2011-12-21 14:09:26 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
// Pandora FMS - http://pandorafms.com
|
|
|
|
|
// ==================================================
|
|
|
|
|
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
|
|
|
|
|
// Please see http://pandorafms.org for full contribution list
|
|
|
|
|
|
|
|
|
|
// This program is free software; you can redistribute it and/or
|
|
|
|
|
// modify it under the terms of the GNU General Public License
|
|
|
|
|
// as published by the Free Software Foundation; version 2
|
|
|
|
|
|
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
// GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
global $config;
|
|
|
|
|
|
|
|
|
|
include_once("include/functions_graph.php");
|
|
|
|
|
include_once("include/functions_ui.php");
|
|
|
|
|
include_once("include/functions_netflow.php");
|
|
|
|
|
ui_require_javascript_file ('calendar');
|
|
|
|
|
|
|
|
|
|
check_login ();
|
|
|
|
|
|
|
|
|
|
if (! check_acl ($config["id_user"], 0, "AR")) {
|
|
|
|
|
db_pandora_audit("ACL Violation",
|
|
|
|
|
"Trying to access event viewer");
|
|
|
|
|
require ("general/noaccess.php");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function exec_command ($start_date, $end_date, $command, $show){
|
2012-01-02 15:36:55 +01:00
|
|
|
$command .= ' -t '.$start_date.'-'.$end_date.' -N';
|
2011-12-21 14:09:26 +01:00
|
|
|
|
|
|
|
|
$values = array();
|
|
|
|
|
exec($command, $string);
|
|
|
|
|
|
|
|
|
|
$i = 0;
|
|
|
|
|
if(isset($string) && is_array($string)&&($string!=null)){
|
|
|
|
|
foreach($string as $line){
|
|
|
|
|
$line = preg_replace('/\s+/',' ',$line);
|
|
|
|
|
|
|
|
|
|
$val = explode(' ',$line);
|
|
|
|
|
|
|
|
|
|
$values[$i]['date'] = $val[0];
|
|
|
|
|
$values[$i]['time'] = $val[1];
|
|
|
|
|
$values[$i]['duration'] = $val[2];
|
|
|
|
|
$values[$i]['proto'] = $val[3];
|
|
|
|
|
$values[$i]['srcip:port'] = $val[4];
|
|
|
|
|
$val2 = explode(':', $val[4]);
|
|
|
|
|
$values[$i]['srcip'] = $val2[0];
|
|
|
|
|
// campo para mostrar grafica de tarta
|
|
|
|
|
$values[$i]['agg'] = $val2[0];
|
|
|
|
|
$values[$i]['srcport'] = $val2[1];
|
|
|
|
|
$values[$i]['dstip:port'] = $val[6];
|
|
|
|
|
$val2 = explode(':', $val[6]);
|
|
|
|
|
$values[$i]['dstip'] = $val2[0];
|
|
|
|
|
$values[$i]['dstport'] = $val2[1];
|
|
|
|
|
|
|
|
|
|
switch ($show){
|
|
|
|
|
case "packets":
|
|
|
|
|
$values[$i]['data'] = $val[7];
|
|
|
|
|
break;
|
|
|
|
|
case "bytes":
|
2012-01-02 15:36:55 +01:00
|
|
|
$values[$i]['data'] = $val[8];
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
case "flows":
|
2012-01-02 15:36:55 +01:00
|
|
|
$values[$i]['data'] = $val[9];
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
return $values;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function exec_command_aggregate ($start_date, $end_date, $command, $show){
