/**
* retrieve system activity (top)
* @return array
*/
public function getActivityAction()
{
$backend = new Backend();
$response = $backend->configdpRun("system diag activity json");
$activity = json_decode($response, true);
return $activity;
}
/**
* disconnect a client
* @param string|int $zoneid zoneid
* @return array|mixed
*/
public function disconnectAction($zoneid = 0)
{
if ($this->request->isPost() && $this->request->hasPost('sessionId')) {
$backend = new Backend();
$statusRAW = $backend->configdpRun("captiveportal disconnect", array($zoneid, $this->request->getPost('sessionId'), 'json'));
$status = json_decode($statusRAW, true);
if ($status != null) {
return $status;
} else {
return array("status" => "Illegal response");
}
}
return array();
}
/**
* retrieve system ndp table contents
* @return array
*/
public function getNdpAction()
{
$backend = new Backend();
$response = $backend->configdpRun("interface list ndp json");
$ndptable = json_decode($response, true);
$intfmap = $this->getInterfaceNames();
// merge ndp output with interface names
if (is_array($ndptable)) {
foreach ($ndptable as &$ndpentry) {
if (array_key_exists($ndpentry['intf'], $intfmap)) {
$ndpentry['intf_description'] = $intfmap[$ndpentry['intf']];
} else {
$ndpentry['intf_description'] = "";
}
}
}
return $ndptable;
}
/**
* unlock package
* @param string $pkg_name package name to unlock
* @return array status
* @throws \Exception
*/
public function unlockAction($pkg_name)
{
$backend = new Backend();
$response = array();
if ($this->request->isPost()) {
$response['status'] = 'ok';
// sanitize package name
$filter = new \Phalcon\Filter();
$filter->add('pkgname', function ($value) {
return preg_replace('/[^0-9a-zA-Z-_]/', '', $value);
});
$pkg_name = $filter->sanitize($pkg_name, "pkgname");
// execute action
$response['msg_uuid'] = trim($backend->configdpRun("firmware unlock", array($pkg_name), true));
} else {
$response['status'] = 'failure';
}
return $response;
}
/**
* fetch alert detailed info
* @param $alertId alert id, position in log file
* @return array alert info
*/
public function getAlertInfoAction($alertId)
{
$backend = new Backend();
$filter = new Filter();
$id = $filter->sanitize($alertId, "int");
$response = $backend->configdpRun("ids query alerts", array(1, 0, "filepos/" . $id));
$result = json_decode($response, true);
if ($result != null && count($result['rows']) > 0) {
return $result['rows'][0];
} else {
return array();
}
}
/**
* get rule information
* @param $sid rule identifier
* @return array|mixed
*/
public function getRuleInfoAction($sid)
{
// request list of installed rules
$backend = new Backend();
$response = $backend->configdpRun("ids query rules", array(1, 0, 'sid/' . $sid));
$data = json_decode($response, true);
if ($data != null && array_key_exists("rows", $data) && count($data['rows']) > 0) {
$row = $data['rows'][0];
// set current enable status (default + registered offset)
$row['enabled_default'] = $row['enabled'];
$row['enabled'] = $this->getModel()->getRuleStatus($row['sid'], $row['enabled']);
//
if (isset($row['reference']) && $row['reference'] != '') {
// browser friendly reference data
$row['reference_html'] = '';
foreach (explode("\n", $row['reference']) as $ref) {
$ref = trim($ref);
$item_html = '<small><a href="%url%" target="_blank">%ref%</a></small>';
if (substr($ref, 0, 4) == 'url,') {
$item_html = str_replace("%url%", 'http://' . substr($ref, 4), $item_html);
$item_html = str_replace("%ref%", substr($ref, 4), $item_html);
} elseif (substr($ref, 0, 7) == "system,") {
$item_html = str_replace("%url%", substr($ref, 7), $item_html);
$item_html = str_replace("%ref%", substr($ref, 7), $item_html);
} elseif (substr($ref, 0, 8) == "bugtraq,") {
$item_html = str_replace("%url%", "http://www.securityfocus.com/bid/" . substr($ref, 8), $item_html);
$item_html = str_replace("%ref%", "bugtraq " . substr($ref, 8), $item_html);
} elseif (substr($ref, 0, 4) == "cve,") {
$item_html = str_replace("%url%", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=" . substr($ref, 4), $item_html);
$item_html = str_replace("%ref%", substr($ref, 4), $item_html);
} elseif (substr($ref, 0, 7) == "nessus,") {
$item_html = str_replace("%url%", "http://cgi.nessus.org/plugins/dump.php3?id=" . substr($ref, 7), $item_html);
$item_html = str_replace("%ref%", 'nessus ' . substr($ref, 7), $item_html);
} elseif (substr($ref, 0, 7) == "mcafee,") {
$item_html = str_replace("%url%", "http://vil.nai.com/vil/dispVirus.asp?virus_k=" . substr($ref, 7), $item_html);
$item_html = str_replace("%ref%", 'macafee ' . substr($ref, 7), $item_html);
} else {
continue;
}
$row['reference_html'] .= $item_html . '<br/>';
}
}
return $row;
} else {
return array();
}
}
/**
* logoff client
* @param int|string zone id number
* @return array
*/
public function logoffAction($zoneid = 0)
{
if ($this->request->isOptions()) {
// return empty result on CORS preflight
return array();
} else {
$this->sessionClose();
$clientSession = $this->clientSession((string) $zoneid);
if ($clientSession['clientState'] == 'AUTHORIZED' && $clientSession['authenticated_via'] != '---ip---' && $clientSession['authenticated_via'] != '---mac---') {
// you can only disconnect a connected client
$backend = new Backend();
$statusRAW = $backend->configdpRun("captiveportal disconnect", array($zoneid, $clientSession['sessionId'], 'json'));
$status = json_decode($statusRAW, true);
if ($status != null) {
return $status;
}
}
}
return array("clientState" => "UNKNOWN", "ipAddress" => $this->getClientIp());
}
/**
* save template, updates existing or create new.
