7 files changed, 426 insertions, 0 deletions
diff --git a/config/widget-havp/havp_alerts.inc b/config/widget-havp/havp_alerts.inc
new file mode 100644
index 00000000..ecbfe897
--- /dev/null
+++ b/config/widget-havp/havp_alerts.inc
@@ -0,0 +1,15 @@
+<?php
+
+require_once("includes/havp_alerts.inc.php");
+
+$havp_alerts_title = "HAVP Alerts";
+$havp_alerts_title_link = "havp_alerts.php";
+
+$havp_alerts_logfile = "{$g['varlog_path']}/havp/access.log";
+$nentries = 5;
+$havp_alerts = get_havp_alerts($havp_alerts_logfile, $nentries);
+
+/* AJAX related routines */
+handle_havp_ajax($havp_alerts_logfile, $nentries = 5);
+
+?>
+\ No newline at end of file
diff --git a/config/widget-havp/havp_alerts.inc.php b/config/widget-havp/havp_alerts.inc.php
new file mode 100644
index 00000000..c0810b83
--- /dev/null
+++ b/config/widget-havp/havp_alerts.inc.php
@@ -0,0 +1,90 @@
+<?
+function get_havp_alerts($havp_alerts, $nentries, $tail = 20) {
+	global $config, $g;
+	$logarr = "";
+	/* Always do a reverse tail, to be sure we're grabbing the 'end' of the alerts. */
+	exec("/usr/bin/tail -r -n {$tail} {$havp_alerts}", $logarr);
+	
+	$havpalerts = array();
+	
+	$counter = 0;
+	
+	foreach ($logarr as $logent) {
+		if($counter >= $nentries)
+			break;
+
+		$alert = parse_havp_alert_line($logent);
+		if ($alert != "") {
+			$counter++;
+			$havpalerts[] = $alert;
+		}
+
+	}
+	/* Since the rules are in reverse order, flip them around if needed based on the user's preference */
+	return isset($config['syslog']['reverse']) ? $havpalerts : array_reverse($havpalerts);
+}
+
+
+
+
+function parse_havp_alert_line($line) {
+	$log_split = "";
+	
+	preg_match("/^(\d+\/\d+\/\d+)\s+(\d+:\d+:\d+)\s+(\d+.\d+.\d+.\d+)\s+\w+\s+\d+\s+(https?:\/\/([0-9a-z-]+\.)+([a-z]{2,3}|aero|coop|jobs|mobi|museum|name|travel)(:[0-9]{1,5})?(\/[^ ]*)?)\s+[0-9+]+\s+\w+\s+\w+:\s+([\S]+)$/U", $line, $log_split);
+
+  list($all, $alert['date'], $alert['time'], $alert['lanip'], $alert['url'], $alert['dontcare1'], $alert['dontcare2'], $alert['dontcare3'], $alert['query'],
+    $alert['virusname']) = $log_split;
+
+	$usableline = true;
+
+	if(trim($alert['url']) == "")
+		$usableline = false;
+	if(trim($alert['virusname']) == "")
+		$usableline = false;
+
+	if($usableline == true) {
+		return $alert;
+	} else {
+		if($g['debug']) {
+			log_error("There was a error parsing line: $line.   Please report to mailing list or forum.");
+		}
+		return "";
+	}
+}
+
+/* AJAX specific handlers */
+function handle_havp_ajax($havp_alerts_logfile, $nentries = 5, $tail = 50) {
+	if($_GET['lastsawtime'] or $_POST['lastsawtime']) {
+		if($_GET['lastsawtime'])
+			$lastsawtime = $_GET['lastsawtime'];
+		if($_POST['lastsawtime'])
+			$lastsawtime = $_POST['lastsawtime'];
+		/*  compare lastsawrule's time stamp to alert logs.
+		 *  afterwards return the newer records so that client
+                 *  can update AJAX interface screen.