|
2012-01-02 15:36:55 +01:00
|
|
|
$command .= ' -t '.$start_date.'-'.$end_date.' -N';
|
2012-01-05 13:08:15 +01:00
|
|
|
|
2011-12-21 14:09:26 +01:00
|
|
|
$values = array();
|
|
|
|
|
exec($command, $string);
|
|
|
|
|
|
|
|
|
|
$i = 0;
|
|
|
|
|
if(isset($string) && is_array($string)&&($string!=null)){
|
|
|
|
|
foreach($string as $line){
|
|
|
|
|
if ($line=='')
|
|
|
|
|
break;
|
2012-01-05 13:08:15 +01:00
|
|
|
$line = preg_replace ('/\(\s*\S+\)/', '', $line);
|
|
|
|
|
$line = preg_replace ('/\s+/', ' ', $line);
|
2011-12-21 14:09:26 +01:00
|
|
|
$val = explode(' ',$line);
|
|
|
|
|
|
|
|
|
|
$values[$i]['date'] = $val[0];
|
|
|
|
|
$values[$i]['time'] = $val[1];
|
|
|
|
|
|
|
|
|
|
//create field to sort array
|
|
|
|
|
$date = $val[0];
|
|
|
|
|
$time = $val[1];
|
|
|
|
|
$date_time = strtotime ($date." ".$time);
|
|
|
|
|
$values[$i]['datetime'] = $date_time;
|
|
|
|
|
///
|
|
|
|
|
$values[$i]['duration'] = $val[2];
|
|
|
|
|
$values[$i]['proto'] = $val[3];
|
|
|
|
|
$values[$i]['agg'] = $val[4];
|
2012-01-05 13:08:15 +01:00
|
|
|
|
2011-12-21 14:09:26 +01:00
|
|
|
switch ($show){
|
|
|
|
|
case "packets":
|
2012-01-05 13:08:15 +01:00
|
|
|
$values[$i]['data'] = $val[6];
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
case "bytes":
|
2012-01-05 13:08:15 +01:00
|
|
|
$values[$i]['data'] = $val[7];
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
case "bps":
|
2012-01-05 13:08:15 +01:00
|
|
|
$values[$i]['data'] = $val[9];
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
case "bpp":
|
2012-01-05 13:08:15 +01:00
|
|
|
$values[$i]['data'] = $val[10];
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
return $values;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-01-05 13:08:15 +01:00
|
|
|
function get_aggregate ($start_date, $end_date, $command, $show,$filt, $aggregate, $max, $order){
|
|
|
|
|
//$command .= ' -t '.$start_date.'-'.$end_date.' -N';
|
|
|
|
|
$command_1 = $command.' -n '.$max;
|
|
|
|
|
$command_1 .= $order;
|
|
|
|
|
|
|
|
|
|
//html_debug_print($aggregate);
|
|
|
|
|
$values = array();
|
|
|
|
|
exec($command_1, $string);
|
|
|
|
|
|
|
|
|
|
$i = 0;
|
|
|
|
|
$aggs = array();
|
|
|
|
|
$ag ='';
|
|
|
|
|
if(isset($string) && is_array($string)&&($string!=null)){
|
|
|
|
|
foreach($string as $line) {
|
|
|
|
|
if ($line=='')
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
$line = preg_replace ('/\s+/', ' ', $line);
|
|
|
|
|
$val = explode(' ',$line);
|
|
|
|
|
switch ($aggregate){
|
|
|
|
|
case "proto":
|
|
|
|
|
$aggs[$val[3]] = $val[3];
|
|
|
|
|
break;
|
|
|
|
|
case "srcip":
|
|
|
|
|
$val2 = explode(':', $val[4]);
|
|
|
|
|
$aggs[$val2[0]] = $val2[0];
|
|
|
|
|
break;
|
|
|
|
|
case "srcport":
|
|
|
|
|
$val2 = explode(':', $val[4]);
|
|
|
|
|
$aggs[$val2[1]] = $val2[1];
|
|
|
|
|
break;
|
|
|
|
|
case "dstip":
|
|
|
|
|
