<form method="GET" action="menu_session.php"> <?php echo gettext("Sensor"); ?> : <select name="sensor" onChange="submit()"> <?php /* Get highest priority sensor first */ $tmp = Sensor::get_list($conn, "ORDER BY priority DESC LIMIT 1"); if (is_array($tmp)) { $first_sensor = $tmp[0]; $option = "<option value='" . $first_sensor->get_ip() . "'>"; $option .= "Sensor: " . $first_sensor->get_name() . "</option>"; print $option; } if ($sensor_list = Sensor::get_list($conn, "ORDER BY name")) { foreach ($sensor_list as $s) { /* don't show highest priority sensor again.. */ if ($s->get_ip() != $first_sensor->get_ip()) { ?> <option <?php if ($sensor == $s->get_ip()) { echo " SELECTED "; } ?> value="<?php echo $s->get_ip(); ?> "><?php echo "Sensor: " . $s->get_name();
$agent_type = 0; } else { exec("sudo /var/ossec/bin/agent_control -i " . $agent[0] . " -s", $more_info, $ret); $more_info = $ret !== 0 ? _("Information from agent not available") : explode(",", $more_info[0]); $agent_name = "<a class='agent_id'><img src='../pixmaps/plus-small.png' alt='More info' align='absmiddle'/>" . $agent[0] . "</a>"; $agent_actions = get_actions($agent); $agent_type = 1; } //Agents trends $trend = array(); if ($agent[2] == "127.0.0.1") { require_once 'classes/Sensor.inc'; $db = new ossim_db(); $dbconn = $db->connect(); $name = trim(str_replace("(server)", "", $agent[1])); $sensor = Sensor::get_list($dbconn, "WHERE name = '{$name}'"); $ip = empty($sensor) ? $agent[2] : $sensor[0]->get_ip(); } else { $ip = $agent[2]; } $data = SIEM_trends_hids($ip); if (is_array($data)) { $max = 7; for ($ii = $max - 1; $ii >= 0; $ii--) { $d = gmdate("j M", $timetz - 86400 * $ii); $trend[$d] = $data[$d] != "" ? $data[$d] : 0; } $i = 0; foreach ($trend as $k => $v) { $x[$k] = $i; $i++;
require_once 'classes/Host.inc'; $host_list = Host::get_list($conn); $hosts[] = array("value" => ANY, "name" => "ANY"); foreach ($host_list as $h) { $hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")"); } /* nets */ require_once 'classes/Net.inc'; $net_list = Net::get_list($conn); $nets[] = array("value" => ANY, "name" => "ANY"); foreach ($net_list as $n) { $nets[] = array("value" => $n->get_name(), "name" => $n->get_name()); } /* sensors */ require_once 'classes/Sensor.inc'; $sensor_list = Sensor::get_list($conn); $sensors[] = array("value" => ANY, "name" => "ANY"); foreach ($sensor_list as $s) { $sensors[] = array("value" => $s->get_ip(), "name" => $s->get_name() . " (" . $s->get_ip() . ")"); } /* ports */ require_once 'classes/Port_group.inc'; $port_list = Port_group::get_list($conn); $ports[] = array("value" => ANY, "name" => "ANY"); foreach ($port_list as $p) { $ports[] = array("value" => $p->get_name(), "name" => $p->get_name() . " (" . $p->get_descr() . ")"); } /* plugins */ require_once 'classes/Plugin.inc'; $plugin_list = Plugin::get_list($conn); $plugins[] = array("value" => ANY, "name" => "ANY");
$title = strlen($db_name) > $length_name ? substr($db_name, 0, $length_name) . "..." : $db_name; $title = Util::htmlentities($title); $tooltip = $db_title; $li = "title:'{$title}', tooltip:'{$tooltip}', icon:'{$icon}', h:'{$h}', url:'../server/newdbsform.php?name=" . urlencode($db_name) . "'"; $buffer .= ($j > 0 ? "," : "") . "{ {$li} }"; $j++; } } else { $buffer .= "{title:'" . _("No Databases Found") . "', noLink:true}"; } $buffer .= "]"; echo $buffer; } else { if (preg_match("/sensors/", $key)) { $j = 0; $sensors = Sensor::get_list($conn); $buffer = "["; foreach ($sensors as $sensor) { $icon = "../../pixmaps/server.png"; $sensor_name = $sensor->get_name(); $related_assets = Sensor::get_assets($conn, $sensor_name); $s_title = Util::htmlentities($sensor_name); $s_url = urlencode($sensor_name); $title = strlen($sensor_name) > $length_name ? substr($sensor_name, 0, $length_name) . "..." : $sensor_name; $title = Util::htmlentities($title); $tooltip = $s_title; if (count($related_assets["host"]) == 0 && count($related_assets["net"]) == 0 && count($related_assets["hgroup"]) == 0 && count($related_assets["ngroup"]) == 0) { $li = "title:'{$title}', tooltip:'{$tooltip}', icon:'{$icon}', h:'{$h}', url:'../sensor/interfaces.php?sensor=" . $s_url . "&name=" . utf8_encode($sensor_name) . "'"; } else { $li = "title:'{$title}', tooltip:'{$tooltip}', icon:'{$icon}', key:'sensor_" . utf8_encode($sensor_name) . "' ,isLazy:true, h:'{$h}', url:'../sensor/interfaces.php?sensor=" . $s_url . "&name=" . utf8_encode($sensor_name) . "'"; }
