From 3b09ed0c7c1e5dfd442bd3b844726aab11480139 Mon Sep 17 00:00:00 2001 From: Ramon Novoa Date: Wed, 11 Jan 2012 16:34:53 +0000 Subject: [PATCH] 2012-01-11 Ramon Novoa * include/functions_graph.php, include/functions_netflow.php, operation/netflow/nf_view.php: Fixed netflow stacked charts. Moved code from nf_view to functions in functions_netflow. Several other fixes. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@5349 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 8 + pandora_console/include/functions_graph.php | 193 +++---- pandora_console/include/functions_netflow.php | 476 ++++++++++++++---- pandora_console/operation/netflow/nf_view.php | 385 +++----------- 4 files changed, 525 insertions(+), 537 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index 3ab7428818..b6911f2e73 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,11 @@ +2012-01-11 Ramon Novoa + + * include/functions_graph.php, + include/functions_netflow.php, + operation/netflow/nf_view.php: Fixed netflow stacked charts. Moved + code from nf_view to functions in functions_netflow. Several other + fixes. + 2012-01-11 Sancho Lerena * images/status_sets/color_text/*.png: Updated icons missing diff --git a/pandora_console/include/functions_graph.php b/pandora_console/include/functions_graph.php index 70a3e15198..e4f522b213 100755 --- a/pandora_console/include/functions_graph.php +++ b/pandora_console/include/functions_graph.php @@ -1936,121 +1936,62 @@ function grafico_modulo_boolean ($agent_module_id, $period, $show_events, * Print an area graph with netflow aggregated */ -function grafico_netflow_aggregate_area ($data, $period,$width, $height , $title, $unit_name, $avg_only = 0, $pure=0,$date = 0, $only_image = false, $homeurl = '') { +function graph_netflow_aggregate_area ($data, $period, $width, $height, $title, $unit_name, $avg_only = 0, $pure=0, $date = 0, $only_image = false, $homeurl = '') { global $config; global $graphic_type; -echo"

Gráfica de área

"; + + echo"

Gráfica de área

"; include_flash_chart_script($homeurl); - // Set variables - if ($date == 0) $date = get_system_time(); - $datelimit = $date - $period; - $resolution = $config['graph_res'] * 50; //Number of points of the graph - $interval = (int) ($period / $resolution); - - ///////////////////////////////////////////////////////////////// - // Set the title and time format - if ($period <= 3600) { - $time_format = 'G:i:s'; - } - elseif ($period <= 86400) { - $time_format = 'G:i:s'; - } - elseif ($period <= 604800) { - $time_format = 'M d H:i:s'; - } - elseif ($period <= 2419200) { - $time_format = 'M d H\h'; - } - else { - $time_format = 'M d H\h'; - } - $timestamp_short = date($time_format, $date); - ///////////////////////////////////////////////////////////////// - - -///////////////COMBINED - $aggs = array(); - $ag =''; - // Calculate data for each agg - $j = 0; - for ($i = 0; $i < $resolution; $i++) { - $count = 0; - $timestamp = $datelimit + ($interval * $i); - $timestamp_short = date($time_format, $timestamp); - $long_index[$timestamp_short] = date( - html_entity_decode($config['date_format'], ENT_QUOTES, "UTF-8"), $timestamp); - - - if (isset ($data[$i])){ - $aggs[$data[$i]['agg']] = $data[$i]['agg']; - } - // Read data that falls in the current interval - while(isset ($data[$j])) { - $ag = $data[$j]['agg']; - - $date = $data[$j]['date']; - $time = $data[$j]['time']; - - $datetime = strtotime ($date." ".$time); - - if ($datetime >= $timestamp && $datetime <= ($timestamp + $interval)){ - if(!isset($chart[$timestamp_short][$ag])) { - $chart[$timestamp_short][$ag] = $data[$j]['data']; - $count++; - } else { - $chart[$timestamp_short][$ag] += $data[$j]['data']; - $count++; - } - } else { - break; - } - - $j++; - } - - // Average - if ($count > 0) { - if (isset($chart[$timestamp_short][$ag])){ - $chart[$timestamp_short][$ag] = $chart[$timestamp_short][$ag]/$count; - } - } else { - $chart[$timestamp_short][$ag] = 0; - } + if (empty ($data)) { + echo fs_error_image (); + return; } - -/* -while (isset ($data[$j])){ - $aggs[$data[$j]['agg']] = $data[$j]['agg']; - $date = $data[$j]['date']; - $time = $data[$j]['time']; - $ag = $data[$j]['agg']; - $datetime = strtotime ($date." ".$time); - $timestamp_short = date($time_format, $datetime); - $chart[$timestamp_short][$ag] = $data[$j]['data']; - $j++; + if ($period <= 21600) { + $chart_time_format = 'H:i:s'; + } + elseif ($period < 86400) { + $chart_time_format = 'H:i'; + } + elseif ($period < 1296000) { + $chart_time_format = 'M d H:i'; + } + elseif ($period < 2592000) { + $chart_time_format = 'M d H\h'; + } + else { + $chart_time_format = 'M d H\h'; + } + + // Calculate source indexes + $i = 0; + foreach ($data['sources'] as $source => $value) { + $source_indexes[$source] = $i; + $sources[$i] = $source; + $i++; } - -*/ - - foreach($chart as $key => $value) { - foreach($aggs as $agg) { - if(!isset($chart[$key][$agg])) { - $chart[$key][$agg] = 0; - } + + // Add sources to chart + $chart = array (); + foreach ($data['data'] as $timestamp => $data) { + $chart_date = date ($chart_time_format, $timestamp); + $chart[$chart_date] = array (); + foreach ($source_indexes as $source => $index) { + $chart[$chart_date][$index] = 0; + } + foreach ($data as $source => $value) { + $chart[$chart_date][$source_indexes[$source]] = $value; } } - $color = array(); - $flash_chart = $config['flash_charts']; if ($only_image) { $flash_chart = false; } - - return area_graph($flash_chart, $chart, $width, $height, $color, $aggs, - $long_index, "images/image_problem.opaque.png", "", "", $homeurl, + + return stacked_area_graph($flash_chart, $chart, $width, $height, null, $sources, + null, "images/image_problem.opaque.png", "", "", $config['homedir'] . "/images/logo_vertical_water.png", $config['fontpath'], $config['font_size'], ""); } @@ -2060,34 +2001,47 @@ while (isset ($data[$j])){ /** * Print an area graph with netflow total */ -function grafico_netflow_total_area ($data, $period,$width, $height , $title, $unit_name, $avg_only = 0, $pure=0,$date = 0, $only_image = false, $homeurl = '') { +function graph_netflow_total_area ($data, $period, $width, $height, $title, $unit_name, $avg_only = 0, $pure=0, $date = 0, $only_image = false, $homeurl = '') { global $config; global $graphic_type; echo"

