.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgment:
* "This product includes software developed by the pfSense Project
* for use in the pfSense® software distribution. (http://www.pfsense.org/).
*
* 4. The names "pfSense" and "pfSense Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* coreteam@pfsense.org.
*
* 5. Products derived from this software may not be called "pfSense"
* nor may "pfSense" appear in their names without prior written
* permission of the Electric Sheep Fencing, LLC.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
*
* "This product includes software developed by the pfSense Project
* for use in the pfSense software distribution (http://www.pfsense.org/).
*
* THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
##|+PRIV
##|*IDENT=page-diagnostics-logs-firewall
##|*NAME=Status: Logs: Firewall
##|*DESCR=Allow access to the 'Status: Logs: Firewall' page.
##|*MATCH=status_logs_filter.php*
##|-PRIV
require_once("status_logs_common.inc");
require_once("ipsec.inc");
# --- AJAX RESOLVE ---
if (isset($_POST['resolve'])) {
$ip = strtolower($_POST['resolve']);
$res = (is_ipaddr($ip) ? gethostbyaddr($ip) : '');
if ($res && $res != $ip) {
$response = array('resolve_ip' => $ip, 'resolve_text' => $res);
} else {
$response = array('resolve_ip' => $ip, 'resolve_text' => gettext("Cannot resolve"));
}
echo json_encode(str_replace("\\", "\\\\", $response)); // single escape chars can break JSON decode
exit;
}
/*
Build a list of allowed log files so we can reject others to prevent the page
from acting on unauthorized files.
*/
$allowed_logs = array(
"filter" => array("name" => "Firewall",
"shortcut" => "filter"),
);
// The logs to display are specified in a GET argument. Default to 'system' logs
if (!$_GET['logfile']) {
$logfile = 'filter';
$view = 'normal';
} else {
$logfile = $_GET['logfile'];
$view = $_GET['view'];
if (!array_key_exists($logfile, $allowed_logs)) {
/* Do not let someone attempt to load an unauthorized log. */
$logfile = 'filter';
$view = 'normal';
}
}
if ($view == 'normal') { $view_title = gettext("Normal View"); }
if ($view == 'dynamic') { $view_title = gettext("Dynamic View"); }
if ($view == 'summary') { $view_title = gettext("Summary View"); }
$rulenum = getGETPOSTsettingvalue('getrulenum', null);
if ($rulenum) {
list($rulenum, $tracker, $type) = explode(',', $rulenum);
$rule = find_rule_by_number($rulenum, $tracker, $type);
echo gettext("The rule that triggered this action is") . ":\n\n{$rule}";
exit;
}
// Log Filter Submit - Firewall
log_filter_form_firewall_submit();
// Manage Log Section - Code
manage_log_code();
// Status Logs Common - Code
status_logs_common_code();
$pgtitle = array(gettext("Status"), gettext("System Logs"), gettext($allowed_logs[$logfile]["name"]), $view_title);
include("head.inc");
if (!$input_errors && $savemsg) {
print_info_box($savemsg, 'success');
$manage_log_active = false;
}
// Tab Array
tab_array_logs_common();
// Manage Log - Section/Form
if ($system_logs_manage_log_form_hidden) {
manage_log_section();
}
// Filter Section/Form - Firewall
filter_form_firewall();
// Now the forms are complete we can draw the log table and its controls
if (!$rawfilter) {
$iflist = get_configured_interface_with_descr(false, true);
if ($iflist[$interfacefilter]) {
$interfacefilter = $iflist[$interfacefilter];
}
system_log_filter();
?>
=gettext("Time")?> |
=gettext("Message")?> |
' .
gettext("TCP Flags") . ': F - FIN, S - SYN, A or . - ACK, R - RST, P - PSH, U - URG, E - ECE, C - CWR.' . '
' .
' = Add to block list., = Pass traffic, = Resolve', 'info', false);
?>