echo _("Description"); ?> </th> <?php if ($_SESSION["_user"] == "admin") { ?> <th><?php echo _("User"); ?> </th><?php } ?> <th></th> <?php $locations = Wireless::get_locations($conn); $ossim_sensors = Sensor::get_list($conn, "s, sensor_properties p WHERE s.ip=p.ip AND p.has_kismet=1"); $sensors_list = ""; foreach ($ossim_sensors as $sensor) { $sensors_list .= "<option value='" . $sensor->get_name() . "'>" . $sensor->get_name() . " [" . $sensor->get_ip() . "]"; } $c = 0; foreach ($locations as $data) { $c++; echo "<tr bgcolor='#f2f2f2'>\n\t<td width='20'><a href=\"javascript:;\" onclick=\"showhide('#cell{$c}','#img{$c}')\"><img src='../pixmaps/plus-small.png' id='img{$c}' border=0></a></td>\n\t<td>" . $data["location"] . "</td>\n\t<td style='text-align:left;padding-left:10px'>" . $data['description'] . "</td>"; if ($_SESSION["_user"] == "admin") { echo "<td>" . $data["user"] . "</td>"; } echo "<td width='20'>\n\t\t<a href='?action=del&location=" . urlencode($data["location"]) . "'><img src='../repository/images/del.gif' border=0></a>\n\t</td></tr>\n\t<tr><td colspan=3 style='padding:10px 0px 10px 40px;display:none' id='cell{$c}'>\n\t\t<table width='100%'>\n\t\t<tr><td colspan=7>\n\n\t\t\t<form>\n\t\t\t<input type='hidden' name='action' value='add_sensor'>\n\t\t\t<input type='hidden' name='layer' value='{$c}'>\n\t\t\t<input type='hidden' name='location' value='" . $data["location"] . "'>\n\t\t\t<table class='noborder'>\n\t\t\t<tr>\n\t\t\t\t<td class='noborder'><select name='sensor'>" . $sensors_list . "</select></td>\n\t\t\t\t<td class='noborder'><input type='text' size='15' name='model' id='model{$c}'></td>\n\t\t\t\t<td class='noborder'><input type='text' size='15' name='serial' id='serial{$c}'></td>\n\t\t\t\t<td class='noborder'><input type='text' size='25' name='mounting' id='mounting{$c}'></td>\n\t\t\t\t<td class='noborder'><input type='submit' value='Add Sensor' class='lbutton'></td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t</form>\n\t\n\t\t</td></tr>\n\t\t<th nowrap>" . _("Sensor") . "</th>\n\t\t<th nowrap>" . _("IP Addr") . "</th>\n\t\t<th nowrap>" . _("Mac Address") . "</th>\n\t\t<th nowrap>" . _("Model #") . "</th>\n\t\t<th nowrap>" . _("Serial #") . "</th>\n\t\t<th nowrap>" . _("Mounting Location") . "</th>\n\t\t<th></th>"; $i = 0; foreach ($data["sensors"] as $sensors) { $color = $i++ % 2 == 0 ? "bgcolor='#f2f2f2'" : "";
function ReadProfile($profileswitch) { // User sensors filtering require_once 'classes/Session.inc'; require_once 'classes/Sensor.inc'; require_once 'ossim_db.inc'; $db_aux = new ossim_db(); $conn_aux = $db_aux->connect(); $sensors_list = Sensor::get_list($conn_aux); $db_aux->close($conn_aux); $opts['profile'] = $profileswitch; $profileinfo = nfsend_query("get-profile", $opts, 0); if (!is_array($profileinfo)) { return false; } if (!array_key_exists('description', $profileinfo)) { $profileinfo['description'] = array(); } $channels = array(); // in case it's a new profile with no channels associated yet if (!array_key_exists('channel', $profileinfo)) { $profileinfo['channel'] = $channels; } // Decode channel information foreach ($profileinfo['channel'] as $channel) { list($name, $sign, $colour, $order, $sourcelist) = explode(":", $channel); $has_perm = 0; foreach ($sensors_list as $s) { if ($name == $s->get_name()) { $has_perm = 1; } } if (Session::am_i_admin()) { $has_perm = 1; } if (!$has_perm) { continue; } $_tmp = array(); $_tmp['name'] = $name; $_tmp['sign'] = $sign; $_tmp['colour'] = $colour; $_tmp['order'] = $order; $_tmp['sourcelist'] = $sourcelist; $channels[$name] = $_tmp; } $profileinfo['channel'] = $channels; return $profileinfo; }
?> <?php echo gettext("properties"); ?> </h1> <?php require_once 'ossim_db.inc'; require_once 'classes/Sensor.inc'; $db = new ossim_db(); $conn = $db->connect(); if (!(REQUEST('snort') || REQUEST('spade') || REQUEST('ossim') || REQUEST('ntop') || REQUEST('snortwrite') || REQUEST('spadewrite') || REQUEST('ossimwrite') || REQUEST('ntopwrite'))) { if (empty($ip)) { echo "<p> " . gettext("What sensor do you want to edit") . " ?</p>\n"; if ($sensor_list = Sensor::get_list($conn, "")) { foreach ($sensor_list as $sensor) { $ip = $sensor->get_ip(); $name = $sensor->get_name(); ?> <p><a href="<?php echo $_SERVER["SCRIPT_NAME"]; ?> ?ip=<?php echo $ip; ?> "><?php echo $name; ?> </a></p> <?php