Gráfica de área

"; include_flash_chart_script($homeurl); - // Set variables - if ($date == 0) $date = get_system_time(); - $datelimit = $date - $period; - $resolution = $config['graph_res'] * 50; //Number of points of the graph - $interval = (int) ($period / $resolution); + if (empty ($data)) { + echo fs_error_image (); + return; + } - $aggs = array(); - // Calculate data for each agg - $j = 0; - $chart = array(); - $long_index = array(); + if ($period <= 21600) { + $chart_time_format = 'H:i:s'; + } + elseif ($period < 86400) { + $chart_time_format = 'H:i'; + } + elseif ($period < 1296000) { + $chart_time_format = 'M d H:i'; + } + elseif ($period < 2592000) { + $chart_time_format = 'M d H\h'; + } + else { + $chart_time_format = 'M d H\h'; + } + // Populate chart + $chart = array (); + foreach ($data as $timestamp => $value) { + $chart[date ($chart_time_format, $timestamp)] = $value; + } + $flash_chart = $config['flash_charts']; if ($only_image) { $flash_chart = false; } - $leyend = array(); - $color = array(); - return area_graph($flash_chart, $data, $width, $height, $color, $leyend, - $long_index, "images/image_problem.opaque.png", "", "", $homeurl, + return area_graph($flash_chart, $chart, $width, $height, array (), array (), + array (), "images/image_problem.opaque.png", "", "", $homeurl, $config['homedir'] . "/images/logo_vertical_water.png", $config['fontpath'], $config['font_size'], ""); } @@ -2095,12 +2049,17 @@ function grafico_netflow_total_area ($data, $period,$width, $height , $title, $u /** * Print a pie graph with netflow aggregated */ -function grafico_netflow_aggregate_pie ($data) { +function graph_netflow_aggregate_pie ($data) { global $config; global $graphic_type; echo"

