diff options
| author | jim-p <jimp@pfsense.org> | 2014-06-04 14:12:05 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2014-06-04 14:13:23 -0400 |
| commit | 5344099abc7e490e63c9dacfb311c3fb3cc38de7 (patch) | |
| tree | 758c69ce50eb26e3b1c8a48f387aff30d4593725 /usr/local/www/diag_dump_states.php | |
| parent | e9490019347688df64f370969d45b2c6af5130fb (diff) | |
| download | pfsense-5344099abc7e490e63c9dacfb311c3fb3cc38de7.zip pfsense-5344099abc7e490e63c9dacfb311c3fb3cc38de7.tar.gz | |
Various fixes to diag_dump_states.php (Add interface column, some extra validation safety, etc). Should fix #2121
Diffstat (limited to 'usr/local/www/diag_dump_states.php')
| -rwxr-xr-x | usr/local/www/diag_dump_states.php | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/usr/local/www/diag_dump_states.php b/usr/local/www/diag_dump_states.php index b6771aa..549d669 100755 --- a/usr/local/www/diag_dump_states.php +++ b/usr/local/www/diag_dump_states.php @@ -40,6 +40,7 @@ ##|-PRIV require_once("guiconfig.inc"); +require_once("interfaces.inc"); /* handle AJAX operations */ if($_GET['action']) { @@ -50,7 +51,7 @@ if($_GET['action']) { } else { echo gettext("invalid input"); } - exit; + return; } } @@ -59,9 +60,14 @@ if ($_GET['filter'] && ($_GET['killfilter'] == "Kill")) { $tokill = escapeshellarg($_GET['filter'] . "/32"); } elseif (is_subnet($_GET['filter'])) { $tokill = escapeshellarg($_GET['filter']); + } else { + // Invalid filter + $tokill = ""; + } + if (!empty($tokill)) { + $retval = mwexec("/sbin/pfctl -k {$tokill} -k 0/0"); + $retval = mwexec("/sbin/pfctl -k 0.0.0.0/0 -k {$tokill}"); } - $retval = mwexec("/sbin/pfctl -k {$tokill} -k 0/0"); - $retval = mwexec("/sbin/pfctl -k 0.0.0.0/0 -k {$tokill}"); } $pgtitle = array(gettext("Diagnostics"),gettext("Show States")); @@ -155,7 +161,8 @@ include("head.inc"); <table class="tabcont sortable" width="100%" border="0" cellspacing="0" cellpadding="0" summary="results"> <thead> <tr> - <th class="listhdrr" width="10%"><?=gettext("Proto");?></th> + <th class="listhdrr" width="5%"><?=gettext("Int");?></th> + <th class="listhdrr" width="5%"><?=gettext("Proto");?></th> <th class="listhdrr" width="65"><?=gettext("Source -> Router -> Destination");?></th> <th class="listhdr" width="24%"><?=gettext("State");?></th> <th class="list sort_ignore" width="1%"></th> @@ -165,18 +172,22 @@ include("head.inc"); <?php $row = 0; /* get our states */ -$grepline = ($_GET['filter']) ? "| grep " . escapeshellarg(htmlspecialchars($_GET['filter'])) : ""; +$grepline = ($_GET['filter']) ? "| /usr/bin/egrep " . escapeshellarg(htmlspecialchars($_GET['filter'])) : ""; $fd = popen("/sbin/pfctl -s state {$grepline}", "r" ); while ($line = chop(fgets($fd))) { if($row >= 10000) break; $line_split = preg_split("/\s+/", $line); - $type = array_shift($line_split); + + $iface = array_shift($line_split); $proto = array_shift($line_split); $state = array_pop($line_split); $info = implode(" ", $line_split); + // We may want to make this optional, with a large state table, this could get to be expensive. + $iface = convert_real_interface_to_friendly_descr($iface); + /* break up info and extract $srcip and $dstip */ $ends = preg_split("/\<?-\>?/", $info); $parts = explode(":", $ends[0]); @@ -185,8 +196,9 @@ while ($line = chop(fgets($fd))) { $dstip = trim($parts[0]); ?> - <tr valign="top" id="r:<?= $srcip ?>:<?= $dstip ?>"> - <td class="listlr"><?= $proto ?></td> + <tr valign="top" id="r:<?= $srcip ?>:<?= $dstip ?>" name="r:<?= $srcip ?>:<?= $dstip ?>"> + <td class="listlr"><?= $iface ?></td> + <td class="listr"><?= $proto ?></td> <td class="listr"><?= $info ?></td> <td class="listr"><?= $state ?></td> <td class="list"> |