require_once 'classes/Sensor.inc'; require_once 'classes/Net_group_scan.inc'; require_once 'classes/Net_group.inc'; require_once 'classes/Net_scan.inc'; require_once 'classes/Host_group_scan.inc'; require_once 'classes/Host_group.inc'; require_once 'classes/Host_scan.inc'; $db = new ossim_db(); $conn = $db->connect(); define("NESSUS", 3001); $sensor_list = array(); // Quick & dirty sensor index array for "sensor#" further below $sensor_index = array(); $tmp_index = 0; //$tmp_sensors = Sensor::get_all($conn, "ORDER BY name ASC"); $tmp_sensors = Sensor::get_list($conn, "ORDER BY name ASC"); // For filtering user perms $tmp_group_hosts = Host_group_scan::get_list($conn, "WHERE plugin_id = 3001 ORDER BY host_group_name ASC"); $tmp_group_nets = Net_group_scan::get_list($conn, "WHERE plugin_id = 3001 ORDER BY net_group_name ASC"); $tmp_host = Host_scan::get_list($conn, "WHERE plugin_id = 3001 ORDER BY host_ip ASC"); $tmp_nets = Net_scan::get_list($conn, "WHERE plugin_id = 3001 ORDER BY net_name ASC"); $net_group_index = array(); $host_group_index = array(); $hosts_index = array(); $nets_index = array(); $net_group_list = array(); $host_group_list = array(); $hosts_list = array(); $nets_list = array(); foreach ($tmp_sensors as $sensor) { if (Sensor::check_plugin_rel($conn, $sensor->get_ip(), NESSUS)) {
function getSensorList() { global $conn; if ($host_list = Sensor::get_list($conn, '', '')) { return $host_list; } return ""; }
function DisplayProcessing() { global $self; global $ListNOption; global $TopNOption; global $OutputFormatOption; global $IPStatOption; global $IPStatOrder; global $LimitScale; require_once 'classes/Session.inc'; require_once 'classes/Sensor.inc'; require_once 'ossim_db.inc'; $db_aux = new ossim_db(); $conn_aux = $db_aux->connect(); $sensors_list = Sensor::get_list($conn_aux); $db_aux->close($conn_aux); $detail_opts = $_SESSION['detail_opts']; $process_form = $_SESSION['process_form']; $type = $detail_opts['type'] == "flows" ? 0 : ($detail_opts['type'] == "packets" ? 1 : 2); ?> <a name="processing"></a> <table style='width:100%;margin-top:15px;margin-bottom:5px;border:none'><tr> <td class='nobborder'><b><?php echo _("Netflow Processing"); ?> </b></td> <td class='noborder' style='text-align:center'> [ <a href='javascript:lastsessions()'><?php echo _("List last 500 sessions"); ?> </a> ] [ <a href='javascript:launch("2","<?php echo $type; ?> ")'><?php echo _("Top 10 Src IPs"); ?> </a> ] [ <a href='javascript:launch("3","<?php echo $type; ?> ")'><?php echo _("Top 10 Dst IPs"); ?> </a> ] [ <a href='javascript:launch("5","<?php echo $type; ?> ")'><?php echo _("Top 10 Src Port"); ?> </a> ] [ <a href='javascript:launch("6","<?php echo $type; ?> ")'><?php echo _("Top 10 Dst Port"); ?> </a> ] [ <a href='javascript:launch("13","<?php echo $type; ?> ")'><?php echo _("Top 10 Proto"); ?> </a> ] </td></tr></table> <form action="<?php echo $self; ?> " onSubmit="return ValidateProcessForm()" id="FlowProcessingForm" method="POST"> <TABLE border="0" cellspacing="3" cellpadding="3" style='font-size:14px;font-weight:bold;width:100%'> <tr> <TD><?php echo _("Source"); ?> :</TD> <TD><?php echo _("Filter"); ?> :</TD> <TD><?php echo _("Options"); ?> :</TD> </tr> <TR> <TD style='vertical-align:top;border:none'> <SELECT name="srcselector[]" id='SourceSelector' size="6" style="width: 100%" multiple> <?php foreach ($process_form['srcselector'] as $selected_channel) { $_tmp[$selected_channel] = 1; } $i = 0; foreach (array_keys($_SESSION['profileinfo']['channel']) as $channel) { $has_perm = 0; foreach ($sensors_list as $s) { if ($channel == $s->get_name()) { $has_perm = 1; } } if (Session::am_i_admin()) { $has_perm = 1; } if (!$has_perm) { continue; } $checked = array_key_exists($channel, $_tmp) ? 'selected' : ''; print "<OPTION value='{$channel}' {$checked}>{$channel}</OPTION>\n"; } ?> </SELECT><br> <INPUT class="lbutton" TYPE="button" NAME="JSbutton2" Value="<?php echo _("All Sources"); ?