diff options
| author | jim-p <jimp@pfsense.org> | 2011-04-27 12:03:09 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2011-04-27 12:03:09 -0400 |
| commit | f35abee2f7cc85a255cd4fef137e3cd4e548ea1f (patch) | |
| tree | 2d8ad08567eaa621b5b7a58b8c7671f962a26ca9 | |
| parent | c41997ce79555da60f44f4896b972a07bdc2d9e6 (diff) | |
| download | pfsense-f35abee2f7cc85a255cd4fef137e3cd4e548ea1f.zip pfsense-f35abee2f7cc85a255cd4fef137e3cd4e548ea1f.tar.gz | |
Whitespace cleanup, code cleanup, add choice to filter on ipv4/ipv6 and also accept a subnet to filter on via the host field.
| -rw-r--r-- | usr/local/www/diag_packet_capture.php | 169 |
1 files changed, 91 insertions, 78 deletions
diff --git a/usr/local/www/diag_packet_capture.php b/usr/local/www/diag_packet_capture.php index 684011c..d95e52b 100644 --- a/usr/local/www/diag_packet_capture.php +++ b/usr/local/www/diag_packet_capture.php @@ -23,7 +23,7 @@ POSSIBILITY OF SUCH DAMAGE. */ -/* +/* pfSense_BUILDER_BINARIES: /bin/ps /usr/bin/grep /usr/sbin/tcpdump pfSense_MODULE: routing */ @@ -52,7 +52,8 @@ if ($_POST) { $packetlength = $_POST['snaplen']; $port = $_POST['port']; $detail = $_POST['detail']; - + $fam = $_POST['fam']; + conf_mount_rw(); if ($_POST['dnsquery']) { @@ -65,10 +66,10 @@ if ($_POST) { if ($_POST['startbtn'] != "" ) { $action = gettext("Start"); - - //delete previous packet capture if it exists - if (file_exists($fp.$fn)) - unlink ($fp.$fn); + + //delete previous packet capture if it exists + if (file_exists($fp.$fn)) + unlink ($fp.$fn); } elseif ($_POST['stopbtn']!= "") { $action = gettext("Stop"); @@ -88,7 +89,7 @@ if ($_POST) { //download file $fs = filesize($fp.$fn); header("Content-Type: application/octet-stream"); - header("Content-Disposition: attachment; filename=$fn"); + header("Content-Disposition: attachment; filename=$fn"); header("Content-Length: $fs"); readfile($fp.$fn); } @@ -100,22 +101,22 @@ include("head.inc"); ?> <body link="#000000" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("fbegin.inc"); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> + <tr> + <td> <form action="diag_packet_capture.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Packet capture");?></td> - </tr> - <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> - <td width="83%" class="vtable"> + </tr> + <tr> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> + <td width="83%" class="vtable"> <select name="interface"> -<?php +<?php $interfaces = get_configured_interface_with_descr(); if (isset($config['ipsec']['enable'])) $interfaces['ipsec'] = "IPsec"; @@ -129,48 +130,59 @@ include("fbegin.inc"); } } foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?php if ($selectedif == $iface) echo "selected"; ?>> - <?php echo $ifacename;?> - </option> - <?php endforeach;?> - </select> + <option value="<?=$iface;?>" <?php if ($selectedif == $iface) echo "selected"; ?>> + <?php echo $ifacename;?> + </option> + <?php endforeach;?> + </select> <br/><?=gettext("Select the interface on which to capture traffic.");?> - </td> + </td> + </tr> + <tr> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Address Family");?></td> + <td width="83%" class="vtable"> + <select name="fam"> + <option value="">Any</option> + <option value="ip" <?php if ($fam == "ip") echo "selected"; ?>>IPv4 Only</option> + <option value="ip6" <?php if ($fam == "ip6") echo "selected"; ?>>IPv6 Only</option> + </select> + <br/><?=gettext("Select the type of traffic to be captured, either Any, IPv4 only or IPv6 only.");?> + </td> </tr> - <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Host Address");?></td> - <td width="83%" class="vtable"> - <input name="host" type="text" class="formfld host" id="host" size="20" value="<?=htmlspecialchars($host);?>"> - <br/><?=gettext("This value is either the Source or Destination IP address. The packet capture will look for this address in either field.");?> - <br/><?=gettext("This value can be a domain name or IP address.");?> + <tr> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Host Address");?></td> + <td width="83%" class="vtable"> + <input name="host" type="text" class="formfld host" id="host" size="20" value="<?=htmlspecialchars($host);?>"> + <br/><?=gettext("This value is either the Source or Destination IP address or subnet in CIDR notation. The packet capture will look for this address in either field.");?> + <br/><?=gettext("This value can be a domain name or IP address, or subnet in CIDR notation.");?> <br/><?=gettext("If you leave this field blank, all packets on the specified interface will be captured.");?> </td> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Port");?></td> - <td width="83%" class="vtable"> - <input name="port" type="text" class="formfld unknown" id="port" size="5" value="<?=$port;?>"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Port");?></td> + <td width="83%" class="vtable"> + <input name="port" type="text" class="formfld unknown" id="port" size="5" value="<?=$port;?>"> <br/><?=gettext("The port can be either the source or destination port. The packet capture will look for this port in either field.");?> <br/><?=gettext("Leave blank if you do not want to filter by port.");?> </td> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Packet Length");?></td> - <td width="83%" class="vtable"> - <input name="snaplen" type="text" class="formfld unknown" id="snaplen" size="5" value="<?