$val2 = explode(':', $val[6]);
|
|
|
|
|
$aggs[$val2[0]] = $val2[0];
|
|
|
|
|
break;
|
|
|
|
|
case "dstport":
|
|
|
|
|
$val2 = explode(':', $val[6]);
|
|
|
|
|
$aggs[$val2[1]] = $val2[1];
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
//html_debug_print($aggs);
|
|
|
|
|
return $aggs;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function exec_command_prueba ($start_date, $end_date, $command, $show, $aggs, $aggregate){
|
|
|
|
|
//$command .= ' -t '.$start_date.'-'.$end_date.' -N';
|
|
|
|
|
$values = array();
|
|
|
|
|
$ag = 'src ip';
|
|
|
|
|
|
|
|
|
|
$count_agg = count($aggs);
|
|
|
|
|
$command .= ' "';
|
|
|
|
|
$i = 0;
|
|
|
|
|
foreach($aggs as $agg){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= $ag.' '.$agg;
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or '.$ag.' '.$agg;
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
$command .= '"';
|
|
|
|
|
exec($command, $result);
|
|
|
|
|
//html_debug_print($result);
|
|
|
|
|
|
|
|
|
|
$i = 0;
|
|
|
|
|
if(isset($result) && is_array($result)&&($result!=null)){
|
|
|
|
|
foreach($result as $line) {
|
|
|
|
|
if ($line=='')
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
$line = preg_replace ('/\s+/', ' ', $line);
|
|
|
|
|
$val = explode(' ',$line);
|
|
|
|
|
$values[$i]['date'] = $val[0];
|
|
|
|
|
$values[$i]['time'] = $val[1];
|
|
|
|
|
|
|
|
|
|
//create field to sort array
|
|
|
|
|
$date = $val[0];
|
|
|
|
|
$time = $val[1];
|
|
|
|
|
$date_time = strtotime ($date." ".$time);
|
|
|
|
|
$values[$i]['datetime'] = $date_time;
|
|
|
|
|
///
|
|
|
|
|
$values[$i]['duration'] = $val[2];
|
|
|
|
|
$values[$i]['proto'] = $val[3];
|
|
|
|
|
|
|
|
|
|
switch ($show){
|
|
|
|
|
case "packets":
|
|
|
|
|
$values[$i]['data'] = $val[7];
|
|
|
|
|
break;
|
|
|
|
|
case "bytes":
|
|
|
|
|
$values[$i]['data'] = $val[8];
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $values;
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-21 14:09:26 +01:00
|
|
|
$id = get_parameter('id');
|
2011-12-30 16:16:07 +01:00
|
|
|
$period = get_parameter('period', '86400');
|
|
|
|
|
$date_= get_parameter('date', date ("Y/m/d", get_system_time ()));
|
|
|
|
|
$time_= get_parameter('time', date ("H:i:s", get_system_time ()));
|
2011-12-21 14:09:26 +01:00
|
|
|
$report_name = db_get_value('id_name', 'tnetflow_report', 'id_report', $id);
|
|
|
|
|
|
|
|
|
|
$time_format = 'Y/m/d.H:i:s';
|
|
|
|
|
|
|
|
|
|
$update_date = get_parameter('update_date',0);
|
|
|
|
|
|
|
|
|
|
$buttons['report_list'] = '<a href="index.php?sec=netf&sec2=operation/netflow/nf_reporting">'
|
|
|
|
|
. html_print_image ("images/edit.png", true, array ("title" => __('Report list')))
|
|
|
|
|
. '</a>';
|
|
|
|
|
|
|
|
|
|
//Header
|
|
|
|
|
ui_print_page_header (__('Netflow'), "images/networkmap/so_cisco_new.png", false, "", false, $buttons);
|
|
|
|
|
|
|