> " onClick="SelectAllSources()"> </TD> <td style="vertical-align:top;border:none"> <textarea name="filter" id="filter" multiline="true" wrap="phisical" rows="6" cols="50"><?php if (is_array($process_form)) { $display_filter = array_key_exists('editfilter', $process_form) ? $process_form['editfilter'] : $process_form['filter']; } else { $display_filter = array(); } if (count($display_filter) < 1 && GET('ip') != "") { $display_filter[0] = "src ip " . GET('ip') . " or dst ip " . GET('ip'); } foreach ($display_filter as $line) { print htmlspecialchars(stripslashes($line)) . "\n"; } ?> </textarea><br> <?php $deletefilter_display_style = is_array($process_form) && array_key_exists('editfilter', $process_form) ? '' : 'style="display:none;"'; ?> <input type="image" name="filter_delete" id="filter_delete" title="<?php echo _("Delete filter"); ?> " align="right" onClick="HandleFilter(3)" value="" src="icons/trash.png" <?php echo $deletefilter_display_style; ?> > <input type="hidden" name="filter_name" id="filter_name" value="none"> <span id="filter_span">and <select name="DefaultFilter" id="DefaultFilter" onChange="HandleFilter(0)" size="1"> <?php print "<option value='-1' label='none'><none></option>\n"; foreach ($_SESSION['DefaultFilters'] as $name) { $checked = $process_form['DefaultFilter'] == $name ? 'selected' : ''; print "<option value='{$name}' {$checked}>{$name}</option>\n"; } $editfilter_display_style = 'style="display:none;"'; foreach ($_SESSION['DefaultFilters'] as $name) { if ($process_form['DefaultFilter'] == $name) { $editfilter_display_style = ''; } } ?> </select></span> <input type="image" name="filter_save" id="filter_save" title="<?php echo _("Save filter"); ?> " onClick="HandleFilter(2)" value="" src="icons/save.png" border="0" align="absmiddle"> <input type="image" name="filter_edit" id="filter_edit" title="<?php echo _("Edit filter"); ?> " <?php echo $editfilter_display_style; ?> onClick="HandleFilter(1)" value="" src="icons/edit.png"> <script language="Javascript" type="text/javascript"> var DefaultFilters = new Array(); <?php foreach ($_SESSION['DefaultFilters'] as $name) { print "DefaultFilters.push('{$name}');\n"; } if (array_key_exists('editfilter', $process_form)) { print "edit_filter = '" . $process_form['DefaultFilter'] . "';\n"; } ?> </script> </td> <!-- Options start here --> <td style='padding: 0px;vertical-align:top;border:none'> <table border="0"id="ProcessOptionTable" style="font-size:14px;font-weight:bold;border:none;width:100%"> <tr><td> <?php $i = 0; foreach (array('List Flows', 'Stat TopN') as $s) { $checked = $process_form['modeselect'] == $i ? 'checked' : ''; print "<input type='radio' onClick='SwitchOptionTable({$i})' name='modeselect' id='modeselect{$i}' value='{$i}' {$checked}>{$s} "; $i++; } $list_display_style = $process_form['modeselect'] == 0 ? '' : 'style="display:none;"'; $stat_display_style = $process_form['modeselect'] == 0 ? 'style="display:none;"' : ''; $formatselect_display_opts = $process_form['modeselect'] == 1 && $process_form['stattype'] != 0 ? 'style="display:none;"' : ''; ?> </td> <td align="right" style="border:none"> <input class="button" type="button" name="JSbutton1" value="<?php echo _("Clear Form"); ?> " onClick="ResetProcessingForm()"> <input class="button" type="submit" name="process" value="<?php echo _("Process"); ?> " style="font-weight:bold" id="process_button" onClick="form_ok=true;" size="1"> </td> </tr> <tr id="listNRow" <?php echo $list_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Limit to"); ?> :</td> <td class='TDnfprocControl'> <select name="listN" id="listN" style="margin-left:1" size="1"> <?php for ($i = 0; $i < count($ListNOption); $i++) { $checked = $process_form['listN'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $ListNOption[$i] . "</OPTION>\n"; } ?> </select> <?php echo _("Flows"); ?> <br> </td> </tr> <tr id="topNRow" <?php echo $stat_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Top"); ?> :</td> <td class='TDnfprocControl'> <select name="topN" id="TopN" size="1"> <?php for ($i = 0; $i < count($TopNOption); $i++) { $checked = $process_form['topN'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $TopNOption[$i] . "</OPTION>\n"; } ?> </select> </td> </tr> <tr id="stattypeRow" <?php echo $stat_display_style; ?