aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/states-summary/diag_states_summary.php133
-rwxr-xr-xpkg_config.7.xml2
2 files changed, 38 insertions, 97 deletions
diff --git a/config/states-summary/diag_states_summary.php b/config/states-summary/diag_states_summary.php
index adad9b6b..26697bb7 100644
--- a/config/states-summary/diag_states_summary.php
+++ b/config/states-summary/diag_states_summary.php
@@ -34,8 +34,20 @@ exec("/sbin/pfctl -s state", $states);
$srcipinfo = array();
$dstipinfo = array();
+$allipinfo = array();
$pairipinfo = array();
+function addipinfo(&$iparr, $ip, $proto, $srcport, $dstport) {
+ $iparr[$ip]['seen']++;
+ $iparr[$ip]['protos'][$proto]['seen']++;
+ if (!empty($srcport)) {
+ $iparr[$ip]['protos'][$proto]['srcports'][$srcport]++;
+ }
+ if (!empty($dstport)) {
+ $iparr[$ip]['protos'][$proto]['dstports'][$dstport]++;
+ }
+}
+
$row = 0;
if(count($states) > 0) {
foreach($states as $line) {
@@ -64,32 +76,13 @@ if(count($states) > 0) {
$dstip = trim($parts[0]);
$dstport = trim($parts[1]);
- $srcipinfo[$srcip]['seen']++;
- $srcipinfo[$srcip]['protos'][$proto]['seen']++;
- if (!empty($srcport)) {
- $srcipinfo[$srcip]['protos'][$proto]['srcports'][$srcport]++;
- }
- if (!empty($dstport)) {
- $srcipinfo[$srcip]['protos'][$proto]['dstports'][$dstport]++;
- }
+ addipinfo($srcipinfo, $srcip, $proto, $srcport, $dstport);
+ addipinfo($dstipinfo, $dstip, $proto, $srcport, $dstport);
+ addipinfo($pairipinfo, "{$srcip} -> {$dstip}", $proto, $srcport, $dstport);
- $dstipinfo[$dstip]['seen']++;
- $dstipinfo[$dstip]['protos'][$proto]['seen']++;
- if (!empty($srcport)) {
- $dstipinfo[$dstip]['protos'][$proto]['srcports'][$srcport]++;
- }
- if (!empty($dstport)) {
- $dstipinfo[$dstip]['protos'][$proto]['dstports'][$dstport]++;
- }
+ addipinfo($allipinfo, $srcip, $proto, $srcport, $dstport);
+ addipinfo($allipinfo, $dstip, $proto, $srcport, $dstport);
- $pairipinfo["{$srcip} -> {$dstip}"]['seen']++;
- $pairipinfo["{$srcip} -> {$dstip}"]['protos'][$proto]['seen']++;
- if (!empty($srcport)) {
- $pairipinfo["{$srcip} -> {$dstip}"]['protos'][$proto]['srcports'][$srcport]++;
- }
- if (!empty($dstport)) {
- $pairipinfo["{$srcip} -> {$dstip}"]['protos'][$proto]['dstports'][$dstport]++;
- }
}
}
@@ -97,14 +90,9 @@ function sort_by_ip($a, $b) {
return sprintf("%u", ip2long($a)) < sprintf("%u", ip2long($b)) ? -1 : 1;
}
-$pgtitle = "Diagnostics: State Table Summary";
-require_once("guiconfig.inc");
-include("head.inc");
-include("fbegin.inc");
-?>
-<p class="pgtitle"><?=$pgtitle?></font></p>
+function print_summary_table($label, $iparr, $sort = TRUE) { ?>
-<h3>By Source IP</h3>
+<h3><?php echo $label; ?></h3>
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="listhdrr">IP</td>
@@ -114,8 +102,9 @@ include("fbegin.inc");
<td class="listhdrr">Src Ports</td>
<td class="listhdrr">Dst Ports</td>
</tr>
-<?php uksort($srcipinfo, "sort_by_ip");
- foreach($srcipinfo as $ip => $ipinfo) { ?>
+<?php if ($sort)
+ uksort($iparr, "sort_by_ip");
+ foreach($iparr as $ip => $ipinfo) { ?>
<tr>
<td class='vncell'><?php echo $ip; ?></td>
<td class='vncell'><?php echo $ipinfo['seen']; ?></td>
@@ -138,69 +127,21 @@ include("fbegin.inc");
</table>
+<?
