From c0ee2a015faac1771badec3a4ed3bce1feba8da2 Mon Sep 17 00:00:00 2001 From: jim-p Date: Thu, 22 Dec 2011 12:43:59 -0500 Subject: Add ability to kill all states matching an IP or subnet filter. Also display count of states matching filter. --- usr/local/www/diag_dump_states.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'usr/local') diff --git a/usr/local/www/diag_dump_states.php b/usr/local/www/diag_dump_states.php index c832e2a..5ed855d 100755 --- a/usr/local/www/diag_dump_states.php +++ b/usr/local/www/diag_dump_states.php @@ -54,6 +54,16 @@ if($_GET['action']) { } } +if ($_GET['filter'] && ($_GET['killfilter'] == "Kill")) { + if (is_ipaddr($_GET['filter'])) { + $tokill = $_GET['filter'] . "/32"; + } elseif (is_subnet($_GET['filter'])) { + $tokill = $_GET['filter']; + } + $retval = mwexec("/sbin/pfctl -k {$tokill} -k 0/0"); + $retval = mwexec("/sbin/pfctl -k 0.0.0.0/0 -k {$tokill}"); +} + /* get our states */ if($_GET['filter']) { exec("/sbin/pfctl -s state | grep " . escapeshellarg(htmlspecialchars($_GET['filter'])), $states); @@ -131,11 +141,19 @@ include("head.inc");
- +
+ : + + (: ) + + " /> + + " /> +
-- cgit v1.1