From be799a70b8fc1528f907ba7689bd65ac7177e97b Mon Sep 17 00:00:00 2001 From: vgilc Date: Thu, 5 Jan 2012 12:08:15 +0000 Subject: [PATCH] 2012-01-05 Vanessa Gil * include/functions_graph.php include/functions_netflow.php operation/netflow/nf_view.php godmode/netflow/nf_item_list: Graph changes. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@5324 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 6 + .../godmode/netflow/nf_item_list.php | 37 ++- pandora_console/include/functions_graph.php | 19 +- pandora_console/include/functions_netflow.php | 12 +- pandora_console/operation/netflow/nf_view.php | 215 ++++++++++++++---- 5 files changed, 229 insertions(+), 60 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index bf341983d3..8968d9bfbe 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,9 @@ +2012-01-05 Vanessa Gil + * include/functions_graph.php + include/functions_netflow.php + operation/netflow/nf_view.php + godmode/netflow/nf_item_list: Graph changes. + 2012-01-03 Juan Manuel Ramon * include/functions_graph.php diff --git a/pandora_console/godmode/netflow/nf_item_list.php b/pandora_console/godmode/netflow/nf_item_list.php index 2b96693661..616bcf124a 100644 --- a/pandora_console/godmode/netflow/nf_item_list.php +++ b/pandora_console/godmode/netflow/nf_item_list.php @@ -104,25 +104,24 @@ $table->width = '90%'; $table->head = array (); $table->head[0] = __('Id item'); $table->head[1] = __('Filter'); -$table->head[2] = __('Period'); -$table->head[3] = __('Max values'); -$table->head[4] = __('Graph'); -$table->head[5] = __('Action') . +$table->head[2] = __('Max values'); +$table->head[3] = __('Graph'); +$table->head[4] = __('Action') . html_print_checkbox('all_delete', 0, false, true, false, 'check_all_checkboxes();'); $table->style = array (); $table->style[0] = 'font-weight: bold'; $table->align = array (); +$table->align[0] = 'center'; $table->align[2] = 'center'; -$table->align[3] = 'center'; -$table->align[5] = 'right'; +$table->align[4] = 'right'; $table->size = array (); $table->size[0] = '10%'; -$table->size[1] = '30%'; -$table->size[2] = '20%'; -$table->size[3] = '10%'; -$table->size[4] = '20%'; -$table->size[5] = '20px'; +$table->size[1] = '50%'; +$table->size[2] = '10%'; +$table->size[3] = '30%'; +$table->size[4] = '20px'; + $table->data = array (); $total_reports_item = db_get_all_rows_filter ('tnetflow_report_content', false, 'COUNT(*) AS total'); @@ -140,7 +139,21 @@ $total_reports_item = $total_reports_item[0]['total']; $data[2] = $item['max']; - $data[3] = $item['show_graph']; + switch ($item['show_graph']) { + case 0: + $data[3] = 'Area graph'; + break; + case 1: + $data[3] = 'Pie graph'; + break; + case 2: + $data[3] = 'Table values'; + break; + case 3: + $data[3] = 'Table total period'; + break; + } + //$data[3] = $item['show_graph']; $data[4] = "" . diff --git a/pandora_console/include/functions_graph.php b/pandora_console/include/functions_graph.php index d1d08fb619..997a3dc4fc 100755 --- a/pandora_console/include/functions_graph.php +++ b/pandora_console/include/functions_graph.php @@ -2019,6 +2019,21 @@ echo"

Gráfica de área

"; } } +/* +while (isset ($data[$j])){ + + $aggs[$data[$j]['agg']] = $data[$j]['agg']; + $date = $data[$j]['date']; + $time = $data[$j]['time']; + $ag = $data[$j]['agg']; + $datetime = strtotime ($date." ".$time); + $timestamp_short = date($time_format, $datetime); + $chart[$timestamp_short][$ag] = $data[$j]['data']; + $j++; + } + +*/ + foreach($chart as $key => $value) { foreach($aggs as $agg) { if(!isset($chart[$key][$agg])) { @@ -2033,7 +2048,7 @@ echo"

