diff options
author | jim-p <jim@pingle.org> | 2010-02-05 16:07:44 -0500 |
---|---|---|
committer | jim-p <jim@pingle.org> | 2010-02-05 16:07:44 -0500 |
commit | ba5c2c6e2d6864155e0d7f30cf0b8b965f3b77ca (patch) | |
tree | be2bad1c64cf3fea96d506375f24f9cee52ae99d | |
parent | dd171c41767d1595288605ca828db81330b09583 (diff) | |
download | pfsense-packages-ba5c2c6e2d6864155e0d7f30cf0b8b965f3b77ca.tar.gz pfsense-packages-ba5c2c6e2d6864155e0d7f30cf0b8b965f3b77ca.tar.bz2 pfsense-packages-ba5c2c6e2d6864155e0d7f30cf0b8b965f3b77ca.zip |
Update the state summary to properly detect and use source IP and destination IP, as well as summarize by IP pairing (src -> dst).
-rw-r--r-- | config/states-summary/diag_states_summary.php | 129 | ||||
-rwxr-xr-x | pkg_config.7.xml | 4 |
2 files changed, 129 insertions, 4 deletions
diff --git a/config/states-summary/diag_states_summary.php b/config/states-summary/diag_states_summary.php index 242c06e9..adad9b6b 100644 --- a/config/states-summary/diag_states_summary.php +++ b/config/states-summary/diag_states_summary.php @@ -1,8 +1,40 @@ <?php +/* + diag_states_summary.php + Copyright (C) 2010 Jim Pingle + + Portions borrowed from diag_dump_states.php: + Copyright (C) 2005-2009 Scott Ullrich + Copyright (C) 2005 Colin Smith + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ exec("/sbin/pfctl -s state", $states); $srcipinfo = array(); +$dstipinfo = array(); +$pairipinfo = array(); $row = 0; if(count($states) > 0) { @@ -15,11 +47,20 @@ if(count($states) > 0) { /* break up info and extract $srcip and $dstip */ $ends = preg_split("/\<?-\>?/", $info); - $parts = split(":", $ends[0]); + + if (strpos($info, '->') === FALSE) { + $srcinfo = $ends[count($ends) - 1]; + $dstinfo = $ends[0]; + } else { + $srcinfo = $ends[0]; + $dstinfo = $ends[count($ends) - 1]; + } + + $parts = split(":", $srcinfo); $srcip = trim($parts[0]); $srcport = trim($parts[1]); - $parts = split(":", $ends[count($ends) - 1]); + $parts = split(":", $dstinfo); $dstip = trim($parts[0]); $dstport = trim($parts[1]); @@ -31,6 +72,24 @@ if(count($states) > 0) { if (!empty($dstport)) { $srcipinfo[$srcip]['protos'][$proto]['dstports'][$dstport]++; } + + $dstipinfo[$dstip]['seen']++; + $dstipinfo[$dstip]['protos'][$proto]['seen']++; + if (!empty($srcport)) { + $dstipinfo[$dstip]['protos'][$proto]['srcports'][$srcport]++; + } + if (!empty($dstport)) { + $dstipinfo[$dstip]['protos'][$proto]['dstports'][$dstport]++; + } + + $pairipinfo["{$srcip} -> {$dstip}"]['seen']++; + $pairipinfo["{$srcip} -> {$dstip}"]['protos'][$proto]['seen']++; + if (!empty($srcport)) { + $pairipinfo["{$srcip} -> {$dstip}"]['protos'][$proto]['srcports'][$srcport]++; + } + if (!empty($dstport)) { + $pairipinfo["{$srcip} -> {$dstip}"]['protos'][$proto]['dstports'][$dstport]++; + } } } @@ -45,6 +104,7 @@ include("fbegin.inc"); ?> <p class="pgtitle"><?=$pgtitle?></font></p> +<h3>By Source IP</h3> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="listhdrr">IP</td> @@ -78,4 +138,69 @@ include("fbegin.inc"); </table> + +<h3>By Destination IP</h3> +<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <tr> + <td class="listhdrr">IP</td> + <td class="listhdrr"># States</td> + <td class="listhdrr">Proto</td> + <td class="listhdrr"># States</td> + <td class="listhdrr">Src Ports</td> + <td class="listhdrr">Dst Ports</td> + </tr> +<?php uksort($dstipinfo, "sort_by_ip"); + foreach($dstipinfo as $ip => $ipinfo) { ?> + <tr> + <td class='vncell'><?php echo $ip; ?></td> + <td class='vncell'><?php echo $ipinfo['seen']; ?></td> + <td class='vncell'> </td> + <td class='vncell'> </td> + <td class='vncell'> </td> + <td class='vncell'> </td> + </tr> + <?php foreach($ipinfo['protos'] as $proto => $protoinfo) { ?> + <tr> + <td class='list'> </td> + <td class='list'> </td> + <td class='listlr'><?php echo $proto; ?></td> + <td class='listr' align="center"><?php echo $protoinfo['seen']; ?></td> + <td class='listr' align="center"><?php echo count($protoinfo['srcports']); ?></td> + <td class='listr' align="center"><?php echo count($protoinfo['dstports']); ?></td> + </tr> + <?php } ?> +<?php } ?> +</table> + +<h3>By IP Pair</h3> +<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <tr> + <td class="listhdrr">IP</td> + <td class="listhdrr"># States</td> + <td class="listhdrr">Proto</td> + <td class="listhdrr"># States</td> + <td class="listhdrr">Src Ports</td> + <td class="listhdrr">Dst Ports</td> + </tr> +<?php foreach($pairipinfo as $ip => $ipinfo) { ?> + <tr> + <td class='vncell'><?php echo $ip; ?></td> + <td class='vncell'><?php echo $ipinfo['seen']; ?></td> + <td class='vncell'> </td> + <td class='vncell'> </td> + <td class='vncell'> </td> + <td class='vncell'> </td> + </tr> + <?php foreach($ipinfo['protos'] as $proto => $protoinfo) { ?> + <tr> + <td class='list'> </td> + <td class='list'> </td> + <td class='listlr'><?php echo $proto; ?></td> + <td class='listr' align="center"><?php echo $protoinfo['seen']; ?></td> + <td class='listr' align="center"><?php echo count($protoinfo['srcports']); ?></td> + <td class='listr' align="center"><?php echo count($protoinfo['dstports']); ?></td> + </tr> + <?php } ?> +<?php } ?> +</table> <?php include("fend.inc"); ?> diff --git a/pkg_config.7.xml b/pkg_config.7.xml index bf1871e7..c858eb91 100755 --- a/pkg_config.7.xml +++ b/pkg_config.7.xml @@ -964,9 +964,9 @@ </package> <package> <name>States Summary</name> - <descr>States Summary Page</descr> + <descr>States Summary Page, which will summarize firewall states by IP address and protocol.</descr> <category>System</category> - <version>0.1</version> + <version>0.3</version> <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> |