|
|
|
echo"<h4>".__('Filter graph')."</h4>";
|
|
|
|
|
|
|
|
|
|
echo '<form method="post" action="index.php?sec=netf&sec2=operation/netflow/nf_view&id='.$id.'">';
|
|
|
|
|
|
|
|
|
|
$table->width = '60%';
|
|
|
|
|
$table->border = 0;
|
|
|
|
|
$table->cellspacing = 3;
|
|
|
|
|
$table->cellpadding = 5;
|
|
|
|
|
$table->class = "databox_color";
|
|
|
|
|
$table->style[0] = 'vertical-align: top;';
|
|
|
|
|
|
|
|
|
|
$table->data = array ();
|
|
|
|
|
|
|
|
|
|
$table->data[0][0] = '<b>'.__('Date').'</b>';
|
|
|
|
|
|
2011-12-30 16:16:07 +01:00
|
|
|
$table->data[0][1] = html_print_input_text ('date', $date_, false, 10, 10, true);
|
2011-12-21 14:09:26 +01:00
|
|
|
$table->data[0][1] .= html_print_image ("images/calendar_view_day.png", true, array ("alt" => "calendar", "onclick" => "scwShow(scwID('text-date'),this);"));
|
2011-12-30 16:16:07 +01:00
|
|
|
$table->data[0][1] .= html_print_input_text ('time', $time_, false, 10, 5, true);
|
2011-12-21 14:09:26 +01:00
|
|
|
|
|
|
|
|
$table->data[1][0] = '<b>'.__('Interval').'</b>';
|
|
|
|
|
$values_period = array ('600' => __('10 mins'),
|
|
|
|
|
'900' => __('15 mins'),
|
|
|
|
|
'1800' => __('30 mins'),
|
|
|
|
|
'3600' => __('1 hour'),
|
|
|
|
|
'7200' => __('2 hours'),
|
|
|
|
|
'18000' => __('5 hours'),
|
|
|
|
|
'43200' => __('12 hours'),
|
|
|
|
|
'86400' => __('1 day'),
|
|
|
|
|
'172800' => __('2 days'),
|
|
|
|
|
'432000' => __('5 days'),
|
|
|
|
|
'1296000' => __('15 days'),
|
|
|
|
|
'604800' => __('Last week'),
|
|
|
|
|
'2592000' => __('Last month'),
|
|
|
|
|
'5184000' => __('2 months'),
|
|
|
|
|
'7776000' => __('3 months'),
|
|
|
|
|
'15552000' => __('6 months'),
|
|
|
|
|
'31104000' => __('Last year'),
|
|
|
|
|
'62208000' => __('2 years')
|
|
|
|
|
);
|
|
|
|
|
$table->data[1][1] = html_print_select ($values_period, 'period', $period, '', '', 0, true, false, false);
|
|
|
|
|
html_print_table ($table);
|
|
|
|
|
|
|
|
|
|
echo '<div class="action-buttons" style="width:60%;">';
|
|
|
|
|
html_print_submit_button (__('Update'), 'updbutton', false, 'class="sub upd"');
|
|
|
|
|
html_print_input_hidden ('update_date', 1);
|
|
|
|
|
echo '</div>';
|
|
|
|
|
echo'</form>';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($id!=''){
|
|
|
|
|
echo"<h3>$report_name</h3>";
|
2011-12-21 18:14:41 +01:00
|
|
|
|
|
|
|
|
$sql1 = "select id_rc from tnetflow_report_content where id_report='".$id."'";
|
|
|
|
|
$all_rcs = db_get_all_rows_sql($sql1);
|
2011-12-21 14:09:26 +01:00
|
|
|
|
|
|
|
|
$x = 0;
|
2011-12-21 18:14:41 +01:00
|
|
|
while(isset($all_rcs[$x]['id_rc'])) {
|
|
|
|
|
$rc = $all_rcs[$x]['id_rc'];
|
|
|
|
|
$sql = "SELECT * FROM tnetflow_report_content WHERE id_rc='".$rc."'";
|
2011-12-21 14:09:26 +01:00
|
|
|
|
|
|
|
|
$content_report = db_get_row_sql($sql);
|
|
|
|
|
$name_filter = $content_report['id_filter'];
|
|
|