Gráfica de área

"; if ($only_image) { $flash_chart = false; } - + return area_graph($flash_chart, $chart, $width, $height, $color, $aggs, $long_index, "images/image_problem.opaque.png", "", "", $homeurl, $config['homedir'] . "/images/logo_vertical_water.png", @@ -2084,7 +2099,7 @@ function grafico_netflow_total_area ($data, $period,$width, $height , $title, $u $j = 0; $chart = array(); $long_index = array(); - + while (isset ($data[$j])) { $date = $data[$j]['date']; $time = $data[$j]['time']; diff --git a/pandora_console/include/functions_netflow.php b/pandora_console/include/functions_netflow.php index 44b16c13e6..97a780daff 100644 --- a/pandora_console/include/functions_netflow.php +++ b/pandora_console/include/functions_netflow.php @@ -204,7 +204,7 @@ function orderMultiDimensionalArray ($toOrderArray, $field, $inverse = false) { return $returnArray; } -function netflow_show_total_period($data, $date_limit, $date_time){ +function netflow_show_total_period($data, $date_limit, $date_time, $show){ $values = array(); $table->width = '50%'; $table->class = 'databox'; @@ -213,7 +213,7 @@ function netflow_show_total_period($data, $date_limit, $date_time){ $j = 0; $x = 1; - echo"

Suma por periodo

"; + echo"

Suma por periodo ($show)

"; $table->data[0][0] = ''.__('Rango').''; $table->data[0][1] = ''.$title.''; @@ -222,11 +222,11 @@ function netflow_show_total_period($data, $date_limit, $date_time){ if (!isset($values[$agg])){ $values[$agg] = $data[$j]['data']; $table->data[$x][0] = $agg; - $table->data[$x][1] = $data[$j]['data']; + $table->data[$x][1] = $data[$j]['data'].' '.$show; } else { $values[$agg] += $data[$j]['data']; $table->data[$x][0] = $agg; - $table->data[$x][1] = $data[$j]['data']; + $table->data[$x][1] = $data[$j]['data'].' '.$show; } $j++; $x++; @@ -234,7 +234,7 @@ function netflow_show_total_period($data, $date_limit, $date_time){ html_print_table($table); } -function netflow_show_table_values($data, $date_limit, $date_time){ +function netflow_show_table_values($data, $date_limit, $date_time, $show){ $values = array(); $table->width = '50%'; $table->class = 'databox'; @@ -244,7 +244,7 @@ function netflow_show_table_values($data, $date_limit, $date_time){ $x = 1; $y = 1; - echo"

Tabla de valores

"; + echo"

Tabla de valores ($show)

