From 74c6d36f098ad7541a9c7253ddb3fd73e8dd3f82 Mon Sep 17 00:00:00 2001
From: N0YB <Al_Stu@Frontier.com>
Date: Fri, 15 Mar 2013 02:17:33 -0700
Subject: System Firewall Log Filtering by Fields

Previous filter form retained for raw logs view.
---
 usr/local/www/diag_logs_filter.php | 205 ++++++++++++++++++++++++++++++-------
 1 file changed, 167 insertions(+), 38 deletions(-)

(limited to 'usr/local/www/diag_logs_filter.php')
diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php
index 4e0f316..1a90c61 100755
--- a/usr/local/www/diag_logs_filter.php
+++ b/usr/local/www/diag_logs_filter.php
@@ -46,6 +46,9 @@
 require("guiconfig.inc");
 require_once("filter_log.inc");
 
+require_once("pfsense-utils.inc");
+require_once("functions.inc");
+
 function getGETPOSTsettingvalue($settingname, $default)
 {
 	$settingvalue = $default;
@@ -64,12 +67,42 @@ if($rulenum) {
 	exit;
 }
 
-$interfacefilter = getGETPOSTsettingvalue('interface', null);
-$filtertext = htmlspecialchars(getGETPOSTsettingvalue('filtertext', ""));
+$filtersubmit = getGETPOSTsettingvalue('filtersubmit', null);
+if ($filtersubmit) {
+	$interfacefilter = getGETPOSTsettingvalue('interface', null);
+	$filtertext = getGETPOSTsettingvalue('filtertext', "");
+	$filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null);
+}
+
+$filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null);
+if ($filterlogentries_submit) {
+	$filterfieldsarray = array("act", "time", "interface", "srcip", "srcport", "dstip", "dstport", "proto", "tcpflags");
+
+	$actpass = getGETPOSTsettingvalue('actpass', null);
+	$actblock = getGETPOSTsettingvalue('actblock', null);
+	$actreject = getGETPOSTsettingvalue('actreject', null);
+
+	$filterfieldsarray['act'] = trim($actpass . " " . $actblock . " " . $actreject);
+	$filterfieldsarray['act'] = $filterfieldsarray['act'] ? $filterfieldsarray['act'] : 'All';
+	$filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null);
+	$filterfieldsarray['interface'] = getGETPOSTsettingvalue('filterlogentries_interfaces', null);
+	$filterfieldsarray['srcip'] = getGETPOSTsettingvalue('filterlogentries_sourceipaddress', null);
+	$filterfieldsarray['srcport'] = getGETPOSTsettingvalue('filterlogentries_sourceport', null);
+	$filterfieldsarray['dstip'] = getGETPOSTsettingvalue('filterlogentries_destinationipaddress', null);
+	$filterfieldsarray['dstport'] = getGETPOSTsettingvalue('filterlogentries_destinationport', null);
+	$filterfieldsarray['proto'] = getGETPOSTsettingvalue('filterlogentries_protocol', null);
+	$filterfieldsarray['tcpflags'] = getGETPOSTsettingvalue('filterlogentries_protocolflags', null);
+	$filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null);
+}
 
 $filter_logfile = "{$g['varlog_path']}/filter.log";
 
 $nentries = $config['syslog']['nentries'];
+
+# Override Display Quantity
+if ($filterlogentries_qty)
+	$nentries = $filterlogentries_qty;
+
 if (!$nentries)
 	$nentries = 50;
 