|
|
$max_val= $content_report['max'];
|
|
|
|
|
$element = $content_report['show_graph'];
|
2011-12-30 16:16:07 +01:00
|
|
|
|
2011-12-21 14:09:26 +01:00
|
|
|
if($update_date){
|
|
|
|
|
$date = get_parameter_post ('date');
|
|
|
|
|
$time = get_parameter_post ('time');
|
2011-12-30 16:16:07 +01:00
|
|
|
$interval = get_parameter('period','86400');
|
|
|
|
|
} else {
|
|
|
|
|
$date = date ("Y/m/d", get_system_time ());
|
|
|
|
|
$time = date ("H:i:s", get_system_time ());
|
|
|
|
|
$interval ='86400';
|
2011-12-21 14:09:26 +01:00
|
|
|
}
|
2011-12-30 16:16:07 +01:00
|
|
|
$date = strtotime ($date." ".$time);
|
|
|
|
|
$date_time = date($time_format, $date);
|
2011-12-21 14:09:26 +01:00
|
|
|
$limit = $date - $interval;
|
|
|
|
|
|
|
|
|
|
$date_limit = date ($time_format, $limit);
|
|
|
|
|
|
|
|
|
|
$sql = "SELECT * FROM tnetflow_filter WHERE id_name = '".$name_filter."'";
|
|
|
|
|
$result = db_get_row_sql($sql,false,true);
|
|
|
|
|
|
|
|
|
|
$assign_group = $result['group'];
|
|
|
|
|
$ip_dst = $result['ip_dst'];
|
|
|
|
|
$ip_src = $result['ip_src'];
|
|
|
|
|
$dst_port = $result['dst_port'];
|
|
|
|
|
$src_port = $result['src_port'];
|
|
|
|
|
$aggregate = $result['aggregate'];
|
|
|
|
|
$show_packets = $result['show_packets'];
|
|
|
|
|
$show_bytes = $result['show_bytes'];
|
|
|
|
|
$show_bps = $result['show_bps'];
|
|
|
|
|
$show_bpp = $result['show_bpp'];
|
2012-01-05 13:08:15 +01:00
|
|
|
|
|
|
|
|
$dst_net = false;
|
|
|
|
|
$src_net = false;
|
2011-12-21 14:09:26 +01:00
|
|
|
|
|
|
|
|
if(isset($ip_dst)){
|
2012-01-05 13:08:15 +01:00
|
|
|
$net = preg_match('/\//',$ip_dst);
|
|
|
|
|
//html_debug_print(var_dump($net));
|
|
|
|
|
if ($net != 0) {
|
|
|
|
|
$dst_net = true;
|
|
|
|
|
} else {
|
|
|
|
|
$val_ipdst = explode(',',$ip_dst);
|
|
|
|
|
$count_ipdst = count($val_ipdst);
|
|
|
|
|
}
|
2011-12-21 14:09:26 +01:00
|
|
|
}
|
|
|
|
|
if(isset($ip_src)){
|
2012-01-05 13:08:15 +01:00
|
|
|
$net = preg_match('/\//',$ip_src);
|
|
|
|
|
if ($net != 0) {
|
|
|
|
|
$src_net = true;
|
|
|
|
|
} else {
|
|
|
|
|
$val_ipsrc = explode(',',$ip_src);
|
|
|
|
|
$count_ipsrc = count($val_ipsrc);
|
|
|
|
|
}
|
2011-12-21 14:09:26 +01:00
|
|
|
}
|
|
|
|
|
if(isset($dst_port)&&($dst_port!='0')){
|
|
|
|
|
$val_dstport = explode(',',$dst_port);
|
|
|
|
|
$count_dstport = count($val_dstport);
|
|
|
|
|
}
|
|
|
|
|
if(isset($src_port)&&($src_port!='0')){
|
|
|
|
|
$val_srcport = explode(',',$src_port);
|
|
|
|
|
$count_srcport = count($val_srcport);
|
|
|
|
|
}
|
|
|
|
|
|
2012-01-05 13:08:15 +01:00
|
|
|
//// Build command line
|
2011-12-21 14:09:26 +01:00
|
|
|
$command = 'nfdump -q';
|
|
|
|
|
|
|
|
|
|
if (isset($config['netflow_path']))
|
|
|
|
|
$command .= ' -R '.$config['netflow_path'];
|
|
|
|
|
|
2012-01-05 13:08:15 +01:00
|
|
|
/*
|
2011-12-21 14:09:26 +01:00
|
|
|
