits']; ?> " <?php echo $_style; ?> ><br> <input type="checkbox" name="aggr_dstport" id="aggr_dstport" value="checked" style="margin-left:1" <?php echo $process_form['aggr_dstport']; ?> > <?php echo _("dstPort"); ?> <input type="checkbox" name="aggr_dstip" id="aggr_dstip" value="checked" style="margin-left:1" <?php echo $process_form['aggr_dstip']; ?> > <select name="aggr_dstselect" id="aggr_dstselect" onChange="NetbitEntry('dst')" size="1"> <?php $i = 0; foreach (array('dstIP', 'dstIPv4/', 'dstIPv6/') as $s) { $checked = $process_form['aggr_dstselect'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } $_style = $process_form['aggr_dstselect'] == 0 ? 'style="display:none"' : ''; ?> </select> <input size="3" type="text" name="aggr_dstnetbits" id="aggr_dstnetbits" value="<?php echo $process_form['aggr_dstnetbits']; ?> " <?php echo $_style; ?> ><br> </td> </tr> <tr id="timesortedRow" <?php echo $list_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Sort"); ?> :</td> <td class='TDnfprocControl'> <input type="checkbox" name="timesorted" id="timesorted" value="checked" style="margin-left:1" <?php echo $process_form['timesorted']; ?> > <?php echo _("start time of flows"); ?> </td> </tr> <tr id="limitoutputRow" <?php echo $stat_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Limit"); ?> :</td> <td class='TDnfprocControl'> <input type="checkbox" name="limitoutput" id="limitoutput" value="checked" style="margin-left:1" size="1" <?php echo $process_form['limitoutput']; ?> > <select name="limitwhat" id="limitwhat" size="1"> <?php $i = 0; foreach (array(gettext("Packets"), gettext("Traffic")) as $s) { $checked = $process_form['limitwhat'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } ?> </select> <select name="limithow" id="limithow" size="1"> <?php $i = 0; foreach (array('>', '<') as $s) { $checked = $process_form['limithow'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } ?> </select> <input type="text" name="limitsize" id="limitsize" value="<?php echo $process_form['limitsize']; ?> " SIZE="6" MAXLENGTH="8"> <select name="limitscale" id="limitscale" size="1" style="margin-left:1"> <?php $i = 0; foreach ($LimitScale as $s) { $checked = $process_form['limitscale'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } ?> </select> </td> </tr> <tr id="outputRow"> <td class='TDnfprocLabel'><?php echo _("Output"); ?> :</td> <td class='TDnfprocControl'> <span id="FormatSelect" <?php echo $formatselect_display_opts; ?> > <select name="output" id="output" onChange="CustomOutputFormat()" style="margin-left:1" size="1"> <?php foreach ($_SESSION['formatlist'] as $key => $value) { $checked = $process_form['output'] == $key ? 'selected' : ''; print "<OPTION value='{$key}' {$checked}>{$key}</OPTION>\n"; } $fmt = $_SESSION['formatlist'][$process_form['output']]; if ($process_form['output'] == $fmt) { // built in format $space_display_style = ''; $edit_display_style = 'style="display:none"'; } else { $space_display_style = 'style="display:none"'; $edit_display_style = ''; } ?> </select> <script language="Javascript" type="text/javascript"> var fmts = new Hash(); <?php foreach ($_SESSION['formatlist'] as $key => $value) { print "fmts.setItem('{$key}', '{$value}');\n"; } ?> </script> <img src="icons/space.png" border="0" alt='space' id='space' <?php echo $space_display_style; ?> ></img> <a href="#null" onClick="EditCustomFormat()" title="<?php echo _("Edit format"); ?