2012-01-05 Vanessa Gil <vanessa.gil@artica.es>

* include/functions_graph.php include/functions_netflow.php operation/netflow/nf_view.php godmode/netflow/nf_item_list: Graph changes. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@5324 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2012-01-05 12:08:15 +00:00 · 2012-01-05 12:08:15 +00:00 · ffbf220588
parent 5e34c7e51d
commit ffbf220588
5 changed files with 229 additions and 60 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,9 @@
+2012-01-05  Vanessa Gil  <vanessa.gil@artica.es>
+	* include/functions_graph.php
+          include/functions_netflow.php
+	  operation/netflow/nf_view.php
+	  godmode/netflow/nf_item_list: Graph changes.
+
 2012-01-03 Juan Manuel Ramon <juanmanuel.ramon@artica.es>

 	* include/functions_graph.php
--- a/pandora_console/godmode/netflow/nf_item_list.php
+++ b/pandora_console/godmode/netflow/nf_item_list.php
@ -104,25 +104,24 @@ $table->width = '90%';
 $table->head = array ();
 $table->head[0] = __('Id item');
 $table->head[1] = __('Filter');
-$table->head[2] = __('Period');
-$table->head[3] = __('Max values');
-$table->head[4] = __('Graph');
-$table->head[5] = __('Action') .
+$table->head[2] = __('Max values');
+$table->head[3] = __('Graph');
+$table->head[4] = __('Action') .
 	html_print_checkbox('all_delete', 0, false, true, false, 'check_all_checkboxes();');
 	
 $table->style = array ();
 $table->style[0] = 'font-weight: bold';
 $table->align = array ();
+$table->align[0] = 'center';
 $table->align[2] = 'center';
-$table->align[3] = 'center';
-$table->align[5] = 'right';
+$table->align[4] = 'right';
 $table->size = array ();
 $table->size[0] = '10%';
-$table->size[1] = '30%';
-$table->size[2] = '20%';
-$table->size[3] = '10%';
-$table->size[4] = '20%';
-$table->size[5] = '20px';
+$table->size[1] = '50%';
+$table->size[2] = '10%';
+$table->size[3] = '30%';
+$table->size[4] = '20px';
+
 $table->data = array ();

 $total_reports_item = db_get_all_rows_filter ('tnetflow_report_content', false, 'COUNT(*) AS total');
@ -140,7 +139,21 @@ $total_reports_item = $total_reports_item[0]['total'];
 	
 	$data[2] = $item['max'];
 	
-	$data[3] = $item['show_graph'];
+	switch ($item['show_graph']) {
+		case 0:
+			$data[3] = 'Area graph';
+			break;
+		case 1:
+			$data[3] = 'Pie graph';
+			break;
+		case 2:
+			$data[3] = 'Table values';
+			break;
+		case 3:
+			$data[3] = 'Table total period';
+			break;
+	}
+	//$data[3] = $item['show_graph'];
 	
 	$data[4] = "<a onclick='if(confirm(\"" . __('Are you sure?') . "\")) return true; else return false;' 
 		href='index.php?sec=netf&sec2=godmode/netflow/nf_item_list&delete=1&id_rc=".$item['id_rc']."&id=".$id."&offset=0'>" . 
--- a/pandora_console/include/functions_graph.php
+++ b/pandora_console/include/functions_graph.php
@ -2019,6 +2019,21 @@ echo"<h4>Gráfica de área</h4>";
 		}
 	}
 	
+/*
+while (isset ($data[$j])){
+
+	$aggs[$data[$j]['agg']] = $data[$j]['agg'];
+		$date = $data[$j]['date'];
+		$time = $data[$j]['time'];
+	$ag = $data[$j]['agg'];
+		$datetime = strtotime ($date." ".$time);
+		$timestamp_short = date($time_format, $datetime);
+		$chart[$timestamp_short][$ag] = $data[$j]['data'];
+		$j++;
+	}
+	
+*/
+	
 	foreach($chart as $key => $value) {
 		foreach($aggs as $agg) {
 			if(!isset($chart[$key][$agg])) {
--- a/pandora_console/include/functions_netflow.php
+++ b/pandora_console/include/functions_netflow.php
@ -204,7 +204,7 @@ function orderMultiDimensionalArray ($toOrderArray, $field, $inverse = false) {
     return $returnArray; 
 }