if (isset($aggregate)&&($aggregate!='none')){
|
|
|
|
|
$command .= ' -s '.$aggregate;
|
|
|
|
|
if (isset($max_val))
|
|
|
|
|
$command .= ' -n '.$max_val;
|
|
|
|
|
}
|
2012-01-05 13:08:15 +01:00
|
|
|
*/
|
2011-12-21 14:09:26 +01:00
|
|
|
|
2012-01-05 13:08:15 +01:00
|
|
|
//filter options
|
|
|
|
|
if (isset($ip_dst)&&($ip_dst!='')&&($dst_net == false)){
|
2011-12-21 14:09:26 +01:00
|
|
|
$command .= ' "';
|
|
|
|
|
for($i=0;$i<$count_ipdst;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'dst ip '.$val_ipdst[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or dst ip '.$val_ipdst[$i];
|
|
|
|
|
}
|
2012-01-05 13:08:15 +01:00
|
|
|
if (isset($ip_src)&&($ip_src!='')&&($src_net == false)){
|
2011-12-21 14:09:26 +01:00
|
|
|
$command .= ' and (';
|
|
|
|
|
|
|
|
|
|
for($i=0;$i<$count_ipsrc;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'src ip '.$val_ipsrc[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or src ip '.$val_ipsrc[$i];
|
|
|
|
|
}
|
|
|
|
|
$command .= ')';
|
|
|
|
|
}
|
|
|
|
|
if (isset($dst_port)&&($dst_port!='')&&($dst_port!='0')){
|
|
|
|
|
$command .= ' and (';
|
|
|
|
|
for($i=0;$i<$count_dstport;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'dst port '. $val_dstport[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or dst port '.$val_dstport[$i];
|
|
|
|
|
}
|
|
|
|
|
$command .= ')';
|
|
|
|
|
}
|
|
|
|
|
if (isset($src_port)&&($src_port!='')&&($src_port!='0')){
|
|
|
|
|
$command .= ' and (';
|
|
|
|
|
for($i=0;$i<$count_srcport;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'src port '. $val_srcport[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or src port '.$val_srcport[$i];
|
|
|
|
|
}
|
|
|
|
|
$command .= ')';
|
|
|
|
|
}
|
|
|
|
|
$command .= '"';
|
|
|
|
|
|
2012-01-05 13:08:15 +01:00
|
|
|
} else if (isset($ip_src)&&($ip_src!='')&&($src_net == false)) {
|
2011-12-21 14:09:26 +01:00
|
|
|
$command .= ' "';
|
|
|
|
|
for($i=0;$i<$count_ipsrc;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'src ip '.$val_ipsrc[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or src ip '.$val_ipsrc[$i];
|
|
|
|
|
}
|
|
|
|
|
if (isset($dst_port)&&($dst_port!='')&&($dst_port!='0')){
|
|
|
|
|
$command .= ' and (';
|
|
|
|
|
for($i=0;$i<$count_dstport;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'dst port '. $val_dstport[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or dst port '.$val_dstport[$i];
|
|
|
|
|
}
|
|
|
|
|
$command .= ')';
|
|
|
|
|
}
|
|
|
|
|
if (isset($src_port)&&($src_port!='')&&($src_port!='0')){
|
|
|
|
|
$command .= ' and (';
|
|
|
|
|
for($i=0;$i<$count_srcport;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'src port '. $val_srcport[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or src port '.$val_srcport[$i];
|
|
|
|
|
}
|
|
|
|
|
$command .= ')';
|
|
|
|
|
} else {
|
|
|
|
|