> " ><IMG SRC="icons/edit.png" name="fmt_doedit" id="fmt_doedit" border="0" <?php echo $edit_display_style; ?> alt="<?php echo _("Edit format"); ?> "></a> </span> <input type="checkbox" name="IPv6_long" id="IPv6_long" style="margin-left:1" value="checked" <?php echo $process_form['IPv6_long']; ?> > / <?php echo _("IPv6 long"); $fmt_edit_display_style = $process_form['output'] == 'custom ...' ? '' : 'style="display:none"'; ?> <span id="fmt_edit" <?php echo $fmt_edit_display_style; ?> > <br><?php echo _("Enter custom output format"); ?> :<br> <input size="30" type="text" name="customfmt" id="customfmt" value="<?php echo htmlspecialchars(stripslashes($process_form['customfmt'])); ?> " > <input type="image" name="fmt_save" id="fmt_save" title="<?php echo _("Save format"); ?> " onClick="SaveOutputFormat()" value="" src="icons/save.png"> <input type="image" name="fmt_delete" id="fmt_delete" title="<?php echo _("Delete format"); ?> " onClick="DeleteOutputFormat()" value="" src="icons/trash.png" <?php echo $edit_display_style; ?> > </span> </td> </tr> </table> </td> </tr> <!-- <tr> <td></td><td></td> <td align="right" style="border:none"> <input type="button" name="JSbutton1" value="<?php echo _("Clear Form"); ?> " onClick="ResetProcessingForm()"> <input type="submit" name="process" value="<?php echo _("process"); ?> " id="process_button" onClick="form_ok=true;" size="1"> </td> </tr> --> </TABLE> </form> <div id="lookupbox"> <div id="lookupbar" align="right" style="background-color:olivedrab"><img src="icons/close.png" onmouseover="this.style.cursor='pointer';" onClick="hidelookup()" title="<?php echo _("Close lookup box"); ?> "></div> <iframe id="cframe" src="" frameborder="0" width=100% height=100%></iframe> </div> <?php if (!array_key_exists('run', $_SESSION)) { return; } print "<div class='flowlist'>\n"; $run = $_SESSION['run']; if ($run != null) { $filter = $process_form['filter']; if ($process_form['DefaultFilter'] != -1) { $cmd_opts['and_filter'] = $process_form['DefaultFilter']; } $cmd_opts['type'] = ($_SESSION['profileinfo']['type'] & 4) > 0 ? 'shadow' : 'real'; $cmd_opts['profile'] = $_SESSION['profileswitch']; $cmd_opts['srcselector'] = implode(':', $process_form['srcselector']); print "<pre>\n"; $pattern = '/(\\s*)([^\\s]+)/'; $replacement = "\$1<a href='#null' onClick='lookup(\"\$2\", this, event)' title='lookup \$2'>\$2</a>"; ClearMessages(); $cmd_opts['args'] = "-T {$run}"; $cmd_opts['filter'] = $filter; $titcol = ""; if (preg_match("/ srcip/", $run)) { $titcol = _("Src IP"); } elseif (preg_match("/ dstip/", $run)) { $titcol = _("Dst IP"); } elseif (preg_match("/ srcport/", $run)) { $titcol = _("Src Port"); } elseif (preg_match("/ dstport/", $run)) { $titcol = _("Dst Port"); } $cmd_out = nfsend_query("run-nfdump", $cmd_opts); if (!is_array($cmd_out)) { ShowMessages(); } else { require_once "classes/Host.inc"; require_once "classes/Net.inc"; require_once 'ossim_db.inc'; require_once "ossim_conf.inc"; $conf = $GLOBALS["CONF"]; $solera = $conf->get_conf("solera_enable", FALSE) ? true : false; include "geoip.inc"; $gi = geoip_open("/usr/share/geoip/GeoIP.dat", GEOIP_STANDARD); $db = new ossim_db(); $conn = $db->connect(); $sensors = $hosts = $ossim_servers = array(); list($sensors, $hosts, $icons) = Host::get_ips_and_hostname($conn); /*$networks = ""; $_nets = Net::get_all($conn); $_nets_ips = $_host_ips = $_host = array(); foreach ($_nets as $_net) $_nets_ips[] = $_net->get_ips(); $networks = implode(",",$_nets_ips);*/ $hosts_ips = array_keys($hosts); /* if ( array_key_exists('arg', $cmd_out) ) { print "** nfdump " . $cmd_out['arg'] . "\n"; } if ( array_key_exists('filter', $cmd_out) ) { print "nfdump filter:\n"; foreach ( $cmd_out['filter'] as $line ) { print "$line\n"; } } foreach ( $cmd_out['nfdump'] as $line ) { print preg_replace($pattern, $replacement, $line) . "\n"; } print "</pre>\n";*/ # parse command line #2009-12-09 17:08:17.596 40.262 TCP 192.168.1.9:80 -> 217.126.167.80:51694 .AP.SF 0 70 180978 1 35960 2585 1 $list = preg_match("/ \\-a \\-A /", $cmd_out['arg']) ? 1 : 0; $regex = $list ? "/(\\d\\d\\d\\d\\-.*?\\s.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+->\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?\\s*[KMG]?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*)/" : "/(\\d\\d\\d\\d\\-.*?\\s.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?\\s*[KMGT]?)\\s+(.*?)\\s+(.*?)\\s+(.*)/"; echo "<table style='width:100%;margin-bottom:5px''>"; $geotools = false; if ($list && file_exists("../kml/GoogleEarth.php")) { $geotools = true; $geoips = array(); echo "<tr><td class='nobborder'></td><td class='nobborder'></td><td class='nobborder'></td>"; echo "<td class='center nobborder'>Geo Tools: <a href='' onclick='window.open(\"../kml/TourConfig.php?type=ip_src&ip=&flows=1\",\"Flows sources - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_earth_icon.png' border='0'></a> <a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type=ip_src&ip=&flows=1\",\"Flows sources - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a></td>"; echo "<td class='center nobborder'>Geo Tools: <a href='' onclick='window.open(\"../kml/TourConfig.php?type=ip_dst&ip=&flows=1\",\"Flows destinations - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_earth_icon.png' border='0'></a> <a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type=ip_dst&ip=&flows=1\",\"Flows destinations - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a></td>"; echo "</tr>"; } echo $list ? "<tr>\n <th>" . _("Date flow start") . "</th>\n <th>" . _("Duration") . "</th>\n <th>" . _("Proto") . "</th>\n <th>" . _("Src IP Addr:Port") . "</th>\n <th>" . _("Dst IP Addr:Port") . "</th>\n <th>" . _("Flags") . "</th>\n <th>" . _("Tos") . "</th>\n <th>" . _("Packets") . "</th>\n <th>" . _("Bytes") . "</th>\n <th>" . _("pps") . "</th>\n <th>" . _("bps") . "</th>\n <th>" . _("Bpp") . "</th>\n <th>" . _("Flows") . "</th>\n \t" . ($solera ? "<th></th>" : "") . "\n </tr>" : "<tr>\n <th>" . _("Date flow seen") . "</th>\n <th>" . _("Duration") . "</th>\n <th>" . _("Proto") . "</th>\n <th>" . $titcol . "</th>\n <th>" . _("Flows") . "</th>\n <th>" . _("Packets") . "</th>\n <th>" . _("Bytes") . "</th>\n <th>" . _("pps") . "</th>\n <th>" . _("bps") . "</th>\n <th>" . _("bpp") . "</th>\n \t" . ($solera ? "<th></th>" : "") . "\n </tr>"; $status = $errors = array(); //print_r($cmd_out['nfdump']); foreach ($cmd_out['nfdump'] as $k => $line) { echo "<tr>\n"; #capture status if (preg_match("/^(Summary|Time window|Total flows processed|Sys)\\:/", $line, $found)) { $status[$found[1]] = str_replace($found[1] . ":", "", $line); } # capture errors if (preg_match("/ error /i", $line, $found)) { $errors[] = $line; } # print results $line = preg_replace("/\\(\\s(\\d)/", "(\\1", $line); // Patch for ( 0.3) $line = preg_replace("/(\\d)\\s([KMG])/", "\\1\\2", $line); // Patch for 1.2 M(99.6) $start = $end = $proto = ""; $ips = $ports = array(); if (preg_match($regex, preg_replace('/\\s*/', ' ', $line), $found)) { foreach ($found as $ki => $field) { if ($ki > 0) { $wrap = $ki == 1 ? "nowrap" : ""; $field = preg_replace("/(\\:\\d+)\\.0\$/", "\\1", $field); if (preg_match("/(\\d+\\.