-function netflow_show_total_period($data, $date_limit, $date_time){
+function netflow_show_total_period($data, $date_limit, $date_time, $show){
 	$values = array();
 	$table->width = '50%';
 	$table->class = 'databox';
@ -213,7 +213,7 @@ function netflow_show_total_period($data, $date_limit, $date_time){
 	$j = 0;
 	$x = 1;
 	
-	echo"<h4>Suma por periodo</h4>";
+	echo"<h4>Suma por periodo ($show)</h4>";
 	$table->data[0][0] = '<b>'.__('Rango').'</b>';
 	$table->data[0][1] = '<b>'.$title.'</b>';
 	
@ -222,11 +222,11 @@ function netflow_show_total_period($data, $date_limit, $date_time){
 		if (!isset($values[$agg])){
 			$values[$agg] = $data[$j]['data'];
 			$table->data[$x][0] = $agg;
-			$table->data[$x][1] = $data[$j]['data'];
+			$table->data[$x][1] = $data[$j]['data'].' '.$show;
 		} else {
 			$values[$agg] += $data[$j]['data'];
 			$table->data[$x][0] = $agg;
-			$table->data[$x][1] = $data[$j]['data'];
+			$table->data[$x][1] = $data[$j]['data'].' '.$show;
 		}
 		$j++;
 		$x++;
@ -234,7 +234,7 @@ function netflow_show_total_period($data, $date_limit, $date_time){
 html_print_table($table);
 }

-function netflow_show_table_values($data, $date_limit, $date_time){
+function netflow_show_table_values($data, $date_limit, $date_time, $show){
 	$values = array();
 	$table->width = '50%';
 	$table->class = 'databox';
@ -244,7 +244,7 @@ function netflow_show_table_values($data, $date_limit, $date_time){
 	$x = 1;
 	$y = 1;
 	
-	echo"<h4>Tabla de valores</h4>";
+	echo"<h4>Tabla de valores ($show)</h4>";
 	$table->data[0][0] = '<b>'.__('Rango').'</b>';

 	$coordx = array();
--- a/pandora_console/operation/netflow/nf_view.php
+++ b/pandora_console/operation/netflow/nf_view.php
@ -86,6 +86,7 @@ function exec_command_aggregate ($start_date, $end_date, $command, $show){
 		foreach($string as $line){
 			if ($line=='')
 				break;
+			$line = preg_replace ('/\(\s*\S+\)/', '', $line);
 			$line = preg_replace ('/\s+/', ' ', $line);
 			$val = explode(' ',$line);

@ -104,20 +105,16 @@ function exec_command_aggregate ($start_date, $end_date, $command, $show){
 		
 			switch ($show){
 				case "packets":
-					$val[7]= str_replace('(','',$val[7]);
-					$val[7]= str_replace(')','',$val[7]);
-					$values[$i]['data'] = $val[7];
+					$values[$i]['data'] = $val[6];
 					break;
 				case "bytes":
-					$val[9]= str_replace('(','',$val[9]);
-					$val[9]= str_replace(')','',$val[9]);
-					$values[$i]['data'] = $val[9];
+					$values[$i]['data'] = $val[7];
 					break;
 				case "bps":
-					$values[$i]['data'] = $val[12];
+					$values[$i]['data'] = $val[9];
 					break;
 				case "bpp":
-					$values[$i]['data'] = $val[13];
+					$values[$i]['data'] = $val[10];
 					break;
 			}	
 			$i++;
@ -126,6 +123,107 @@ function exec_command_aggregate ($start_date, $end_date, $command, $show){
 	}
 }