> > <td class="TDnfprocLabel"><?php echo _("Stat"); ?> :</td> <td class="TDnfprocControl"> <select name="stattype" id="StatTypeSelector" onChange="ShowHideOptions()" size="1"> <?php for ($i = 0; $i < count($IPStatOption); $i++) { $checked = $process_form['stattype'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $IPStatOption[$i] . "</OPTION>\n"; } ?> </select> <?php echo _("order by"); ?> <select name='statorder' id="statorder" size='1'> <?php for ($i = 0; $i < count($IPStatOrder); $i++) { $checked = $process_form['statorder'] == $i ? 'selected' : ''; print "<OPTION value='{$i}' {$checked}>" . $IPStatOrder[$i] . "</OPTION>\n"; } ?> </select> </td> </tr> <tr id="AggregateRow" <?php echo $formatselect_display_opts; ?> > <td class='TDnfprocLabel'><?php echo _("Aggregate"); ?> </td> <td class='TDnfprocControl'> <input type="checkbox" name="aggr_proto" id="aggr_proto" value="checked" style="margin-left:1" <?php echo $process_form['aggr_proto']; ?> > <?php echo _("proto"); ?> <br> <input type="checkbox" name="aggr_srcport" id="aggr_srcport" value="checked" style="margin-left:1" <?php echo $process_form['aggr_srcport']; ?> > <?php echo _("srcPort"); ?> <input type="checkbox" name="aggr_srcip" id="aggr_srcip" value="checked" style="margin-left:1" <?php echo $process_form['aggr_srcip']; ?> > <select name="aggr_srcselect" id="aggr_srcselect" onChange="NetbitEntry('src')" size="1"> <?php $i = 0; foreach (array('srcIP', 'srcIPv4/', 'srcIPv6/') as $s) { $checked = $process_form['aggr_srcselect'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } $_style = $process_form['aggr_srcselect'] == 0 ? 'style="display:none"' : ''; ?> </select> <input size="3" type="text" name="aggr_srcnetbits" id="aggr_srcnetbits" value="<?php echo $process_form['aggr_srcnetbits']; ?> " <?php echo $_style; ?> ><br> <input type="checkbox" name="aggr_dstport" id="aggr_dstport" value="checked" style="margin-left:1" <?php echo $process_form['aggr_dstport']; ?> > <?php echo _("dstPort"); ?> <input type="checkbox" name="aggr_dstip" id="aggr_dstip" value="checked" style="margin-left:1" <?php echo $process_form['aggr_dstip']; ?> > <select name="aggr_dstselect" id="aggr_dstselect" onChange="NetbitEntry('dst')" size="1"> <?php $i = 0; foreach (array('dstIP', 'dstIPv4/', 'dstIPv6/') as $s) { $checked = $process_form['aggr_dstselect'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } $_style = $process_form['aggr_dstselect'] == 0 ? 'style="display:none"' : ''; ?> </select> <input size="3" type="text" name="aggr_dstnetbits" id="aggr_dstnetbits" value="<?php echo $process_form['aggr_dstnetbits']; ?> " <?php echo $_style; ?> ><br> </td> </tr> <tr id="timesortedRow" <?php echo $list_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Sort"); ?> :</td> <td class='TDnfprocControl'> <input type="checkbox" name="timesorted" id="timesorted" value="checked" style="margin-left:1" <?php echo $process_form['timesorted']; ?> > <?php echo _("start time of flows"); ?> </td> </tr> <tr id="limitoutputRow" <?php echo $stat_display_style; ?> > <td class='TDnfprocLabel'><?php echo _("Limit"); ?> :</td> <td class='TDnfprocControl'> <input type="checkbox" name="limitoutput" id="limitoutput" value="checked" style="margin-left:1" size="1" <?php echo $process_form['limitoutput']; ?> > <select name="limitwhat" id="limitwhat" size="1"> <?php $i = 0; foreach (array(gettext("Packets"), gettext("Traffic")) as $s) { $checked = $process_form['limitwhat'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } ?> </select> <select name="limithow" id="limithow" size="1"> <?php $i = 0; foreach (array('>', '<') as $s) { $checked = $process_form['limithow'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } ?> </select> <input type="text" name="limitsize" id="limitsize" value="<?php echo $process_form['limitsize']; ?> " SIZE="6" MAXLENGTH="8"> <select name="limitscale" id="limitscale" size="1" style="margin-left:1"> <?php $i = 0; foreach ($LimitScale as $s) { $checked = $process_form['limitscale'] == $i ? 'selected' : ''; print "<option value='{$i}' {$checked}>{$s}</option>\n"; $i++; } ?> </select> </td> </tr> <tr id="outputRow"> <td class='TDnfprocLabel'><?php echo _("Output"); ?