@@ -109,52 +142,145 @@ include("head.inc");
 			<thead>
 			<tr>
 				<td colspan="<?=(!isset($config['syslog']['rawfilter']))?7:2?>" align="left" valign="middle">
-				<div style="float: right; vertical-align:middle">
+				<div id="filterlogentries_show" name="filterlogentries_show" class="widgetconfigdiv" style=<?=(!isset($config['syslog']['rawfilter']))?"":"display:none"?>>
+					<form id="filterlogentries" name="filterlogentries" action="diag_logs_filter.php" method="post">
+						<?php 
+							$Include_Act = explode(",", str_replace(" ", ",", $filterfieldsarray['act']));
+							if ($filterfieldsarray['interface'] == "All") $interface = "";
+						?>
+					<table width="100%" border="0" cellpadding="0" cellspacing="0">
+					<tr>
+						<td rowspan=2>
+							<div align=center><?=gettext("Action");?></div>
+							<div align=left>
+							<input id="actpass"   name="actpass"   type="checkbox" value="Pass"   <?php if (in_arrayi('Pass',   $Include_Act)) echo "checked"; ?> /> Pass<br>
+							<input id="actblock"  name="actblock"  type="checkbox" value="Block"  <?php if (in_arrayi('Block',  $Include_Act)) echo "checked"; ?> /> Block<br>
+							<input id="actreject" name="actreject" type="checkbox" value="Reject" <?php if (in_arrayi('Reject', $Include_Act)) echo "checked"; ?> /> Reject<br>
+							</div>
+						</td>
+						<td>
+							<div align=center><?=gettext("Time");?></div>
+							<div align=center><input id="filterlogentries_time" name="filterlogentries_time" class="formfld search" type="text" size="12" value="<?= $filterfieldsarray['time'] ?>" /></div>
+						</td>
+						<td>
+							<div align=center><?=gettext("Source IP Address");?></div>
+							<div align=center><input id="filterlogentries_sourceipaddress" name="filterlogentries_sourceipaddress" class="formfld search" type="text" size="35" value="<?= $filterfieldsarray['srcip'] ?>" /></div>
+						</td>
+						<td>
+							<div align=center><?=gettext("Source Port");?></div>
+							<div align=center><input id="filterlogentries_sourceport" name="filterlogentries_sourceport" class="formfld search" type="text" size="10" value="<?= $filterfieldsarray['srcport'] ?>" /></div>
+						</td>
+						<td>
+							<div align=center><?=gettext("Protocol");?></div>
+							<div align=center><input id="filterlogentries_protocol" name="filterlogentries_protocol" class="formfld search" type="text" size="5" value="<?= $filterfieldsarray['proto'] ?>" /></div>
+						</td>
+						<td>
+							<div align=center valign=top><?=gettext("Quantity");?></div>
+							<div align=center valign=top><input id="filterlogentries_qty" name="filterlogentries_qty" class="formfld search" type="text" size="2" value="<?= $filterlogentries_qty ?>" /></div>
+						</td>
+					</tr>
+					<tr>
+						<td valign=top>
+							<div align=center><?=gettext("Interface");?></div>
+							<div align=center><input id="filterlogentries_interfaces" name="filterlogentries_interfaces" class="formfld search" type="text" size="12" value="<?= $filterfieldsarray['interface'] ?>" /></div>
+						</td>
+						<td valign=top>
+							<div align=center><?=gettext("Destination IP Address");?></div>