+function get_aggregate ($start_date, $end_date, $command, $show,$filt, $aggregate, $max, $order){
+	//$command .= ' -t '.$start_date.'-'.$end_date.' -N';
+	$command_1 = $command.' -n '.$max;
+	$command_1 .= $order;
+	
+//html_debug_print($aggregate);
+	$values = array();
+	exec($command_1, $string);
+
+	$i = 0;
+	$aggs = array();
+	$ag ='';
+	if(isset($string) && is_array($string)&&($string!=null)){
+		foreach($string as $line) {
+			if ($line=='')
+				break;
+			
+			$line = preg_replace ('/\s+/', ' ', $line);
+			$val = explode(' ',$line);
+			switch ($aggregate){
+				case "proto":
+					$aggs[$val[3]] = $val[3];
+					break;
+				case "srcip":
+					$val2 = explode(':', $val[4]);
+					$aggs[$val2[0]] = $val2[0];
+					break;
+				case "srcport":
+					$val2 = explode(':', $val[4]);
+					$aggs[$val2[1]] = $val2[1];
+					break;
+				case "dstip":
+					$val2 = explode(':', $val[6]);
+					$aggs[$val2[0]] = $val2[0];
+					break;
+				case "dstport":
+					$val2 = explode(':', $val[6]);
+					$aggs[$val2[1]] = $val2[1];
+					break;
+			}
+		}
+		//html_debug_print($aggs);
+		return $aggs;
+	}
+
+}
+
+function exec_command_prueba ($start_date, $end_date, $command, $show, $aggs, $aggregate){
+	//$command .= ' -t '.$start_date.'-'.$end_date.' -N';
+	$values = array();
+	$ag = 'src ip';
+		
+		$count_agg = count($aggs);
+		$command .= ' "';
+		$i = 0;
+			foreach($aggs as $agg){
+				if ($i==0)
+					$command .= $ag.' '.$agg;
+				else
+					$command .= ' or '.$ag.' '.$agg;
+				$i++;
+		}
+		$command .= '"';
+		exec($command, $result);
+		//html_debug_print($result);
+			
+		$i = 0;
+		if(isset($result) && is_array($result)&&($result!=null)){
+			foreach($result as $line) {
+				if ($line=='')
+					break;
+					
+				$line = preg_replace ('/\s+/', ' ', $line);
+				$val = explode(' ',$line);
+				$values[$i]['date'] = $val[0];
+				$values[$i]['time'] = $val[1];
+			
+				//create field to sort array
+				$date = $val[0];
+				$time = $val[1];
+				$date_time = strtotime ($date." ".$time);
+				$values[$i]['datetime'] = $date_time;
+				///
+				$values[$i]['duration'] = $val[2];
+				$values[$i]['proto'] = $val[3];
+					
+				switch ($show){
+					case "packets":
+						$values[$i]['data'] = $val[7];
+						break;
+					case "bytes":
+						$values[$i]['data'] = $val[8];
+						break;
+				}
+			$i++;
+			}
+		}
+	
+	return $values;
+}
+
 $id = get_parameter('id');
 $period = get_parameter('period', '86400');
 $date_= get_parameter('date', date ("Y/m/d", get_system_time ()));
@ -237,14 +335,28 @@ if ($id!=''){
 		$show_bps = $result['show_bps'];
 		$show_bpp = $result['show_bpp'];
 		
+		$dst_net = false;
+		$src_net = false;
+	
 		if(isset($ip_dst)){
+			$net = preg_match('/\//',$ip_dst);
+			//html_debug_print(var_dump($net));
+			if ($net != 0) {
+				$dst_net = true;
+			} else {
 				$val_ipdst = explode(',',$ip_dst);
 				$count_ipdst = count($val_ipdst);
 			}
+		}
 		if(isset($ip_src)){
+			$net = preg_match('/\//',$ip_src);
+			if ($net != 0) {
+				$src_net = true;
+			} else {
 				$val_ipsrc = explode(',',$ip_src);
 				$count_ipsrc = count($val_ipsrc);
 			}
+		}
 		if(isset($dst_port)&&($dst_port!='0')){
 			$val_dstport = explode(',',$dst_port);
 			$count_dstport = count($val_dstport);
@ -260,14 +372,16 @@ if ($id!=''){
 		if (isset($config['netflow_path']))
 			$command .= ' -R '.$config['netflow_path'];
 		
+/*
 		if (isset($aggregate)&&($aggregate!='none')){
 			$command .= ' -s '.$aggregate;
 			if (isset($max_val))
 				$command .= ' -n '.$max_val;
 		}
+*/

 		//filter options
-		if (isset($ip_dst)&&($ip_dst!='')){
+		if (isset($ip_dst)&&($ip_dst!='')&&($dst_net == false)){
 			$command .= ' "';
 			for($i=0;$i<$count_ipdst;$i++){
 				if ($i==0)
@ -275,7 +389,7 @@ if ($id!=''){
 				else
 					$command .= ' or dst ip '.$val_ipdst[$i];
 			}
-			if (isset($ip_src)&&($ip_src!='')){
+			if (isset($ip_src)&&($ip_src!='')&&($src_net == false)){
 				$command .= ' and (';

 				for($i=0;$i<$count_ipsrc;$i++){
@ -308,7 +422,7 @@ if ($id!=''){
 			}
 		$command .= '"';
 		