"; $table->data[0][0] = ''.__('Rango').''; $coordx = array(); diff --git a/pandora_console/operation/netflow/nf_view.php b/pandora_console/operation/netflow/nf_view.php index 3ce9435628..8fc30ba941 100644 --- a/pandora_console/operation/netflow/nf_view.php +++ b/pandora_console/operation/netflow/nf_view.php @@ -77,7 +77,7 @@ function exec_command ($start_date, $end_date, $command, $show){ function exec_command_aggregate ($start_date, $end_date, $command, $show){ $command .= ' -t '.$start_date.'-'.$end_date.' -N'; - + $values = array(); exec($command, $string); @@ -86,7 +86,8 @@ function exec_command_aggregate ($start_date, $end_date, $command, $show){ foreach($string as $line){ if ($line=='') break; - $line = preg_replace('/\s+/',' ',$line); + $line = preg_replace ('/\(\s*\S+\)/', '', $line); + $line = preg_replace ('/\s+/', ' ', $line); $val = explode(' ',$line); $values[$i]['date'] = $val[0]; @@ -101,23 +102,19 @@ function exec_command_aggregate ($start_date, $end_date, $command, $show){ $values[$i]['duration'] = $val[2]; $values[$i]['proto'] = $val[3]; $values[$i]['agg'] = $val[4]; - + switch ($show){ case "packets": - $val[7]= str_replace('(','',$val[7]); - $val[7]= str_replace(')','',$val[7]); - $values[$i]['data'] = $val[7]; + $values[$i]['data'] = $val[6]; break; case "bytes": - $val[9]= str_replace('(','',$val[9]); - $val[9]= str_replace(')','',$val[9]); - $values[$i]['data'] = $val[9]; + $values[$i]['data'] = $val[7]; break; case "bps": - $values[$i]['data'] = $val[12]; + $values[$i]['data'] = $val[9]; break; case "bpp": - $values[$i]['data'] = $val[13]; + $values[$i]['data'] = $val[10]; break; } $i++; @@ -126,6 +123,107 @@ function exec_command_aggregate ($start_date, $end_date, $command, $show){ } } +function get_aggregate ($start_date, $end_date, $command, $show,$filt, $aggregate, $max, $order){ + //$command .= ' -t '.$start_date.'-'.$end_date.' -N'; + $command_1 = $command.' -n '.$max; + $command_1 .= $order; + +//html_debug_print($aggregate); + $values = array(); + exec($command_1, $string); + + $i = 0; + $aggs = array(); + $ag =''; + if(isset($string) && is_array($string)&&($string!=null)){ + foreach($string as $line) { + if ($line=='') + break; + + $line = preg_replace ('/\s+/', ' ', $line); + $val = explode(' ',$line); + switch ($aggregate){ + case "proto": + $aggs[$val[3]] = $val[3]; + break; + case "srcip": + $val2 = explode(':', $val[4]); + $aggs[$val2[0]] = $val2[0]; + break; + case "srcport": + $val2 = explode(':', $val[4]); + $aggs[$val2[1]] = $val2[1]; + break; + case "dstip": + $val2 = explode(':', $val[6]); + $aggs[$val2[0]] = $val2[0]; + break; + case "dstport": + $val2 = explode(':', $val[6]); + $aggs[$val2[1]] = $val2[1]; + break; + } + } + //html_debug_print($aggs); + return $aggs; + } + +} + +function exec_command_prueba ($start_date, $end_date, $command, $show, $aggs, $aggregate){ + //$command .= ' -t '.$start_date.'-'.$end_date.' -N'; + $values = array(); + $ag = 'src ip'; + + $count_agg = count($aggs); + $command .= ' "'; + $i = 0; + foreach($aggs as $agg){ + if ($i==0) + $command .= $ag.' '.$agg; + else + $command .= ' or '.$ag.' '.$agg; + $i++; + } + $command .= '"'; + exec($command, $result); + //html_debug_print($result); + + $i = 0; + if(isset($result) && is_array($result)&&($result!=null)){ + foreach($result as $line) { + if ($line=='') + break; + + $line = preg_replace ('/\s+/', ' ', $line); + $val = explode(' ',$line); + $values[$i]['date'] = $val[0]; + $values[$i]['time'] = $val[1]; + + //create field to sort array + $date = $val[0]; + $time = $val[1]; + $date_time = strtotime ($date." ".$time); + $values[$i]['datetime'] = $date_time; + /// + $values[$i]['duration'] = $val[2]; + $values[$i]['proto'] = $val[3]; + + switch ($show){ + case "packets": + $values[$i]['data'] = $val[7]; + break; + case "bytes": + $values[$i]['data'] = $val[8]; + break; + } + $i++; + } + } + + return $values; +} + $id = get_parameter('id'); $period = get_parameter('period', '86400'); $date_= get_parameter('date', date ("Y/m/d", get_system_time ())); @@ -236,14 +334,28 @@ if ($id!=''){ $show_bytes = $result['show_bytes']; $show_bps = $result['show_bps']; $show_bpp = $result['show_bpp']; + + $dst_net = false; + $src_net = false; if(isset($ip_dst)){ - $val_ipdst = explode(',',$ip_dst); - $count_ipdst = count($val_ipdst); + $net = preg_match('/\//',$ip_dst); + //html_debug_print(var_dump($net)); + if ($net != 0) { + $dst_net = true; + } else { + $val_ipdst = explode(',',$ip_dst); + $count_ipdst = count($val_ipdst); + } } if(isset($ip_src)){ - $val_ipsrc = explode(',',$ip_src); - $count_ipsrc = count($val_ipsrc); + $net = preg_match('/\//',$ip_src); + if ($net != 0) { + $src_net = true; + } else { + $val_ipsrc = explode(',',$ip_src); + $count_ipsrc = count($val_ipsrc); + } } if(isset($dst_port)&&($dst_port!