+							<div align=center><input id="filterlogentries_destinationipaddress" name="filterlogentries_destinationipaddress" class="formfld search" type="text" size="35" value="<?= $filterfieldsarray['dstip'] ?>" /></div>
+						</td>
+						<td valign=top>
+							<div align=center><?=gettext("Destination Port");?></div>
+							<div align=center><input id="filterlogentries_destinationport" name="filterlogentries_destinationport" class="formfld search" type="text" size="10" value="<?= $filterfieldsarray['dstport'] ?>" /></div>
+						</td>
+						<td valign=top>
+							<div align=center><?=gettext("Protocol Flags");?></div>
+							<div align=center><input id="filterlogentries_protocolflags" name="filterlogentries_protocolflags" class="formfld search" type="text" size="5" value="<?= $filterfieldsarray['tcpflags'] ?>" /></div>
+						</td>
+						<td valign=bottom>
+							<div align=center><input id="filterlogentries_submit" name="filterlogentries_submit" type="submit" class="formbtn" value="<?=gettext("Filter");?>" /></div>
+						</td>
+					</tr>
+					<tr>
+						<td></td>
+						<td colspan=5>
+							<?printf(gettext('Matches %1$s regular expression%2$s.'), '<a target="_blank" href="http://www.php.net/manual/en/book.pcre.php">', '</a>');?>&nbsp&nbsp
+							<?=gettext("Precede with exclamation (!) as first character to exclude match.");?>&nbsp&nbsp
+						</td>
+					</tr>
+					</table>
+					</form>
+				</div>
+				<div id="filterform_show" name="filterform_show" class="widgetconfigdiv" style=<?=(!isset($config['syslog']['rawfilter']))?"display:none":""?>>
 					<form id="filterform" name="filterform" action="diag_logs_filter.php" method="post">
-						<select name="interface" onChange="dst_change(this.value,iface_old,document.iform.dsttype.value);iface_old = document.iform.interface.value;typesel_change();">
-						<option value="" <?=$interfacefilter?"":"selected"?>>*Any interface</option>
-						<?php						
-						$iflist = get_configured_interface_with_descr(false, true);
-						//$iflist = get_interface_list();
-						// Allow extending of the firewall edit interfaces 
-						pfSense_handle_custom_code("/usr/local/pkg/firewall_nat/pre_interfaces_edit");
-						foreach ($iflist as $if => $ifdesc)
-							$interfaces[$if] = $ifdesc;
+					<table width="0%" border="0" cellpadding="0" cellspacing="0">
+					<tr>
+						<td>
+							<div align=center valign=top><?=gettext("Interface");?></div>
+							<div align=center valign=top>
+							<select name="interface" onChange="dst_change(this.value,iface_old,document.iform.dsttype.value);iface_old = document.iform.interface.value;typesel_change();">
+							<option value="" <?=$interfacefilter?"":"selected"?>>*Any interface</option>
+							<?php						
+							$iflist = get_configured_interface_with_descr(false, true);
+							//$iflist = get_interface_list();
+							// Allow extending of the firewall edit interfaces 
+							pfSense_handle_custom_code("/usr/local/pkg/firewall_nat/pre_interfaces_edit");
+							foreach ($iflist as $if => $ifdesc)
+								$interfaces[$if] = $ifdesc;
 