+}
-<h3>By Destination IP</h3>
-<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
- <tr>
- <td class="listhdrr">IP</td>
- <td class="listhdrr"># States</td>
- <td class="listhdrr">Proto</td>
- <td class="listhdrr"># States</td>
- <td class="listhdrr">Src Ports</td>
- <td class="listhdrr">Dst Ports</td>
- </tr>
-<?php uksort($dstipinfo, "sort_by_ip");
- foreach($dstipinfo as $ip => $ipinfo) { ?>
- <tr>
- <td class='vncell'><?php echo $ip; ?></td>
- <td class='vncell'><?php echo $ipinfo['seen']; ?></td>
- <td class='vncell'>&nbsp;</td>
- <td class='vncell'>&nbsp;</td>
- <td class='vncell'>&nbsp;</td>
- <td class='vncell'>&nbsp;</td>
- </tr>
- <?php foreach($ipinfo['protos'] as $proto => $protoinfo) { ?>
- <tr>
- <td class='list'>&nbsp;</td>
- <td class='list'>&nbsp;</td>
- <td class='listlr'><?php echo $proto; ?></td>
- <td class='listr' align="center"><?php echo $protoinfo['seen']; ?></td>
- <td class='listr' align="center"><?php echo count($protoinfo['srcports']); ?></td>
- <td class='listr' align="center"><?php echo count($protoinfo['dstports']); ?></td>
- </tr>
- <?php } ?>
-<?php } ?>
-</table>
+$pgtitle = "Diagnostics: State Table Summary";
+require_once("guiconfig.inc");
+include("head.inc");
+include("fbegin.inc");
+?>
+<p class="pgtitle"><?=$pgtitle?></font></p>
+
+<?
+print_summary_table("By Source IP", $srcipinfo);
+print_summary_table("By Destination IP", $dstipinfo);
+print_summary_table("Total per IP", $allipinfo);
+print_summary_table("By IP Pair", $pairipinfo, FALSE);
+?>
-<h3>By IP Pair</h3>
-<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
- <tr>
- <td class="listhdrr">IP</td>
- <td class="listhdrr"># States</td>
- <td class="listhdrr">Proto</td>
- <td class="listhdrr"># States</td>
- <td class="listhdrr">Src Ports</td>
- <td class="listhdrr">Dst Ports</td>
- </tr>
-<?php foreach($pairipinfo as $ip => $ipinfo) { ?>
- <tr>
- <td class='vncell'><?php echo $ip; ?></td>
- <td class='vncell'><?php echo $ipinfo['seen']; ?></td>
- <td class='vncell'>&nbsp;</td>
- <td class='vncell'>&nbsp;</td>
- <td class='vncell'>&nbsp;</td>
- <td class='vncell'>&nbsp;</td>
- </tr>
- <?php foreach($ipinfo['protos'] as $proto => $protoinfo) { ?>
- <tr>
- <td class='list'>&nbsp;</td>
- <td class='list'>&nbsp;</td>
- <td class='listlr'><?php echo $proto; ?></td>
- <td class='listr' align="center"><?php echo $protoinfo['seen']; ?></td>
- <td class='listr' align="center"><?php echo count($protoinfo['srcports']); ?></td>
- <td class='listr' align="center"><?php echo count($protoinfo['dstports']); ?></td>
- </tr>
- <?php } ?>
-<?php } ?>
-</table>
<?php include("fend.inc"); ?>
diff --git a/pkg_config.7.xml b/pkg_config.7.xml
index c858eb91..97f5efd2 100755
--- a/pkg_config.7.xml
+++ b/pkg_config.7.xml
@@ -966,7 +966,7 @@
<name>States Summary</name>
<descr>States Summary Page, which will summarize firewall states by IP address and protocol.</descr>
<category>System</category>
- <version>0.3</version>
+ <version>0.4</version>
<status>Beta</status>
<maintainer>jimp@pfsense.org</maintainer>
<required_version>1.2.3</required_version>