$command .= '"';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else if (isset($dst_port)&&($dst_port!='')&&($dst_port!='0')){
|
|
|
|
|
$command .= ' "';
|
|
|
|
|
for($i=0;$i<$count_dstport;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'dst port '.$val_dstport[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or dst port '.$val_dstport[$i];
|
|
|
|
|
}
|
|
|
|
|
if (isset($src_port)&&($src_port!='')&&($src_port!='0')){
|
|
|
|
|
$command .= ' and (';
|
|
|
|
|
for($i=0;$i<$count_srcport;$i++){
|
|
|
|
|
if ($i==0)
|
|
|
|
|
$command .= 'src port '. $val_srcport[$i];
|
|
|
|
|
else
|
|
|
|
|
$command .= ' or src port '.$val_srcport[$i];
|
|
|
|
|
}
|
|
|
|
|
$command .= ')';
|
|
|
|
|
} else {
|
|
|
|
|
$command .= '"';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else {
|
2012-01-05 13:08:15 +01:00
|
|
|
if (isset($src_port)&&($src_port!='')&&($src_port!='0')&&($src_net == false)&&($dst_net == false)){
|
2011-12-21 14:09:26 +01:00
|
|
|
$command .= ' "(';
|
2012-01-05 13:08:15 +01:00
|
|
|
for($i=0;$i<$count_srcport;$i++){
|
2011-12-21 14:09:26 +01:00
|
|
|
if ($i==0)
|
2012-01-05 13:08:15 +01:00
|
|
|
$command .= 'src port '.$val_srcport[$i];
|
2011-12-21 14:09:26 +01:00
|
|
|
else
|
2012-01-05 13:08:15 +01:00
|
|
|
$command .= ' or src port '.$val_srcport[$i];
|
2011-12-21 14:09:26 +01:00
|
|
|
}
|
|
|
|
|
$command .= ' )"';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-30 16:16:07 +01:00
|
|
|
if ($show_packets)
|
|
|
|
|
$show = 'packets';
|
|
|
|
|
if ($show_bytes)
|
|
|
|
|
$show = 'bytes';
|
|
|
|
|
if ($show_bps)
|
|
|
|
|
$show = 'bps';
|
|
|
|
|
if ($show_bpp)
|
|
|
|
|
$show = 'bpp';
|
2011-12-21 14:09:26 +01:00
|
|
|
|
2012-01-03 16:36:36 +01:00
|
|
|
//create interval to divide command execution
|
2012-01-05 13:08:15 +01:00
|
|
|
$inter = $config['graph_res'] * 50;
|
|
|
|
|
/*
|
2011-12-21 14:09:26 +01:00
|
|
|
if ($aggregate!='none')
|
|
|
|
|
$inter = 1;
|
2012-01-05 13:08:15 +01:00
|
|
|
*/
|
2011-12-21 14:09:26 +01:00
|
|
|
|
|
|
|
|
$fecha_limite = date ($time_format, $limit);
|
|
|
|
|
$res = $interval/$inter;
|
2012-01-05 13:08:15 +01:00
|
|
|
|
|
|
|
|
$aggs = array();
|
|
|
|
|
if ($aggregate!='none'){
|
|
|
|
|
$command = 'nfdump -q -R /home/vanessa/netflow/netflow/ -t 2011/11/29.14:53:17-2011/12/30.20:53:17 -N';
|
|
|
|
|
$filt='';
|
|
|
|
|
$order = ' -s record/'.$show;
|
|
|
|
|
$j = 0;
|
|
|
|
|
$aggs = get_aggregate($date_limit, $date_time, $command, $show,$filt,$aggregate, $max_val, $order);
|
|
|
|
|
}
|
2011-12-21 14:09:26 +01:00
|
|
|
// Data iterator
|
|
|
|
|
$j = 0;
|
2011-12-21 16:28:01 +01:00
|
|
|
$values = array();
|
2012-01-05 13:08:15 +01:00
|
|
|
|
2011-12-21 14:09:26 +01:00
|
|
|
|
|
|
|
|
// Calculate interval date
|
|
|
|
|
for ($i = 0; $i < $inter; $i++) {
|
|
|
|
|
$timestamp = $limit + ($res * $i);
|
|
|
|
|
$timestamp_short = date($time_format, $timestamp);
