From c245a8460ab318d527f1c51cfc53f76494208885 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Fri, 5 Sep 2014 14:58:39 -0400
Subject: Adjust states summary for new pfctl -ss output. Fixes #2121

---
 usr/local/www/diag_states_summary.php | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

(limited to 'usr/local')

diff --git a/usr/local/www/diag_states_summary.php b/usr/local/www/diag_states_summary.php
index 9259912..3c5e297 100644
--- a/usr/local/www/diag_states_summary.php
+++ b/usr/local/www/diag_states_summary.php
@@ -1,7 +1,7 @@
 <?php
 /*
 	diag_states_summary.php
-	Copyright (C) 2010 Jim Pingle
+	Copyright (C) 2010-2014 Jim Pingle
 
 	Portions borrowed from diag_dump_states.php:
 	Copyright (C) 2005-2009 Scott Ullrich
@@ -64,11 +64,21 @@ $row = 0;
 if(count($states) > 0) {
 	foreach($states as $line) {
 		$line_split = preg_split("/\s+/", $line);
-		$type  = array_shift($line_split);
+		$iface = array_shift($line_split);
 		$proto = array_shift($line_split);
 		$state = array_pop($line_split);
 		$info  = implode(" ", $line_split);
 
+		/* Handle NAT cases
+			Replaces an external IP + NAT by the internal IP */
+		if (strpos($info, ') ->') !== FALSE) {
+			/* Outbound NAT */
+			$info = preg_replace('/(\S+) \((\S+)\)/U', "$2", $info);
+		} elseif (strpos($info, ') <-') !== FALSE) {
+			/* Inbound NAT/Port Forward */
+			$info = preg_replace('/(\S+) \((\S+)\)/U', "$1", $info);
+		}
+
 		/* break up info and extract $srcip and $dstip */
 		$ends = preg_split("/\<?-\>?/", $info);
 
@@ -82,7 +92,7 @@ if(count($states) > 0) {
 
 		/* Handle IPv6 */
 		$parts = explode(":", $srcinfo);
-		$partcount = count($parts);		
+		$partcount = count($parts);
 		if ($partcount <= 2) {
 			$srcip = trim($parts[0]);
 			$srcport = trim($parts[1]);
@@ -91,9 +101,9 @@ if(count($states) > 0) {
 			$srcip = $matches[1];
 			$srcport = trim($matches[3]);
 		}
-		
+
 		$parts = explode(":", $dstinfo);
-		$partcount = count($parts);		
+		$partcount = count($parts);
 		if ($partcount <= 2) {
 			$dstip = trim($parts[0]);
 			$dstport = trim($parts[1]);
-- 
cgit v1.1