Gráfica totalizada

"; + if (empty ($data)) { + echo fs_error_image (); + return; + } + $i = 0; $values = array(); $agg = ''; diff --git a/pandora_console/include/functions_netflow.php b/pandora_console/include/functions_netflow.php index acac3c873d..2265fab934 100644 --- a/pandora_console/include/functions_netflow.php +++ b/pandora_console/include/functions_netflow.php @@ -14,6 +14,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. +// Date format for nfdump +$nfdump_date_format = 'Y/m/d.H:i:s'; /** * Selects all netflow filters (array (id_name => id_name)) or filters filtered @@ -64,33 +66,6 @@ function netflow_get_reports ($filter = false) { return $return; } - -/** - * Selects all netflow filters (array (id_sg => id_sg)) or filters filtered - * - * @param mixed Array with filter conditions to retrieve filters or false. - * - * @return array List of all filters - */ -/* -function netflow_get_filters_id ($filter = false) { - if ($filter === false) { - $filters = db_get_all_rows_in_table ("tnetflow_filter", "id_sg"); - } - else { - $filters = db_get_all_rows_filter ("tnetflow_filter", $filter); - } - $return = array (); - if ($filters === false) { - return $return; - } - foreach ($filters as $filter) { - $return[$filter["id_sg"]] = $filter["id_sg"]; - } - return $return; -} -*/ - /** * Get a filter. * @@ -110,49 +85,6 @@ function netflow_filter_get_filter ($id_sg, $filter = false, $fields = false) { return db_get_row_filter ('tnetflow_filter', $filter, $fields); } -/** - * Selects all netflow filters (array (id_name => id_name)) or filters filtered - * - * @param mixed Array with filter conditions to retrieve filters or false. - * - * @return array List of all filters - */ -function netflow_get_options ($filter = false) { - if ($filter === false) { - $filters = db_get_all_rows_in_table ("tnetflow_options", "id_name"); - } - else { - $filters = db_get_all_rows_filter ("tnetflow_options", $filter); - } - $return = array (); - if ($filters === false) { - return $return; - } - foreach ($filters as $filter) { - $return[$filter["id_name"]] = $filter["id_name"]; - } - return $return; -} - -/** - * Get options. - * - * @param int filter id to be fetched. - * @param array Extra filter. - * @param array Fields to be fetched. - * - * @return array A netflow filter matching id and filter. - */ -function netflow_options_get_options ($id_option, $filter = false, $fields = false) { - if (empty ($id_option)) - return false; - if (! is_array ($filter)) - $filter = array (); - $filter['id_option'] = (int) $id_option; - - return db_get_row_filter ('tnetflow_options', $filter, $fields); -} - /** * Get options. * @@ -182,37 +114,41 @@ function netflow_reports_get_content ($id_rc, $filter = false, $fields = false){ return db_get_row_filter ('tnetflow_report_content', $filter, $fields); } -//sort array multidimensional - -function orderMultiDimensionalArray ($toOrderArray, $field, $inverse = false) { - $position = array(); - $newRow = array(); - foreach ($toOrderArray as $key => $row) { - $position[$key] = $row[$field]; - $newRow[$key] = $row; - } - if ($inverse) { - arsort($position); - } - else { - asort($position); - } - $returnArray = array(); - foreach ($position as $key => $pos) { - $returnArray[] = $newRow[$key]; - } - return $returnArray; +/** + * Compare two flows according to the 'data' column. + * + * @param array a First flow. + * @param array b Second flow. + * + * @return Result of the comparison. + */ +function compare_flows ($a, $b) { + return $a['data']>$b['data']; } -function netflow_show_total_period($data, $date_limit, $date_time, $show){ +/** + * Sort netflow data according to the 'data' column. + * + * @param array netflow_data Netflow data array. + * + */ +function sort_netflow_data ($netflow_data) { + usort($netflow_data, "compare_flows"); +} + +function netflow_show_total_period($data, $start_date, $end_date, $show){ + global $nfdump_date_format; + + $start_date = date ($nfdump_date_format, $start_date); + $end_date = date ($nfdump_date_format, $end_date); $values = array(); $table->width = '50%'; $table->class = 'databox'; $table->data = array(); - $title = "Desde $date_limit hasta $date_time"; + $title = "Desde $start_date hasta $end_date"; $j = 0; $x = 1; - + echo"

Suma por periodo ($show)