> :</td> <td class='TDnfprocControl'> <span id="FormatSelect" <?php echo $formatselect_display_opts; ?> > <select name="output" id="output" onChange="CustomOutputFormat()" style="margin-left:1" size="1"> <?php foreach ($_SESSION['formatlist'] as $key => $value) { $checked = $process_form['output'] == $key ? 'selected' : ''; print "<OPTION value='{$key}' {$checked}>{$key}</OPTION>\n"; } $fmt = $_SESSION['formatlist'][$process_form['output']]; if ($process_form['output'] == $fmt) { // built in format $space_display_style = ''; $edit_display_style = 'style="display:none"'; } else { $space_display_style = 'style="display:none"'; $edit_display_style = ''; } ?> </select> <script language="Javascript" type="text/javascript"> var fmts = new Hash(); <?php foreach ($_SESSION['formatlist'] as $key => $value) { print "fmts.setItem('{$key}', '{$value}');\n"; } ?> </script> <img src="icons/space.png" border="0" alt='space' id='space' <?php echo $space_display_style; ?> ></img> <a href="#null" onClick="EditCustomFormat()" title="<?php echo _("Edit format"); ?> " ><IMG SRC="icons/edit.png" name="fmt_doedit" id="fmt_doedit" border="0" <?php echo $edit_display_style; ?> alt="<?php echo _("Edit format"); ?> "></a> </span> <input type="checkbox" name="IPv6_long" id="IPv6_long" style="margin-left:1" value="checked" <?php echo $process_form['IPv6_long']; ?> > / <?php echo _("IPv6 long"); $fmt_edit_display_style = $process_form['output'] == 'custom ...' ? '' : 'style="display:none"'; ?> <span id="fmt_edit" <?php echo $fmt_edit_display_style; ?> > <br><?php echo _("Enter custom output format"); ?> :<br> <input size="30" type="text" name="customfmt" id="customfmt" value="<?php echo htmlspecialchars(stripslashes($process_form['customfmt'])); ?> " > <input type="image" name="fmt_save" id="fmt_save" title="<?php echo _("Save format"); ?> " onClick="SaveOutputFormat()" value="" src="icons/save.png"> <input type="image" name="fmt_delete" id="fmt_delete" title="<?php echo _("Delete format"); ?> " onClick="DeleteOutputFormat()" value="" src="icons/trash.png" <?php echo $edit_display_style; ?> > </span> </td> </tr> </table> </td> </tr> <!-- <tr> <td></td><td></td> <td align="right" style="border:none"> <input type="button" name="JSbutton1" value="<?php echo _("Clear Form"); ?> " onClick="ResetProcessingForm()"> <input type="submit" name="process" value="<?php echo _("process"); ?> " id="process_button" onClick="form_ok=true;" size="1"> </td> </tr> --> </TABLE> </form> <div id="lookupbox"> <div id="lookupbar" align="right" style="background-color:olivedrab"><img src="icons/close.png" onmouseover="this.style.cursor='pointer';" onClick="hidelookup()" title="<?php echo _("Close lookup box"); ?> "></div> <iframe id="cframe" src="" frameborder="0" width=100% height=100%></iframe> </div> <?php if (!array_key_exists('run', $_SESSION)) { return; } print "<div class='flowlist'>\n"; $run = $_SESSION['run']; if ($run != null) { $filter = $process_form['filter']; if ($process_form['DefaultFilter'] != -1) { $cmd_opts['and_filter'] = $process_form['DefaultFilter']; } $cmd_opts['type'] = ($_SESSION['profileinfo']['type'] & 4) > 0 ? 'shadow' : 'real'; $cmd_opts['profile'] = $_SESSION['profileswitch']; $cmd_opts['srcselector'] = implode(':', $process_form['srcselector']); print "<pre>\n"; $pattern = '/(\\s*)([^\\s]+)/'; $replacement = "\$1<a href='#null' onClick='lookup(\"\$2\", this, event)' title='lookup \$2'>\$2</a>"; ClearMessages(); $cmd_opts['args'] = "-T {$run}"; $cmd_opts['filter'] = $filter; $titcol = ""; if (preg_match("/ srcip/", $run)) { $titcol = _("Src IP"); } elseif (preg_match("/ dstip/", $run)) { $titcol = _("Dst IP"); } elseif (preg_match("/ srcport/", $run)) { $titcol = _("Src Port"); } elseif (preg_match("/ dstport/", $run)) { $titcol = _("Dst Port"); } $cmd_out = nfsend_query("run-nfdump", $cmd_opts); if (!is_array($cmd_out)) { ShowMessages(); } else { require_once "classes/Host.inc"; require_once "classes/Net.inc"; require_once 'ossim_db.inc'; require_once "ossim_conf.inc"; $conf = $GLOBALS["CONF"]; $solera = $conf->get_conf("solera_enable", FALSE) ? true : false; include "geoip.inc"; $gi = geoip_open("/usr/share/geoip/GeoIP.dat", GEOIP_STANDARD); $db = new ossim_db(); $conn = $db->connect(); $sensors = $hosts = $ossim_servers = array(); list($sensors, $hosts, $icons) = Host::get_ips_and_hostname($conn); /*$networks = ""; $_nets = Net::get_all($conn); $_nets_ips = $_host_ips = $_host = array(); foreach ($_nets as $_net) $_nets_ips[] = $_net->get_ips(); $networks = implode(",",$_nets_ips);*/ $hosts_ips = array_keys($hosts); /* if ( array_key_exists('arg', $cmd_out) ) { print "** nfdump " . $cmd_out['arg'] . "\n"; } if ( array_key_exists('filter', $cmd_out) ) { print "nfdump filter:\n"; foreach ( $cmd_out['filter'] as $line ) { print "$line\n"; } } foreach ( $cmd_out['nfdump'] as $line ) { print preg_replace($pattern, $replacement, $line) . "\n"; } print "</pre>\n";*/ # parse command line #2009-12-09 17:08:17.596 40.262 TCP 192.168.1.9:80 -> 217.126.167.80:51694 .AP.SF 0 70 180978 1 35960 2585 1 $list = preg_match("/ \\-a \\-A /", $cmd_out['arg']) ? 1 : 0; $regex = $list ? "/(\\d\\d\\d\\d\\-.*?\\s.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+->\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?\\s*[KMG]?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*)/" : "/(\\d\\d\\d\\d\\-.*?\\s.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?)\\s+(.*?\\s*[KMGT]?)\\s+(.*?)\\s+(.*?)\\s+(.*)/"; echo "<table style='width:100%;margin-bottom:5px''>"; $geotools = false; if ($list && file_exists("../kml/GoogleEarth.php")) { $geotools = true; $geoips = array(); echo "<tr><td class='nobborder'></td><td class='nobborder'></td><td class='nobborder'></td>"; echo "<td class='center nobborder'>Geo Tools: <a href='' onclick='window.open(\"../kml/TourConfig.php?type=ip_src&ip=&flows=1\",\"Flows sources - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_earth_icon.png' border='0'></a> <a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type=ip_src&ip=&flows=1\",\"Flows sources - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a></td>"; echo "<td class='center nobborder'>Geo Tools: <a href='' onclick='window.open(\"../kml/TourConfig.php?type=ip_dst&ip=&flows=1\",\"Flows destinations - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_earth_icon.png' border='0'></a> <a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type=ip_dst&ip=&flows=1\",\"Flows destinations - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a></td>"; echo "</tr>"; } echo $list ? "<tr>\n <th>" . _("Date flow start") . "</th>\n <th>" . _("Duration") . "</th>\n <th>" . _("Proto") . "</th>\n <th>" . _("Src IP Addr:Port") . "</th>\n <th>" . _("Dst IP Addr:Port") . "</th>\n <th>" . _("Flags") . "</th>\n <th>" . _("Tos") . "</th>\n <th>" . _("Packets") . "</th>\n <th>" . _("Bytes") . "</th>\n <th>" . _("pps") . "</th>\n <th>" . _("bps") . "</th>\n <th>" . _("Bpp") . "</th>\n <th>" . _("Flows") . "</th>\n \t" . ($solera ? "<th></th>" : "") . "\n </tr>" : "<tr>\n <th>" . _("Date flow seen") . "</th>\n <th>" . _("Duration") . "</th>\n <th>" . _("Proto") . "</th>\n <th>" . $titcol . "</th>\n <th>" . _("Flows") . "</th>\n <th>" . _("Packets") . "</th>\n <th>" . _("Bytes") . "</th>\n <th>" . _("pps") . "</th>\n <th>" . _("bps") . "</th>\n <th>" . _("bpp") . "</th>\n \t" . ($solera ? "<th></th>" : "") . "\n </tr>"; $status = $errors = array(); //print_r($cmd_out['nfdump']); foreach ($cmd_out['nfdump'] as $k => $line) { echo "<tr>\n"; #capture status if (preg_match("/^(Summary|Time window|Total flows processed|Sys)\\:/", $line, $found)) { $status[$found[1]] = str_replace($found[1] . ":", "", $line); } # capture errors if (preg_match("/ error /i", $line, $found)) { $errors[] = $line; } # print results $line = preg_replace("/\\(\\s(\\d)/", "(\\1", $line); // Patch for ( 0.3) $line = preg_replace("/(\\d)\\s([KMG])/", "\\1\\2", $line); // Patch for 1.2 M(99.6) $start = $end = $proto = ""; $ips = $ports = array(); if (preg_match($regex, preg_replace('/\\s*/', ' ', $line), $found)) { foreach ($found as $ki => $field) { if ($ki > 0) { $wrap = $ki == 1 ? "nowrap" : ""; $field = preg_replace("/(\\:\\d+)\\.0\$/", "\\1", $field); if (preg_match("/(\\d+\\.\\d+\\.\\d+\\.\\d+)(.