|
|
|
|
|
|
|
|
|
|
$end_date = $timestamp + $res;
|
|
|
|
|
$end = date ($time_format, $end_date);
|
|
|
|
|
|
|
|
|
|
if($aggregate!='none'){
|
2012-01-05 13:08:15 +01:00
|
|
|
$result = exec_command_prueba($timestamp_short, $end, $command, $show, $aggs);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
//$result = orderMultiDimensionalArray($result, 'datetime');
|
|
|
|
|
html_debug_print($aggs);
|
|
|
|
|
foreach ($aggs as $agg) {
|
|
|
|
|
$command = 'nfdump -q -R /home/vanessa/netflow/netflow/ -t 2011/11/29.14:53:17-2011/12/30.20:53:17 -N "src ip '.$agg.'"';
|
|
|
|
|
$result = exec_command_prueba($timestamp_short, $end, $command, $show,$filt,$aggregate, $max_val, $order);
|
|
|
|
|
}
|
|
|
|
|
*/
|
2011-12-21 14:09:26 +01:00
|
|
|
} else {
|
|
|
|
|
$result = exec_command($timestamp_short, $end, $command, $show);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$total = 0;
|
|
|
|
|
$count = 0;
|
|
|
|
|
|
2012-01-05 13:08:15 +01:00
|
|
|
if(!empty($result)){
|
|
|
|
|
$previous_data = 0;
|
|
|
|
|
foreach($result as $data){
|
|
|
|
|
$dates = $data['date'];
|
|
|
|
|
$times = $data['time'];
|
|
|
|
|
$total += $data['data'];
|
|
|
|
|
$count++;
|
|
|
|
|
}
|
2011-12-21 14:09:26 +01:00
|
|
|
$values[$j]['date'] = $dates;
|
|
|
|
|
$values[$j]['time'] = $times;
|
|
|
|
|
|
|
|
|
|
if ($count > 0) {
|
|
|
|
|
$values[$j]['data'] = $total / $count;
|
2012-01-05 13:08:15 +01:00
|
|
|
$previous_data = $values[$j]['data'];
|
2011-12-21 14:09:26 +01:00
|
|
|
} else {
|
2012-01-05 13:08:15 +01:00
|
|
|
$values[$j]['data'] = $previous_data;
|
2011-12-21 14:09:26 +01:00
|
|
|
}
|
|
|
|
|
$j++;
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-01-05 13:08:15 +01:00
|
|
|
|
2011-12-21 14:09:26 +01:00
|
|
|
if($aggregate!='none'){
|
|
|
|
|
switch ($element){
|
|
|
|
|
case '0':
|
2011-12-21 16:28:01 +01:00
|
|
|
echo grafico_netflow_aggregate_area($result, $interval, 880, 540, '', '','','',$date);
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
case '1':
|
2012-01-05 13:08:15 +01:00
|
|
|
//echo grafico_netflow_aggregate_pie($result);
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
case '2':
|
2012-01-05 13:08:15 +01:00
|
|
|
//echo netflow_show_table_values($result, $date_limit, $date_time, $show);
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
case '3':
|
2012-01-05 13:08:15 +01:00
|
|
|
//echo netflow_show_total_period($result, $date_limit, $date_time, $show);
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}else{
|
|
|
|
|
switch ($element){
|
|
|
|
|
case '0':
|
2011-12-21 16:28:01 +01:00
|
|
|
echo grafico_netflow_total_area($values, $interval, 660, 320, '', '','','',$date);
|
2011-12-21 14:09:26 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$x++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
?>
|
|
|
|
|
|
|
|
|
|
|