"; $table->data[0][0] = ''.__('Rango').''; $table->data[0][1] = ''.$title.''; @@ -234,7 +170,22 @@ function netflow_show_total_period($data, $date_limit, $date_time, $show){ html_print_table($table); } -function netflow_show_table_values($data, $date_limit, $date_time, $show){ +/** + * Show a table with netflow statistics. + * + * @param array data Statistic data. + * @param string start_date Start date. + * @param string end_date End date. + * @param string unit Unit to display. + * + * @return The statistics table. + */ +function netflow_stat_table ($data, $start_date, $end_date, $unit){ + global $nfdump_date_format; + + $start_date = date ($nfdump_date_format, $start_date); + $end_date = date ($nfdump_date_format, $end_date); + $values = array(); $table->width = '50%'; $table->class = 'databox'; @@ -244,7 +195,7 @@ function netflow_show_table_values($data, $date_limit, $date_time, $show){ $x = 1; $y = 1; - echo"

Tabla de valores ($show)

"; + echo"

Tabla de valores ($unit)

"; $table->data[0][0] = ''.__('Rango').''; $coordx = array(); @@ -301,7 +252,340 @@ function netflow_show_table_values($data, $date_limit, $date_time, $show){ ksort($table->data[$x]); } -html_print_table($table); + html_print_table($table); +} + +/** + * Returns 1 if the given address is a network address. + * + * @param string address Host or network address. + * + * @return 1 if the address is a network address, 0 otherwise. + * + */ +function netflow_is_net ($address) { + if (strpos ($address, '/') !== FALSE) { + return 1; + } + + return 0; +} + +/** + * Returns netflow data for the given period in an array. + * + * @param string start_date Period start date. + * @param string end_date Period end date. + * @param string command Command used to retrieve netflow data. + * @param string aggregate Aggregate field. + * @param int max Maximum number of aggregates. + * @param string unit Unit to show. + * + * @return An array with netflow stats. + * + */ +function netflow_get_data ($start_date, $end_date, $command, $aggregate, $max, $unit){ + global $nfdump_date_format; + global $config; + + // If there is aggregation calculate the top n + $sources = array (); + if ($aggregate != 'none') { + $agg_command = $command . " -s $aggregate -n $max -t ".date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date); + exec($agg_command, $string); + foreach($string as $line){ + if ($line=='') { + continue; + } + $line = preg_replace('/\(\s*\S+\)/','',$line); + $line = preg_replace('/\s+/',' ',$line); + $val = explode(' ',$line); + $sources[$val[4]] = 1; + } + } + + // Execute nfdump and save its output in a temporary file + $command .= ' -t '.date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date); + $temp_file = $config["attachment_store"] . "/netflow_" . rand (0, getrandmax()) . ".data"; + exec("$command > $temp_file"); + + // Open the temporary file + $fh = fopen ($temp_file, "r"); + if ($fh === FALSE) { + return; + } + + // Calculate the number of intervals + $num_intervals = $config['graph_res'] * 50; + $period = $end_date - $start_date; + $interval_length = (int) ($period / $num_intervals); + + // Parse flow data + $read_flag = 1; + $values = array (); + $flow = array (); + for ($i = 0; $i < $num_intervals; $i++) { + $timestamp = $start_date + ($interval_length * $i); + + if ($aggregate != 'none') { + $interval_total = array (); + $interval_count = array (); + } else { + $interval_total = 0; + $interval_count = 0; + } + + do { + if ($read_flag == 1) { + $read_flag = 0; + $line = fgets($fh, 4096); + if ($line === false) { + $read_flag = 1; + break; + } + + $line = preg_replace('/\s+/',' ',$line); + $val = explode(' ',$line); + if (! isset ($val[6])) { + $read_flag = 1; + break; + } + + $flow['date'] = $val[0]; + $flow['time'] = $val[1]; + + switch ($aggregate){ + case "proto": + $flow['agg'] = $val[3]; + break; + case "srcip": + $val2 = explode(':', $val[4]); + $flow['agg'] = $val2[0]; + break; + case "srcport": + $val2 = explode(':', $val[4]); + $flow['agg'] = $val2[1]; + break; + case "dstip": + $val2 = explode(':', $val[6]); + $flow['agg'] = $val2[0]; + break; + case "dstport": + $val2 = explode(':', $val[6]); + $flow['agg'] = $val2[1]; + break; + } + + switch ($unit) { + case "packets": + $flow['data'] = $val[7]; + break; + case "bytes": + $flow['data'] = $val[8]; + break; + case "flows": + $flow['data'] = $val[9]; + break; + } + $flow['timestamp'] = strtotime ($flow['date'] . " " . $flow['time']); + } + if ($flow['timestamp'] >= $timestamp && $flow['timestamp'] <= $timestamp + $interval_length) { + $read_flag = 1; + if ($aggregate != 'none') { + if (isset ($sources[$flow['agg']])) { + if (! isset ($interval_total[$flow['agg']])) { + $interval_total[$flow['agg']] = 0; + $interval_count[$flow['agg']] = 0; + } + $interval_total[$flow['agg']] += $flow['data']; + $interval_count[$flow['agg']] += 1; + } + } else { + $interval_total += $flow['data']; + $interval_count += 1; + } + } + } while ($read_flag == 1); + + if ($aggregate != 'none') { + foreach ($interval_total as $agg => $val) { + if ($interval_count[$agg] != 0) { + $values['data'][$timestamp][$agg] = (int) ($interval_total[$agg] / $interval_count[$agg]); + $values['sources'][$agg] = 1; + } + } + } else { + if ($interval_count == 0) { + $values[$timestamp]['data'] = 0; + } else { + $values[$timestamp]['data'] = (int) ($interval_total / $interval_count); + } + } + } + + fclose ($fh); + unlink ($temp_file); + + return $values; +} + +/** + * Returns netflow stats for the given period in an array. + * + * @param string start_date Period start date. + * @param string end_date Period end date. + * @param string command Command used to retrieve netflow data. + * @param string aggregate Aggregate field. + * @param int max Maximum number of aggregates. + * @param string unit Unit to show. + * + * @return An array with netflow stats. + */ +function netflow_get_stats ($start_date, $end_date, $command, $aggregate, $max, $unit){ + global $nfdump_date_format; + + $command .= ' -s ' . $aggregate . ' -n ' . $max . ' -t '.date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date); + exec($command, $string); + + if(! is_array($string)){ + return array (); + } + + $i = 0; + $values = array(); + foreach($string as $line){ + if ($line == '') { + break; + } + $line = preg_replace('/\(\s*\S+\)/','',$line); + $line = preg_replace('/\s+/',' ',$line); + $val = explode(' ',$line); + + $values[$i]['date'] = $val[0]; + $values[$i]['time'] = $val[1]; + + //create field to sort array + $date = $val[0]; + $time = $val[1]; + $end_date = strtotime ($date." ".$time); + $values[$i]['datetime'] = $end_date; + $values[$i]['agg'] = $val[4]; + + switch ($unit){ + case "packets": + $values[$i]['data'] = $val[6]; + break; + case "bps": + $values[$i]['data'] = $val[9]; + break; + case "bpp": + $values[$i]['data'] = $val[10]; + break; + case "bytes": + default: + $values[$i]['data'] = $val[7]; + break; + } + $i++; + } + + sort_netflow_data ($values); + return $values; +} + +/** + * Returns the command needed to run nfdump for the given filter. + * + * @param array filter Netflow filter. + * + * @return Command to run. + * + */ +function netflow_get_command ($filter) { + global $config; + + // Build command + $command = 'nfdump -q -N -m'; + + // Netflow data path + if (isset($config['netflow_path']) && $config['netflow_path'] != '') { + $command .