*)/", $field, $fnd)) { # match ip (resolve and geolocalize) $ip = $fnd[1]; $port = $fnd[2]; $name = $sensors[$ip] != "" ? $sensors[$ip] : ($hosts[$ip] != "" ? $hosts[$ip] : $ip); $homelan = ($match_cidr = Net::is_ip_in_cache_cidr($conn, $ip)) || in_array($ip, $hosts_ips) ? " <a href='javascript:;' class='scriptinfo' style='text-decoration:none' ip='{$ip}'><img src=\"" . Host::get_homelan_icon($ip, $icons, $match_cidr, $conn) . "\" border=0></a>" : ""; $country = strtolower(geoip_country_code_by_addr($gi, $ip)); $country_name = geoip_country_name_by_addr($gi, $ip); if ($country) { $country_img = " <img src=\"/ossim/pixmaps/flags/" . $country . ".png\" alt=\"" . _($country_name) . "\" title=\"" . _($country_name) . "\">"; } else { $country_img = ""; } $field = "<a href='javascript:;' class='HostReportMenu' id='{$ip};{$name}'>{$name}</a>{$port} {$country_img} {$homelan}"; $wrap = "nowrap"; $ips[] = $ip; if ($geotools) { if ($ki == 4) { $geoips['ip_src'][$ip]++; } elseif ($ki == 5) { $geoips['ip_dst'][$ip]++; } } $ports[] = str_replace(":", "", $port); } if (preg_match("/(\\d+-\\d+-\\d+ \\d+:\\d+:\\d+)(.*)/", $field, $fnd)) { # match date $start = $end = $fnd[1]; } if (preg_match("/(TCP|UDP|ICMP|RAW)/", $field, $fnd)) { # match date $proto = strtolower($fnd[1]); } print "<td {$wrap}>{$field}</td>"; } } // solera deepsee integration if ($solera) { echo "<td><a href=\"javascript:;\" onclick=\"solera_deepsee('{$start}','{$end}','" . $ips[0] . "','" . $ports[0] . "','" . $ips[1] . "','" . $ports[1] . "','{$proto}')\"><img src='/ossim/pixmaps/solera.png' border='0' align='absmiddle'></a></td>"; } } echo "</tr>\n"; } echo "</table>"; if ($geotools) { foreach ($geoips as $type => $list) { $ipsfile = fopen("/var/tmp/flowips_" . Session::get_session_user() . ".{$type}", "w"); foreach ($list as $ip => $val) { fputs($ipsfile, "{$ip}\n"); } fclose($ipsfile); } } #Summary: total flows: 20, total bytes: 7701, total packets: 133, avg bps: 60, avg pps: 0, avg bpp: 57 #Time window: 2009-12-10 08:21:30 - 2009-12-10 08:38:26 #Total flows processed: 21, Records skipped: 0, Bytes read: 1128 #Sys: 0.000s flows/second: 0.0 Wall: 0.000s flows/second: 152173.9 if (count($status) > 0) { echo "<table style='margin-bottom:5px;width:100%'>"; foreach ($status as $key => $line) { $line = preg_replace("/(Wall)\\:/", "<span class='th'>\\1</span>", $line); $line = preg_replace("/\\,\\s+(.*?)\\:/", " <span class='th'>\\1</span>", $line); echo "<tr><td class='nobborder'><span class='th'>{$key}</span>{$line}</td></tr>"; } echo "</table>"; } # stat() error '/home/dk/nfsen/profiles-data/live/device2/2009/12/10/nfcapd.200912100920': File not found! if (count($errors) > 0) { echo "<table style='margin-bottom:5px;width:100%'>"; foreach ($errors as $key => $line) { echo "<tr><td class='nobborder'><span class='th'>" . _("Error found") . "</span> {$line}</td></tr>"; } echo "</table>"; } $conn->disconnect(); } #print "</pre>\n"; } print "</div>\n"; return; }
$ip = $_SESSION['_sensor']['ip']; $priority = $_SESSION['_sensor']['priority']; $descr = $_SESSION['_sensor']['descr']; $tzone = $_SESSION['_sensor']['tzone']; $s_tpl = Sensor::is_sensor_in_templates($conn, $ip); if (!empty($s_tpl)) { $s_tpl = implode(",", $s_tpl); } unset($_SESSION['_sensor']); } else { if ($sname != '') { ossim_valid($sname, OSS_ALPHA, OSS_PUNC, OSS_SCORE, 'illegal:' . _("Sensor name")); if (ossim_error()) { die(ossim_error()); } if ($sensor_list = Sensor::get_list($conn, "WHERE name = '{$sname}'")) { $sensor = $sensor_list[0]; $sname = $sensor->get_name(); $ip = $sensor->get_ip(); $priority = $sensor->get_priority(); $descr = $sensor->get_descr(); $tzone = $sensor->get_tzone(); $s_tpl = Sensor::is_sensor_in_templates($conn, $ip); if (!empty($s_tpl)) { $s_tpl = implode(",", $s_tpl); } unset($_SESSION['_sensor']); } } $db->close($conn); }
<input type="hidden" name="proto" value="<?php echo $proto; ?> "/> <input type="hidden" name="port" value="<?php echo $port; ?> "/> <input type="hidden" name="sensor" value="<?php echo $sensor; ?> "/> <select name="interface" onChange="submit()"> <?php if ($sensor_list = Sensor::get_list($conn, "{$sensor_where}")) { $sflag = 0; foreach ($sensor_list as $s) { if ($sensor == $s->get_ip()) { $sflag = 1; if ($sensor_interface_list = Sensor_interfaces::get_list($conn, $s->get_ip())) { foreach ($sensor_interface_list as $s_int) { ?> <option <?php if (!$interface && $s_int->get_main() == 1) { echo "SELECTED"; } elseif ($interface == $s_int->get_interface()) { echo "SELECTED"; } ?>