+		 */
+		$new_rules = "";
+		$time_regex = "";
+		
+		$havp_alerts = get_havp_alerts($havp_alerts_logfile, $nentries);
+		foreach($havp_alerts as $log_row) {
+		  preg_match("/^([0-9][0-9])\/([0-9][0-9])\/([0-9][0-9][0-9][0-9])$/U",$log_row['date'] , $time_regex);
+#			$time_regex = "";"/^([0-9][0-9])\/([0-9][0-9])\/([0-9][0-9][0-9][0-9])\s+([0-9][0-9]:[0-9][0-9]:[0-9][0-9])$/U"
+	//		preg_match("/.*([0-9][0-9]:[0-9][0-9]:[0-9][0-9]).*/", $log_row['date'] . " " .  $log_row['time'], $time_regex);
+			$row_time = strtotime($time_regex[2] . "/" . $time_regex[1] . "/" . $time_regex[3] . " " . $log_row['time']);
+     // $myfile = "/testfile.txt";
+     // $fh = fopen($myfile,'a') or die("can't open file");
+     // $stringdata = $lastsawtime . "-" . $row_time . "\n";
+    //  fwrite($fh, $stringdata);
+    //  fclose($fh);
+
+			if($row_time > $lastsawtime  and $lastsawtime > 0) {
+			  
+				$new_rules .= "{$log_row['url']}||{$log_row['virusname']}||" . time() . "||{$log_row['date']}||{$log_row['time']}||" . "\n";
+			}
+		}
+		echo $new_rules;
+		exit;
+	}
+}
+?>
+\ No newline at end of file
diff --git a/config/widget-havp/havp_alerts.js b/config/widget-havp/havp_alerts.js
new file mode 100644
index 00000000..110e3998
--- /dev/null
+++ b/config/widget-havp/havp_alerts.js
@@ -0,0 +1,149 @@
+
+havplastsawtime = '<?php echo time(); ?>';
+var havplines = Array();
+var havptimer;
+var havpupdateDelay = 25500;
+var havpisBusy = false;
+var havpisPaused = false;
+
+<?php
+	if(isset($config['syslog']['reverse']))
+		echo "var isReverse = true;\n";
+	else
+		echo "var isReverse = false;\n";
+?>
+
+if (typeof getURL == 'undefined') {
+	getURL = function(url, callback) {
+		if (!url)
+			throw 'No URL for getURL';
+		try {
+			if (typeof callback.operationComplete == 'function')
+				callback = callback.operationComplete;
+		} catch (e) {}
+			if (typeof callback != 'function')
+				throw 'No callback function for getURL';
+		var http_request = null;
+		if (typeof XMLHttpRequest != 'undefined') {
+		    http_request = new XMLHttpRequest();
+		}
+		else if (typeof ActiveXObject != 'undefined') {
+			try {
+				http_request = new ActiveXObject('Msxml2.XMLHTTP');
+			} catch (e) {
+				try {
+					http_request = new ActiveXObject('Microsoft.XMLHTTP');
+				} catch (e) {}
+			}
+		}
+		if (!http_request)
+			throw 'Both getURL and XMLHttpRequest are undefined';
+		http_request.onreadystatechange = function() {
+			if (http_request.readyState == 4) {
+				callback( { success : true,
+				  content : http_request.responseText,
+				  contentType : http_request.getResponseHeader("Content-Type") } );
+			}
+		}
+		http_request.open('GET', url, true);
+		http_request.send(null);
+	}
+}
+
+function havp_alerts_fetch_new_rules() {
+	if(havpisPaused)
+		return;
+	if(havpisBusy)
+		return;
+	havpisBusy = true;
+	getURL('widgets/helpers/havp_alerts_helper.php?lastsawtime=' + havplastsawtime, havp_alerts_fetch_new_rules_callback);
+}
+function havp_alerts_fetch_new_rules_callback(callback_data) {
+	if(havpisPaused)
+		return;
+
+	var data_split;
+	var new_data_to_add = Array();
+	var data = callback_data.content;
+	data_split = data.split("\n");
+	for(var x=0; x<data_split.length-1; x++) {
+		/* loop through rows */
+		row_split = data_split[x].split("||");
+		var line = '';
+		line +=  '<td width="25%"  class="listr">' + row_split[4] + '<br> ' + row_split[3]  + '</td>';
+		line += '<td width="75%"  class="listr">' + row_split[0] + '<br>' + row_split[1] + '</td>';
+		havplastsawtime = row_split[2];
+		new_data_to_add[new_data_to_add.length] = line;
+	}
+	havp_alerts_update_div_rows(new_data_to_add);
+	havpisBusy = false;
+}
+
+
+function havp_alerts_update_div_rows(data) {
+	if(havpisPaused)
+		return;
+		
+	var isIE = navigator.appName.indexOf('Microsoft') != -1;