= ' -R '.$config['netflow_path']; + } + + // Filter options + $filter_args = ''; + if ($filter['ip_dst'] != ''){ + $filter_args .= ' "('; + $val_ipdst = explode(',', $filter['ip_dst']); + for($i = 0; $i < count ($val_ipdst); $i++){ + if ($i > 0) { + $filter_args .= ' or '; + } + + if (netflow_is_net ($val_ipdst[$i]) == 0) { + $filter_args .= 'dst ip '.$val_ipdst[$i]; + } else { + $filter_args .= 'dst net '.$val_ipdst[$i]; + } + } + $filter_args .= ')'; + } + if ($filter['ip_src'] != ''){ + if ($filter_args == '') { + $filter_args .= ' "('; + } else { + $filter_args .= ' and ('; + } + $val_ipsrc = explode(',', $filter['ip_src']); + for($i = 0; $i < count ($val_ipsrc); $i++){ + if ($i > 0) { + $filter_args .= ' or '; + } + + if (netflow_is_net ($val_ipsrc[$i]) == 0) { + $filter_args .= 'src ip '.$val_ipsrc[$i]; + } else { + $filter_args .= 'src net '.$val_ipsrc[$i]; + } + } + $filter_args .= ')'; + } + if ($filter['dst_port'] != 0) { + if ($filter_args == '') { + $filter_args .= ' "('; + } else { + $filter_args .= ' and ('; + } + $val_dstport = explode(',', $filter['dst_port']); + for($i = 0; $i < count ($val_dstport); $i++){ + if ($i > 0) { + $filter_args .= ' or '; + } + $filter_args .= 'dst port '.$val_dstport[$i]; + } + $filter_args .= ')'; + } + if ($filter['src_port'] != 0) { + if ($filter_args == '') { + $filter_args .= ' "('; + } else { + $filter_args .= ' and ('; + } + $val_srcport = explode(',', $filter['src_port']); + for($i = 0; $i < count ($val_srcport); $i++){ + if ($i > 0) { + $filter_args .= ' or '; + } + $filter_args .= 'src port '.$val_srcport[$i]; + } + $filter_args .= ')'; + } + if ($filter_args != '') { + $filter_args .= '"'; + $command .= $filter_args; + } + + return $command; } ?> diff --git a/pandora_console/operation/netflow/nf_view.php b/pandora_console/operation/netflow/nf_view.php index 1313f3bfe1..77c8b0451b 100644 --- a/pandora_console/operation/netflow/nf_view.php +++ b/pandora_console/operation/netflow/nf_view.php @@ -30,167 +30,20 @@ if (! check_acl ($config["id_user"], 0, "AR")) { return; } -// Returns 1 if the given address is a network address -function is_net ($address) { - if (strpos ($address, '/') !== FALSE) { - return 1; - } - - return 0; -} - -function exec_command ($start_date, $end_date, $command, $show){ - global $time_format; - global $config; - - // Execute nfdump and save its output in a temporary file - $command .= ' -t '.date($time_format, $start_date).'-'.date($time_format, $end_date); - $temp_file = $config["attachment_store"] . "/netflow_" . rand (0, getrandmax()) . ".data"; - exec("$command > $temp_file", $string); - - // Open the temporary file - $fh = fopen ($temp_file, "r"); - if ($fh === FALSE) { - return; - } - - // Calculate the number of intervals - $num_intervals = $config['graph_res'] * 50; - $period = $end_date - $start_date; - $interval_length = (int) ($period / $num_intervals); - - // Set the title and time format - if ($period <= 21600) { - $chart_time_format = 'H:i:s'; - } - elseif ($period < 86400) { - $chart_time_format = 'H:i'; - } - elseif ($period < 1296000) { - $chart_time_format = 'M d H:i'; - } - elseif ($period < 2592000) { - $chart_time_format = 'M d H\h'; - } - else { - $chart_time_format = 'M d H\h'; - } - - // Parse flow data - $read_flag = 1; - $values = array (); - $flow = array (); - for ($i = 0; $i < $num_intervals; $i++) { - $timestamp = $start_date + ($interval_length * $i); - - $interval_total = 0; - $interval_count = 0; - do { - if ($read_flag == 1) { - $read_flag = 0; - $line = fgets($fh, 4096); - if ($line === false) { - $read_flag = 1; - break; - } - - $line = preg_replace('/\s+/',' ',$line); - $val = explode(' ',$line); - - $flow['date'] = $val[0]; - $flow['time'] = $val[1]; - switch ($show) { - case "packets": - $flow['data'] = $val[7]; - break; - case "bytes": - $flow['data'] = $val[8]; - break; - case "flows": - $flow['data'] = $val[9]; - break; - } - $flow['timestamp'] = strtotime ($flow['date'] . " " . $flow['time']); - } - if ($flow['timestamp'] >= $timestamp && $flow['timestamp'] <= $timestamp + $interval_length) { - $read_flag = 1; - $interval_total += $flow['data']; - $interval_count += 1; - } - } while ($read_flag == 1); - - $interval_date = date ($chart_time_format, $timestamp); - if ($interval_count == 0) { - $values[$interval_date]['data'] = 0; - } else { - $values[$interval_date]['data'] = (int) ($interval_total / $interval_count); - } - } - - fclose ($fh); - unlink ($temp_file); - - return $values; -} - -function exec_command_aggregate ($start_date, $end_date, $command, $show){ - global $time_format; - - $command .= ' -t '.date($time_format, $start_date).'-'.date($time_format, $end_date); - $values = array(); - exec($command, $string); - - $i = 0; - if(isset($string) && is_array($string)&&($string!=null)){ - foreach($string as $line){ - if ($line=='') - break; - $line = preg_replace('/\(\s*\S+\)/','',$line); - $line = preg_replace('/\s+/',' ',$line); - $val = explode(' ',$line); - - $values[$i]['date'] = $val[0]; - $values[$i]['time'] = $val[1]; - - //create field to sort array - $date = $val[0]; - $time = $val[1]; - $date_time = strtotime ($date." ".$time); - $values[$i]['datetime'] = $date_time; - - //$values[$i]['duration'] = $val[2]; - //$values[$i]['proto'] = $val[3]; - $values[$i]['agg'] = $val[4]; - - switch ($show){ - case "packets": - $values[$i]['data'] = $val[6]; - break; - case "bytes": - $values[$i]['data'] = $val[7]; - break; - case "bps": - $values[$i]['data'] = $val[9]; - break; - case "bpp": - $values[$i]['data'] = $val[10]; - break; - } - $i++; - } - return $values; - } -} - -$id = get_parameter('id'); +$id = io_safe_input (get_parameter('id')); $period = get_parameter('period', '86400'); -$date_= get_parameter('date', date ("Y/m/d", get_system_time ())); -$time_= get_parameter('time', date ("H:i:s", get_system_time ())); -$report_name = db_get_value('id_name', 'tnetflow_report', 'id_report', $id); - -$time_format = 'Y/m/d.H:i:s'; - -$update_date = get_parameter('update_date',0); +$update_date = get_parameter('update_date', 0); +if($update_date){ + $date = get_parameter_post ('date'); + $time = get_parameter_post ('time'); + $interval = get_parameter('period','86400'); +} else { + $date = date ("Y/m/d", get_system_time ()); + $time = date ("H:i:s", get_system_time ()); + $interval ='86400'; +} +$end_date = strtotime ($date . " " . $time); +$start_date = $end_date - $interval; $buttons['report_list'] = '' . html_print_image ("images/edit.png", true, array ("title" => __('Report list'))) @@ -214,9 +67,9 @@ echo '
"calendar", "onclick" => "scwShow(scwID('text-date'),this);")); - $table->data[0][1] .= html_print_input_text ('time', $time_, false, 10, 5, true); + $table->data[0][1] .= html_print_input_text ('time', $time, false, 10, 5, true); $table->data[1][0] = ''.__('Interval').''; $values_period = array ('600' => __('10 mins'), @@ -247,175 +100,59 @@ echo '$report_name"; +$report_name = db_get_value('id_name', 'tnetflow_report', 'id_report', $id); +echo"