-		} else if (isset($ip_src)&&($ip_src!='')){
+		} else if (isset($ip_src)&&($ip_src!='')&&($src_net == false)) {
 			$command .= ' "';
 			for($i=0;$i<$count_ipsrc;$i++){
 				if ($i==0)
@ -361,13 +475,13 @@ if ($id!=''){
 			}
 			
 	} else {
-		if (isset($src_port)&&($src_port!='')&&($src_port!='0')){
+		if (isset($src_port)&&($src_port!='')&&($src_port!='0')&&($src_net == false)&&($dst_net == false)){
 				$command .= ' "(';
-			for($i=0;$i<$count_ipdst;$i++){
+			for($i=0;$i<$count_srcport;$i++){
 				if ($i==0)
-					$command .= 'dst ip '.$val_ipdst[$i];
+					$command .= 'src port '.$val_srcport[$i];
 				else
-					$command .= ' or dst ip '.$val_ipdst[$i];
+					$command .= ' or src port '.$val_srcport[$i];
 			}
 			$command .= ' )"';
 		}
@ -383,17 +497,28 @@ if ($id!=''){
 		$show = 'bpp';

 	//create interval to divide command execution
-	$inter = $config['graph_res'] * 100;
+	$inter = $config['graph_res'] * 50;
+/*
 	if ($aggregate!='none')
 		$inter = 1;
+*/

 	$fecha_limite = date ($time_format, $limit);
 	$res = $interval/$inter;
 	
+	$aggs = array();
+	if ($aggregate!='none'){
+		$command = 'nfdump -q -R /home/vanessa/netflow/netflow/ -t 2011/11/29.14:53:17-2011/12/30.20:53:17 -N';
+		$filt='';
+		$order = ' -s record/'.$show;
+		$j = 0;
+		$aggs = get_aggregate($date_limit, $date_time, $command, $show,$filt,$aggregate, $max_val, $order);
+	}
 	// Data iterator
 	$j = 0;
 	$values = array();

+			
 	// Calculate interval date
 	for ($i = 0; $i < $inter; $i++) {
 		$timestamp = $limit + ($res * $i);
@ -403,8 +528,16 @@ if ($id!=''){
 		$end = date ($time_format, $end_date);

 		if($aggregate!='none'){
-			$result = exec_command_aggregate($timestamp_short, $end, $command, $show);
-			$result = orderMultiDimensionalArray($result, 'datetime');
+			$result = exec_command_prueba($timestamp_short, $end, $command, $show, $aggs);
+
+/*
+			//$result = orderMultiDimensionalArray($result, 'datetime');
+			html_debug_print($aggs);
+			foreach ($aggs as $agg) {
+				$command = 'nfdump -q -R /home/vanessa/netflow/netflow/ -t 2011/11/29.14:53:17-2011/12/30.20:53:17 -N "src ip '.$agg.'"';
+				$result = exec_command_prueba($timestamp_short, $end, $command, $show,$filt,$aggregate, $max_val, $order);
+			}
+*/
 		} else {
 			$result = exec_command($timestamp_short, $end, $command, $show);
 		}
@ -413,6 +546,7 @@ if ($id!=''){
 		$count = 0;

 		if(!empty($result)){
+			$previous_data = 0;
 			foreach($result as $data){
 				$dates = $data['date'];
 				$times = $data['time'];
@ -424,26 +558,27 @@ if ($id!=''){

 			if ($count > 0) {
 				$values[$j]['data'] = $total / $count;
-				$var = $values[$j]['data'];
+				$previous_data = $values[$j]['data'];
 			} else {
-				$values[$j]['data'] = 0;
+				$values[$j]['data'] = $previous_data;
 			}
 			$j++;
 		}			
 	}
+
 		if($aggregate!='none'){
 			switch ($element){
 				case '0':
 					echo grafico_netflow_aggregate_area($result, $interval, 880, 540, '', '','','',$date);
 					break;
 				case '1':
-					echo grafico_netflow_aggregate_pie($result);
+					//echo grafico_netflow_aggregate_pie($result);
 					break;
 				case '2':
-					echo netflow_show_table_values($result, $date_limit, $date_time);
+					//echo netflow_show_table_values($result, $date_limit, $date_time, $show);
 					break;
 				case '3':
-					echo netflow_show_total_period($result, $date_limit, $date_time);
+					//echo netflow_show_total_period($result, $date_limit, $date_time, $show);
 					break;
 			}
 		}else{