* @return string
*/
public function saveTemplateAction()
{
if ($this->request->isPost() && $this->request->hasPost("name")) {
$this->sessionClose();
$templateName = $this->request->getPost("name", "striptags");
$mdlCP = new CaptivePortal();
if ($this->request->hasPost("uuid")) {
$uuid = $this->request->getPost("uuid", "striptags");
$template = $mdlCP->getNodeByReference('templates.template.' . $uuid);
if ($template == null) {
return array("name" => $templateName, "error" => "node not found");
}
} else {
$template = $mdlCP->getTemplateByName($templateName);
}
// cleanse input content, we only want to save changed files into our config
if (strlen($this->request->getPost("content", "striptags", "")) > 20 || strlen((string) $template->content) == 0) {
$temp_filename = 'cp_' . (string) $template->getAttributes()['uuid'] . '.tmp';
file_put_contents('/tmp/' . $temp_filename, $this->request->getPost("content", "striptags", ""));
// strip defaults and unchanged files from template (standard js libs, etc)
$backend = new Backend();
$response = $backend->configdpRun("captiveportal strip_template", array($temp_filename));
unlink('/tmp/' . $temp_filename);
$result = json_decode($response, true);
if ($result != null && !array_key_exists('error', $result)) {
$template->content = $result['payload'];
} else {
return array("name" => $templateName, "error" => $result['error']);
}
}
$template->name = $templateName;
$valMsgs = $mdlCP->performValidation();
$errorMsg = "";
foreach ($valMsgs as $field => $msg) {
if ($errorMsg != "") {
$errorMsg .= " , ";
}
$errorMsg .= $msg->getMessage();
}
if ($errorMsg != "") {
return array("name" => (string) $template->name, "error" => $errorMsg);
} else {
// data is valid, save and return.
$mdlCP->serializeToConfig();
Config::getInstance()->save();
return array("name" => (string) $template->name);
}
}
return null;
}
/**
* retrieve SystemHealth Data (previously called RRD Graphs)
* @param string $rrd
* @param int $from
* @param int $to
* @param int $max_values
* @param bool $inverse
* @param int $detail
* @return array
*/
public function getSystemHealthAction($rrd = "", $from = 0, $to = 0, $max_values = 120, $inverse = false, $detail = -1)
{
/**
* $rrd = rrd filename without extension
* $from = from timestamp (0=min)
* $to = to timestamp (0=max)
* $max_values = limit datapoint as close as possible to this number (or twice if detail (zoom) + overview )
* $inverse = Inverse every odd row (multiply by -1)
* $detail = limits processing of dataSets to max given (-1 = all ; 1 = 0,1 ; 2 = 0,1,2 ; etc)
*/
$rrd_details = $this->getRRDdetails($rrd)["data"];
if ($rrd_details['filename'] != "") {
$backend = new Backend();
$response = $backend->configdpRun("systemhealth fetch ", array($rrd_details['filename']));
$xml = simplexml_load_string($response);
} else {
$xml = false;
}
if ($xml !== false) {
// we only use the average databases in any RRD, remove the rest to avoid strange behaviour.
for ($count = count($xml->rra) - 1; $count >= 0; $count--) {
if (trim((string) $xml->rra[$count]->cf) != "AVERAGE") {
unset($xml->rra[$count]);
}
}
$data_sets_full = $this->getDataSetInfo($xml);
// get dataSet information to include in answer
if ($inverse == 'true') {
$inverse = true;
} else {
$inverse = false;
}
if ((int) $detail >= 0) {
for ($count = count($xml->rra) - 1; $count > $detail; $count--) {
unset($xml->rra[$count]);
}
}
// determine available dataSets within range and how to handle them
$selected_archives = $this->getSelection($this->getDataSetInfo($xml), $from, $to, $max_values);
// get condensed dataSets and translate them to d3 usable data
$result = $this->translateD3($this->getCondensedArchive($xml, $selected_archives), $inverse, $rrd_details["field_units"]);
return ["sets" => $data_sets_full, "d3" => $result, "title" => $rrd_details["title"] != "" ? $rrd_details["title"] . " | " . ucfirst($rrd_details['itemName']) : ucfirst($rrd_details['itemName']), "y-axis_label" => $rrd_details["y-axis_label"]];
// return details and d3 data
} else {
return ["sets" => [], "d3" => [], "title" => "error", "y-axis_label" => ""];
}
}