\\d+\\.\\d+\\.\\d+)(.*)/", $field, $fnd)) { # match ip (resolve and geolocalize) $ip = $fnd[1]; $port = $fnd[2]; $name = $sensors[$ip] != "" ? $sensors[$ip] : ($hosts[$ip] != "" ? $hosts[$ip] : $ip); $homelan = ($match_cidr = Net::is_ip_in_cache_cidr($conn, $ip)) || in_array($ip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$ip}'><img src=\"" . Host::get_homelan_icon($ip, $icons, $match_cidr, $conn) . "\" border=0></a>" : ""; $country = strtolower(geoip_country_code_by_addr($gi, $ip)); $country_name = geoip_country_name_by_addr($gi, $ip); if ($country) { $country_img = " <img src=\"/ossim/pixmaps/flags/" . $country . ".png\" alt=\"" . _($country_name) . "\" title=\"" . _($country_name) . "\">"; } else { $country_img = ""; } $field = "<a href='javascript:;' class='HostReportMenu' id='{$ip};{$name}'>{$name}</a>{$port} {$country_img} {$homelan}"; $wrap = "nowrap"; $ips[] = $ip; if ($geotools) { if ($ki == 4) { $geoips['ip_src'][$ip]++; } elseif ($ki == 5) { $geoips['ip_dst'][$ip]++; } } $ports[] = str_replace(":", "", $port); } if (preg_match("/(\\d+-\\d+-\\d+ \\d+:\\d+:\\d+)(.*)/", $field, $fnd)) { # match date $start = $end = $fnd[1]; } if (preg_match("/(TCP|UDP|ICMP|RAW)/", $field, $fnd)) { # match date $proto = strtolower($fnd[1]); } print "<td {$wrap}>{$field}</td>"; } } // solera deepsee integration if ($solera) { echo "<td><a href=\"javascript:;\" onclick=\"solera_deepsee('{$start}','{$end}','" . $ips[0] . "','" . $ports[0] . "','" . $ips[1] . "','" . $ports[1] . "','{$proto}')\"><img src='/ossim/pixmaps/solera.png' border='0' align='absmiddle'></a></td>"; } } echo "</tr>\n"; } echo "</table>"; if ($geotools) { foreach ($geoips as $type => $list) { $ipsfile = fopen("/var/tmp/flowips_" . Session::get_session_user() . ".{$type}", "w"); foreach ($list as $ip => $val) { fputs($ipsfile, "{$ip}\n"); } fclose($ipsfile); } } #Summary: total flows: 20, total bytes: 7701, total packets: 133, avg bps: 60, avg pps: 0, avg bpp: 57 #Time window: 2009-12-10 08:21:30 - 2009-12-10 08:38:26 #Total flows processed: 21, Records skipped: 0, Bytes read: 1128 #Sys: 0.000s flows/second: 0.0 Wall: 0.000s flows/second: 152173.9 if (count($status) > 0) { echo "<table style='margin-bottom:5px;width:100%'>"; foreach ($status as $key => $line) { $line = preg_replace("/(Wall)\\:/", "<span class='th'>\\1</span>", $line); $line = preg_replace("/\\,\\s+(.*?)\\:/", " <span class='th'>\\1</span>", $line); echo "<tr><td class='nobborder'><span class='th'>{$key}</span>{$line}</td></tr>"; } echo "</table>"; } # stat() error '/home/dk/nfsen/profiles-data/live/device2/2009/12/10/nfcapd.200912100920': File not found! if (count($errors) > 0) { echo "<table style='margin-bottom:5px;width:100%'>"; foreach ($errors as $key => $line) { echo "<tr><td class='nobborder'><span class='th'>" . _("Error found") . "</span> {$line}</td></tr>"; } echo "</table>"; } $conn->disconnect(); } #print "</pre>\n"; } print "</div>\n"; return; }