$report_name

"; - $sql1 = "select id_rc from tnetflow_report_content where id_report='".$id."'"; - $all_rcs = db_get_all_rows_sql($sql1); +$all_rcs = db_get_all_rows_sql("SELECT id_rc FROM tnetflow_report_content WHERE id_report='$id'"); +if (empty ($all_rcs)) { + echo fs_error_image(); + return; +} - $x = 0; - while(isset($all_rcs[$x]['id_rc'])) { - $rc = $all_rcs[$x]['id_rc']; - $sql = "SELECT * FROM tnetflow_report_content WHERE id_rc='".$rc."'"; +// Process report items +for ($x = 0; isset($all_rcs[$x]['id_rc']); $x++) { - $content_report = db_get_row_sql($sql); - $id_filter = $content_report['id_filter']; - $max_val= $content_report['max']; - $element = $content_report['show_graph']; - - if($update_date){ - $date = get_parameter_post ('date'); - $time = get_parameter_post ('time'); - $interval = get_parameter('period','86400'); - } else { - $date = date ("Y/m/d", get_system_time ()); - $time = date ("H:i:s", get_system_time ()); - $interval ='86400'; - } - $date = strtotime ($date." ".$time); - $limit = $date - $interval; - - $sql = "SELECT * FROM tnetflow_filter WHERE id_sg = '".$id_filter."'"; - $result = db_get_row_sql($sql,false,true); - - $assign_group = $result['id_group']; - $ip_dst = $result['ip_dst']; - $ip_src = $result['ip_src']; - $dst_port = $result['dst_port']; - $src_port = $result['src_port']; - $aggregate = $result['aggregate']; - $show = $result['output']; + // Get report item + $content_report = db_get_row_sql("SELECT * FROM tnetflow_report_content WHERE id_rc='" . $all_rcs[$x]['id_rc'] . "'"); + $max_aggregates= $content_report['max']; + $type = $content_report['show_graph']; - if(isset($ip_dst)){ - $val_ipdst = explode(',',$ip_dst); - $count_ipdst = count($val_ipdst); - } - if(isset($ip_src)){ - $val_ipsrc = explode(',',$ip_src); - $count_ipsrc = count($val_ipsrc); - } - if(isset($dst_port)&&($dst_port!='0')){ - $val_dstport = explode(',',$dst_port); - $count_dstport = count($val_dstport); - } - if(isset($src_port)&&($src_port!='0')){ - $val_srcport = explode(',',$src_port); - $count_srcport = count($val_srcport); - } - - // Build command line - $command = 'nfdump -q -N -m'; - - if (isset($config['netflow_path'])) - $command .= ' -R '.$config['netflow_path']; - - if (isset($aggregate)&&($aggregate!='none')){ - $command .= ' -s '.$aggregate; - if (isset($max_val)) { - $command .= ' -n '.$max_val; - } - } - - // Filter options - $filter = ''; - if (isset($ip_dst)&&($ip_dst!='')){ - $filter .= ' "('; - for($i=0;$i<$count_ipdst;$i++){ - if ($i > 0) { - $filter .= ' or '; - } - - if (is_net ($val_ipdst[$i]) == 0) { - $filter .= 'dst ip '.$val_ipdst[$i]; - } else { - $filter .= 'dst net '.$val_ipdst[$i]; - } - } - $filter .= ')'; - } - if (isset($ip_src)&&($ip_src!='')){ - if ($filter == '') { - $filter .= ' "('; + // Get item filters + $filter = db_get_row_sql("SELECT * FROM tnetflow_filter WHERE id_sg = '" . io_safe_input ($content_report['id_filter']) . "'", false, true); + $command = netflow_get_command ($filter); + $aggregate = $filter['aggregate']; + $unit = $filter['output']; + + // Process item + switch ($type){ + case '0': + $data = netflow_get_data ($start_date, $end_date, $command, $aggregate, $max_aggregates, $unit); + if ($aggregate != 'none') { + echo graph_netflow_aggregate_area($data, $interval, 660, 320, '', '', '', '', $end_date, $unit); } else { - $filter .= ' and ('; + echo graph_netflow_total_area($data, $interval, 660, 320, '', '','','',$date); } - for($i=0;$i<$count_ipsrc;$i++){ - if ($i > 0) { - $filter .= ' or '; - } - - if (is_net ($val_ipsrc[$i]) == 0) { - $filter .= 'src ip '.$val_ipsrc[$i]; - } else { - $filter .= 'src net '.$val_ipsrc[$i]; - } - } - $filter .= ')'; - } - if (isset($dst_port)&&($dst_port!='')&&($dst_port!='0')){ - if ($filter == '') { - $filter .= ' "('; - } else { - $filter .= ' and ('; - } - for($i=0;$i<$count_dstport;$i++){ - if ($i > 0) { - $filter .= ' or '; - } - $filter .= 'dst port '.$val_dstport[$i]; - } - $filter .= ')'; - } - if (isset($src_port)&&($src_port!='')&&($src_port!='0')){ - if ($filter == '') { - $filter .= ' "('; - } else { - $filter .= ' and ('; - } - for($i=0;$i<$count_ipdst;$i++){ - if ($i > 0) { - $filter .= ' or '; - } - $filter .= 'dst ip '.$val_ipdst[$i]; - } - $filter .= ')'; - } - if ($filter != '') { - $filter .= '"'; - $command .= $filter; - } - - // Data iterator - $j = 0; - $values = array(); - - if($aggregate!='none'){ - $result = exec_command_aggregate($limit, $date, $command, $show); - $result = orderMultiDimensionalArray($result, 'data', true); - switch ($element){ - case '0': - echo grafico_netflow_aggregate_area($result, $interval, 880, 540, '', '','','',$date); - break; - case '1': - echo grafico_netflow_aggregate_pie($result); - break; - case '2': - echo netflow_show_table_values($result, date ($time_format, $limit), date ($time_format, $date), $show); - break; - case '3': - echo netflow_show_total_period($result, date ($time_format, $limit), date ($time_format, $date), $show); - break; - } - }else{ - $result = exec_command($limit, $date, $command, $show); - switch ($element){ - case '0': - echo grafico_netflow_total_area($result, ($date - $limit), 660, 320, '', '','','',$date); - break; - } - } - $x++; + break; + case '1': + $result = netflow_get_stats ($start_date, $end_date, $command, $aggregate, $max_aggregates, $unit); + echo graph_netflow_aggregate_pie($result); + break; + case '2': + $data = netflow_get_stats ($start_date, $end_date, $command, $aggregate, $max_aggregates, $unit); + echo netflow_stat_table ($data, $start_date, $end_date, $unit); + break; + case '3': + $data = netflow_get_stats ($start_date, $end_date, $command, $aggregate, $max_aggregates, $unit); + echo netflow_show_total_period($data, $start_date, $end_date, $unit); + break; + default: + echo fs_error_image(); + break; } }