=$snaplen;?>"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Packet Length");?></td> + <td width="83%" class="vtable"> + <input name="snaplen" type="text" class="formfld unknown" id="snaplen" size="5" value="<?=$snaplen;?>"> <br/><?=gettext("The Packet length is the number of bytes of each packet that will be captured. Default value is 0, which will capture the entire frame regardless of its size.");?> </td> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Count");?></td> - <td width="83%" class="vtable"> - <input name="count" type="text" class="formfld unknown" id="count" size="5" value="<?=$count;?>"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Count");?></td> + <td width="83%" class="vtable"> + <input name="count" type="text" class="formfld unknown" id="count" size="5" value="<?=$count;?>"> <br/><?=gettext("This is the number of packets the packet capture will grab. Default value is 100.") . "<br/>" . gettext("Enter 0 (zero) for no count limit.");?> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Level of Detail");?></td> - <td width="83%" class="vtable"> - <select name="detail" type="text" class="formselect" id="detail" size="1"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Level of Detail");?></td> + <td width="83%" class="vtable"> + <select name="detail" type="text" class="formselect" id="detail" size="1"> <option value="-q" <?php if ($detail == "-q") echo "selected"; ?>><?=gettext("Normal");?></option> <option value="-v" <?php if ($detail == "-v") echo "selected"; ?>><?=gettext("Medium");?></option> <option value="-vv" <?php if ($detail == "-vv") echo "selected"; ?>><?=gettext("High");?></option> @@ -181,37 +193,37 @@ include("fbegin.inc"); gettext("This option does not affect the level of detail when downloading the packet capture.");?> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Reverse DNS Lookup");?></td> - <td width="83%" class="vtable"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Reverse DNS Lookup");?></td> + <td width="83%" class="vtable"> <input name="dnsquery" type="checkbox"<?php if($_POST['dnsquery']) echo " CHECKED"; ?>> <br/><?=gettext("This check box will cause the packet capture to perform a reverse DNS lookup associated with all IP addresses.");?> <br/><b><?=gettext("Note");?>: </b><?=gettext("This option can cause delays for large packet captures.");?> </td> </tr> <tr> - <td width="17%" valign="top"> </td> - <td width="83%"> + <td width="17%" valign="top"> </td> + <td width="83%"> <?php - /* check to see if packet capture tcpdump is already running */ + /* check to see if packet capture tcpdump is already running */ $processcheck = (trim(shell_exec("/bin/ps axw -O pid= | /usr/bin/grep tcpdump | /usr/bin/grep {$fn} | /usr/bin/egrep -v '(pflog|grep)'"))); - + if ($processcheck != "") $processisrunning = true; - else + else $processisrunning = false; if (($action == gettext("Stop") or $action == "") and $processisrunning != true) echo "<input type=\"submit\" name=\"startbtn\" value=\"" . gettext("Start") . "\"> "; - else { - echo "<input type=\"submit\" name=\"stopbtn\" value=\"" . gettext("Stop") . "\"> "; - } + else { + echo "<input type=\"submit\" name=\"stopbtn\" value=\"" . gettext("Stop") . "\"> "; + } if (file_exists($fp.$fn) and $processisrunning != true) { echo "<input type=\"submit\" name=\"downloadbtn\" value=\"" . gettext("Download Capture") . "\">"; echo " (" . gettext("The packet capture file was last updated:") . " " . date("F jS, Y g:i:s a.", filemtime($fp.$fn)) . ")"; } ?> - </td> + </td> </tr> <tr> <td valign="top" colspan="2"> @@ -219,36 +231,37 @@ include("fbegin.inc"); echo "<font face='terminal' size='2'>"; if ($processisrunning == true) echo("<strong>" . gettext("Packet Capture is running.") . "</strong><br/>"); - - if ($do_tcpdump) { - - if ($port != "") { - $searchport = "and port ".$port; - if($host <> "") - $searchport = "and port ".$port; - else - $searchport = "port ".$port; - } else { - $searchport = ""; - } - - if ($host != "") { - $searchhost = "host " . $host; + + if ($do_tcpdump) { + $matches = array(); + + if (($fam == "ip6") || ($fam == "ip")) + $matches[] = $fam; + + if ($port != "") + $matches[] = "port ".$port; + + if ($host != "") { + if (is_ipaddr($host)) + $matches[] = "host " . $host; + elseif (is_subnet($host)) + $matches[] = "net " . $host; + } + + if ($count != "0" ) { + $searchcount = "-c " . $count; } else { - $searchhost = ""; - } - if ($count != "0" ) { - $searchcount = "-c " . $count; - } else { - $searchcount = ""; - } + $searchcount = ""; + } $selectedif = convert_friendly_interface_to_real_interface_name($selectedif); - + if ($action == gettext("Start")) { + $matchstr = implode($matches, " and "); echo("<strong>" . gettext("Packet Capture is running.") . "</strong><br/>"); - mwexec_bg ("/usr/sbin/tcpdump -i $selectedif $searchcount -s $packetlength -w $fp$fn $searchhost $searchport"); - } else { + mwexec_bg ("/usr/sbin/tcpdump -i $selectedif $searchcount -s $packetlength -w $fp$fn $matchstr"); + echo "/usr/sbin/tcpdump -i $selectedif $searchcount -s $packetlength -w $fp$fn $matchstr"; + } else { //action = stop echo("<strong>" . gettext("Packet Capture stopped.") . "<br/><br/>" . gettext("Packets Captured:") . "</strong><br/>"); ?> @@ -273,6 +286,6 @@ include("fbegin.inc"); </tr> </table> -<?php -include("fend.inc"); +<?php +include("fend.inc"); ?> |