+	var isSafari = navigator.userAgent.indexOf('Safari') != -1;
+	var isOpera = navigator.userAgent.indexOf('Opera') != -1;
+	var rulestable = document.getElementById('havp_alerts');
+	var rows = rulestable.getElementsByTagName('tr');
+	var showanim = 1;
+	if (isIE) {
+		showanim = 0;
+	}
+	//alert(data.length);
+	for(var x=0; x<data.length; x++) {
+		var numrows = rows.length;
+		/*    if reverse logging is enabled we need to show the
+		 *    records in a reverse order with new items appearing
+		 *    on the top
+		 */
+		if(isReverse == false) {
+			for (var i = 1; i < numrows; i++) {
+				nextrecord = i + 1;
+				if(nextrecord < numrows)
+					rows[i].innerHTML = rows[nextrecord].innerHTML;
+			}
+		} else {
+			for (var i = numrows; i > 0; i--) {
+				nextrecord = i + 1;
+				if(nextrecord < numrows)
+					rows[nextrecord].innerHTML = rows[i].innerHTML;
+			}
+		}
+		var item = document.getElementById('havp-firstrow');
+		if(x == data.length-1) 
+    {
+			/* nothing */
+			showanim = false;
+		} 
+    else 
+    {
+			showanim = false;
+		}
+		if (showanim) 
+    {
+	//		item.style.display = 'none';
+			item.innerHTML = data[x];
+	//		new Effect.Appear(item);
+		}
+     else 
+     {
+			item.innerHTML = data[x];
+		}
+	}
+	/* rechedule AJAX interval */
+	//havptimer = setInterval('havp_alerts_fetch_new_rules()', havpupdateDelay);
+}
+function havp_alerts_toggle_pause() {
+	if(havpisPaused) {
+		havpisPaused = false;
+		havp_alerts_fetch_new_rules();
+	} else {
+		havpisPaused = true;
+	}
+}
+/* start local AJAX engine */
+havptimer = setInterval('havp_alerts_fetch_new_rules()', havpupdateDelay);
diff --git a/config/widget-havp/havp_alerts.widget.php b/config/widget-havp/havp_alerts.widget.php
new file mode 100644
index 00000000..57614fa1
--- /dev/null
+++ b/config/widget-havp/havp_alerts.widget.php
@@ -0,0 +1,63 @@
+<?php
+/*
+    havp_alerts.widget.php
+    Copyright (C) 2009 Michael Liberman , Jim Pingle
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INClUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+*/
+global $config, $g;
+
+?>
+<table width="100%" border="0" cellspacing="0" cellpadding="0">
+	<tbody>
+		<tr class="havp-alert-header">
+			<td width="25%" class="widgetsubheader">Date</td>
+			<td width="75%" class="widgetsubheader">Details</td>
+		</tr>
+<?php   $counter=0;
+ 	foreach ($havp_alerts as $alert) { ?>
+
+	<?php
+		if(isset($config['syslog']['reverse'])) {
+			/* honour reverse logging setting */
+			if($counter == 0)
+				$activerow = " id=\"havp-firstrow\"";
+			else
+				$activerow = "";
+
+		} else {
+			/* non-reverse logging */
+			if($counter == count($havp_alerts) - 1)
+				$activerow = " id=\"havp-firstrow\"";
+			else
+				$activerow = "";
+		}
+	?>
+
+		<tr class="havp-alert-entry" <?php echo $activerow; ?>>
+			<td width="25%" class="listr"><?= $alert["time"] . "<br>" . $alert["date"]?></td>
+			<td width="75%" class="listr"><?= $alert["url"] . "<br>" . $alert["virusname"] ?></td>
+		</tr>
+<?php 		$counter++;
+	} ?>
+	</tbody>
+</table>
diff --git a/config/widget-havp/havp_alerts_helper.php b/config/widget-havp/havp_alerts_helper.php
new file mode 100644
index 00000000..332394b2
--- /dev/null
+++ b/config/widget-havp/havp_alerts_helper.php
@@ -0,0 +1,13 @@
+<?php
+require("guiconfig.inc");
+
+require_once("includes/havp_alerts.inc.php");
+
+$havp_alerts_logfile = "{$g['varlog_path']}/havp/access.log";
+$nentries = 5;
+handle_havp_ajax($havp_alerts_logfile, $nentries);
+
+?>
+<script src="/javascript/scriptaculous/prototype.js" type="text/javascript"></script>
+<script src="/javascript/scriptaculous/scriptaculous.js" type="text/javascript"></script>
+<script src="/widgets/javascript/havp_alerts.js" type="text/javascript"></script>