-						if ($config['l2tp']['mode'] == "server")
-							$interfaces['l2tp'] = "L2TP VPN";
+							if ($config['l2tp']['mode'] == "server")
+								$interfaces['l2tp'] = "L2TP VPN";
 
-						if ($config['pptpd']['mode'] == "server")
-							$interfaces['pptp'] = "PPTP VPN";
+							if ($config['pptpd']['mode'] == "server")
+								$interfaces['pptp'] = "PPTP VPN";
 
-						if (is_pppoe_server_enabled() && have_ruleint_access("pppoe"))
-							$interfaces['pppoe'] = "PPPoE VPN";
+							if (is_pppoe_server_enabled() && have_ruleint_access("pppoe"))
+								$interfaces['pppoe'] = "PPPoE VPN";
 
-						/* add ipsec interfaces */
-						if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
-							$interfaces["enc0"] = "IPsec";
+							/* add ipsec interfaces */
+							if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
+								$interfaces["enc0"] = "IPsec";
 
-						/* add openvpn/tun interfaces */
-						if  ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"])
-							$interfaces["openvpn"] = "OpenVPN";
-						
-						foreach ($interfaces as $iface => $ifacename): ?>
-						<option value="<?=$iface;?>" <?=($iface==$interfacefilter)?"selected":"";?>><?=htmlspecialchars($ifacename);?></option>
-						<?php endforeach; ?>
-						</select>	
-						
-						<input id="filtertext" name="filtertext" class="formfld search" style="vertical-align:top;" value="<?=gettext($filtertext);?>" />
-						<input id="filtersubmit" name="filtersubmit" type="submit" class="formbtn" style="vertical-align:top;" value="<?=gettext("Filter");?>" />
+							/* add openvpn/tun interfaces */
+							if  ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"])
+								$interfaces["openvpn"] = "OpenVPN";
+
+							foreach ($interfaces as $iface => $ifacename): ?>
+							<option value="<?=$iface;?>" <?=($iface==$interfacefilter)?"selected":"";?>><?=htmlspecialchars($ifacename);?></option>
+							<?php endforeach; ?>
+							</select>
+							</div>
+						</td>
+						<td>
+							<div align=center valign=top><?=gettext("Filter expresion");?></div>
+							<div align=center valign=top><input id="filtertext" name="filtertext" class="formfld search" style="vertical-align:top;" type="text" size="35" value="<?=$filtertext?>" /></div>
+						</td>
+						<td>
+							<div align=center valign=top><?=gettext("Quantity");?></div>
+							<div align=center valign=top><input id="filterlogentries_qty" name="filterlogentries_qty" class="formfld search" style="vertical-align:top;" type="text" size="2" value="<?= $filterlogentries_qty ?>" /></div>
+						</td>
+						<td>
+							<div align=center valign=top>&nbsp</div>
+							<div align=center valign=top><input id="filtersubmit" name="filtersubmit" type="submit" class="formbtn" style="vertical-align:top;" value="<?=gettext("Filter");?>" /></div>
+						</td>
+					</tr>
+					<tr>
+						<td></td>
+						<td colspan=2>
+							<?printf(gettext('Matches %1$s regular expression%2$s.'), '<a target="_blank" href="http://www.php.net/manual/en/book.pcre.php">', '</a>');?>&nbsp&nbsp
+						</td>
+					</tr>
+					</table>
 					</form>
-					<br/>
 				</div>
 				<div style="float: left;">
+					<br>
 					<?=gettext("Normal View");?> | <a href="diag_logs_filter_dynamic.php"><?=gettext("Dynamic View");?></a> | <a href="diag_logs_filter_summary.php"><?=gettext("Summary View");?></a>
-					<br/><br/>
-					<?php if (isset($config['syslog']['filterdescriptions']) && $config['syslog']['filterdescriptions'] === "2"):?>
+				</div>
+				<div style="float: right; vertical-align:middle">
+					<br>
+					<?php if (!isset($config['syslog']['rawfilter']) && (isset($config['syslog']['filterdescriptions']) && $config['syslog']['filterdescriptions'] === "2")):?>
 					<a href="#" onclick="toggleListDescriptions()">Show/hide rule descriptions</a>
 					<?php endif;?>
-					<br/>
 				</div>
 				</td>	
 			</tr>
@@ -162,11 +288,14 @@ include("head.inc");
 	$iflist = get_configured_interface_with_descr(false, true);
 	if ($iflist[$interfacefilter])
 		$interfacefilter = $iflist[$interfacefilter];
-	$filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100, $filtertext, $interfacefilter);
+	if ($filterlogentries_submit) 
+		$filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100, $filterfieldsarray);
+	else
+		$filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100, $filtertext, $interfacefilter);
 ?>
 			<tr>
 			  <td colspan="<?=$config['syslog']['filterdescriptions']==="1"?7:6?>" class="listtopic">
-				<?php if (!$filtertext)
+				<?php if ( (!$filtertext) && (!$filterfieldsarray) )
 					printf(gettext("Last %s firewall log entries."),count($filterlog));
 				else
 					echo count($filterlog). ' ' . gettext("matched log entries.");
-- 
cgit v1.1


+ + + /> Pass + /> Block + /> Reject + +	+ + +	+ + +	+ + +	+ + +	+ + +
+ + + /> Pass + /> Block + /> Reject + +	+ + +	+ + +	+ + +	+ + +	+ " /> +
	+ ', '');?> + +