='0')){ $val_dstport = explode(',',$dst_port); @@ -254,20 +366,22 @@ if ($id!=''){ $count_srcport = count($val_srcport); } -//// Build command line + //// Build command line $command = 'nfdump -q'; if (isset($config['netflow_path'])) $command .= ' -R '.$config['netflow_path']; +/* if (isset($aggregate)&&($aggregate!='none')){ $command .= ' -s '.$aggregate; if (isset($max_val)) $command .= ' -n '.$max_val; } +*/ - //filter options - if (isset($ip_dst)&&($ip_dst!='')){ + //filter options + if (isset($ip_dst)&&($ip_dst!='')&&($dst_net == false)){ $command .= ' "'; for($i=0;$i<$count_ipdst;$i++){ if ($i==0) @@ -275,7 +389,7 @@ if ($id!=''){ else $command .= ' or dst ip '.$val_ipdst[$i]; } - if (isset($ip_src)&&($ip_src!='')){ + if (isset($ip_src)&&($ip_src!='')&&($src_net == false)){ $command .= ' and ('; for($i=0;$i<$count_ipsrc;$i++){ @@ -308,7 +422,7 @@ if ($id!=''){ } $command .= '"'; - } else if (isset($ip_src)&&($ip_src!='')){ + } else if (isset($ip_src)&&($ip_src!='')&&($src_net == false)) { $command .= ' "'; for($i=0;$i<$count_ipsrc;$i++){ if ($i==0) @@ -361,13 +475,13 @@ if ($id!=''){ } } else { - if (isset($src_port)&&($src_port!='')&&($src_port!='0')){ + if (isset($src_port)&&($src_port!='')&&($src_port!='0')&&($src_net == false)&&($dst_net == false)){ $command .= ' "('; - for($i=0;$i<$count_ipdst;$i++){ + for($i=0;$i<$count_srcport;$i++){ if ($i==0) - $command .= 'dst ip '.$val_ipdst[$i]; + $command .= 'src port '.$val_srcport[$i]; else - $command .= ' or dst ip '.$val_ipdst[$i]; + $command .= ' or src port '.$val_srcport[$i]; } $command .= ' )"'; } @@ -383,16 +497,27 @@ if ($id!=''){ $show = 'bpp'; //create interval to divide command execution - $inter = $config['graph_res'] * 100; + $inter = $config['graph_res'] * 50; +/* if ($aggregate!='none') $inter = 1; +*/ $fecha_limite = date ($time_format, $limit); $res = $interval/$inter; - + + $aggs = array(); + if ($aggregate!='none'){ + $command = 'nfdump -q -R /home/vanessa/netflow/netflow/ -t 2011/11/29.14:53:17-2011/12/30.20:53:17 -N'; + $filt=''; + $order = ' -s record/'.$show; + $j = 0; + $aggs = get_aggregate($date_limit, $date_time, $command, $show,$filt,$aggregate, $max_val, $order); + } // Data iterator $j = 0; $values = array(); + // Calculate interval date for ($i = 0; $i < $inter; $i++) { @@ -403,8 +528,16 @@ if ($id!=''){ $end = date ($time_format, $end_date); if($aggregate!='none'){ - $result = exec_command_aggregate($timestamp_short, $end, $command, $show); - $result = orderMultiDimensionalArray($result, 'datetime'); + $result = exec_command_prueba($timestamp_short, $end, $command, $show, $aggs); + +/* + //$result = orderMultiDimensionalArray($result, 'datetime'); + html_debug_print($aggs); + foreach ($aggs as $agg) { + $command = 'nfdump -q -R /home/vanessa/netflow/netflow/ -t 2011/11/29.14:53:17-2011/12/30.20:53:17 -N "src ip '.$agg.'"'; + $result = exec_command_prueba($timestamp_short, $end, $command, $show,$filt,$aggregate, $max_val, $order); + } +*/ } else { $result = exec_command($timestamp_short, $end, $command, $show); } @@ -412,38 +545,40 @@ if ($id!=''){ $total = 0; $count = 0; - if(!empty($result)){ - foreach($result as $data){ - $dates = $data['date']; - $times = $data['time']; - $total += $data['data']; - $count++; - } + if(!empty($result)){ + $previous_data = 0; + foreach($result as $data){ + $dates = $data['date']; + $times = $data['time']; + $total += $data['data']; + $count++; + } $values[$j]['date'] = $dates; $values[$j]['time'] = $times; if ($count > 0) { $values[$j]['data'] = $total / $count; - $var = $values[$j]['data']; + $previous_data = $values[$j]['data']; } else { - $values[$j]['data'] = 0; + $values[$j]['data'] = $previous_data; } $j++; } } + if($aggregate!='none'){ switch ($element){ case '0': echo grafico_netflow_aggregate_area($result, $interval, 880, 540, '', '','','',$date); break; case '1': - echo grafico_netflow_aggregate_pie($result); + //echo grafico_netflow_aggregate_pie($result); break; case '2': - echo netflow_show_table_values($result, $date_limit, $date_time); + //echo netflow_show_table_values($result, $date_limit, $date_time, $show); break; case '3': - echo netflow_show_total_period($result, $date_limit, $date_time); + //echo netflow_show_total_period($result, $date_limit, $date_time, $show); break; } }else{