diff --git a/config/widget-havp/widget-havp.inc b/config/widget-havp/widget-havp.inc
new file mode 100644
index 00000000..61713f24
--- /dev/null
+++ b/config/widget-havp/widget-havp.inc
@@ -0,0 +1,11 @@
+<?php
+
+function widget_havp_uninstall() {
+	unlink("/usr/local/www/includes/havp_alerts.inc.php");
+	unlink("/usr/local/www/widgets/helpers/havp_alerts_helper.php");
+	unlink("/usr/local/www/widgets/include/havp_alerts.inc");
+	unlink("/usr/local/www/widgets/javascript/havp_alerts.js");
+	unlink("/usr/local/www/widgets/widgets/havp_alerts.widget.php");
+}
+
+?>
+\ No newline at end of file
diff --git a/config/widget-havp/widget-havp.xml b/config/widget-havp/widget-havp.xml
new file mode 100644
index 00000000..7042fe55
--- /dev/null
+++ b/config/widget-havp/widget-havp.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
+<packagegui>
+	<copyright>
+	<![CDATA[
+/* $Id$	*/
+/* ========================================================================== */
+/*
+    widget-havp.xml
+    part of pfSense (http://www.pfSense.com)
+    Copyright (C) 2009 Jim Pingle
+    All	rights reserved.
+
+    Based on m0n0wall (http://m0n0.ch/wall)
+    Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+    All	rights reserved.
+									      */
+/* ========================================================================== */
+/*
+    Redistribution and use in source and binary	forms, with or without
+    modification, are permitted	provided that the following conditions are met:
+
+     1.	Redistributions	of source code must retain the above copyright notice,
+	this list of conditions	and the	following disclaimer.
+
+     2.	Redistributions	in binary form must reproduce the above	copyright
+	notice,	this list of conditions	and the	following disclaimer in	the
+	documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS''	AND ANY	EXPRESS	OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND	FITNESS	FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR	SERVICES; LOSS OF USE, DATA, OR	PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON	ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY,	OR TORT	(INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,	EVEN IF	ADVISED	OF THE
+    POSSIBILITY	OF SUCH	DAMAGE.
+									      */
+/* ========================================================================== */
+	]]>
+	</copyright>
+	<description>HAVP widget add-on for Dashboard package</description>
+	<requirements>Dashboard package and HAVP</requirements>
+	<faq>Currently there are no FAQ	items provided.</faq>
+	<name>widget-havp</name>
+	<version>0.1</version>
+	<title>Widget - HAVP</title>
+	<include_file>/usr/local/pkg/widget-havp.inc</include_file>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/widget-havp/widget-havp.inc</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/includes/</prefix>
+		<chmod>0644</chmod>
+		<item>http://www.pfsense.com/packages/config/widget-havp/havp_alerts.inc.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/widgets/helpers/</prefix>
+		<chmod>0644</chmod>
+		<item>http://www.pfsense.com/packages/config/widget-havp/havp_alerts_helper.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/widgets/include/</prefix>
+		<chmod>0644</chmod>
+		<item>http://www.pfsense.com/packages/config/widget-havp/havp_alerts.inc</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/widgets/javascript/</prefix>
+		<chmod>0644</chmod>
+		<item>http://www.pfsense.com/packages/config/widget-havp/havp_alerts.js</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/widgets/widgets/</prefix>
+		<chmod>0644</chmod>
+		<item>http://www.pfsense.com/packages/config/widget-havp/havp_alerts.widget.php</item>
+	</additional_files_needed>
+	<custom_php_deinstall_command>
+		widget_havp_uninstall();
+	</custom_php_deinstall_command>
+</packagegui>