0) ? get_host_boolean($value, $host) : ""; if (is_ipaddr($host)) { return "{$andor}host {$not}" . $host; } elseif (is_subnet($host)) { return "{$andor}net {$not}" . $host; } else { return ""; } } if ($_POST['downloadbtn'] == gettext("Download Capture")) { $nocsrf = true; } $pgtitle = array(gettext("Diagnostics"), gettext("Packet Capture")); require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); $fp = "/root/"; $fn = "packetcapture.cap"; $snaplen = 0;//default packet length $count = 100;//default number of packets to capture $fams = array('ip', 'ip6'); $protos = array('icmp', 'icmp6', 'tcp', 'udp', 'arp', 'carp', 'esp', '!icmp', '!icmp6', '!tcp', '!udp', '!arp', '!carp', '!esp'); $input_errors = array(); $interfaces = get_configured_interface_with_descr(); if (isset($config['ipsec']['enable'])) { $interfaces['ipsec'] = "IPsec"; } foreach (array('server', 'client') as $mode) { if (is_array($config['openvpn']["openvpn-{$mode}"])) { foreach ($config['openvpn']["openvpn-{$mode}"] as $id => $setting) { if (!isset($setting['disable'])) { $interfaces['ovpn' . substr($mode, 0, 1) . $setting['vpnid']] = gettext("OpenVPN") . " ".$mode.": ".htmlspecialchars($setting['description']); } } } } if ($_POST) { $host = $_POST['host']; $selectedif = $_POST['interface']; $count = $_POST['count']; $snaplen = $_POST['snaplen']; $port = $_POST['port']; $detail = $_POST['detail']; $fam = $_POST['fam']; $proto = $_POST['proto']; if (!array_key_exists($selectedif, $interfaces)) { $input_errors[] = gettext("Invalid interface."); } if ($fam !== "" && $fam !== "ip" && $fam !== "ip6") { $input_errors[] = gettext("Invalid address family."); } if ($proto !== "" && !in_array(strip_not($proto), $protos)) { $input_errors[] = gettext("Invalid protocol."); } if ($host != "") { $host_string = str_replace(array(" ", "|", ","), array("", "#|", "#+"), $host); if (strpos($host_string, '#') === false) { $hosts = array($host); } else { $hosts = explode('#', $host_string); } foreach ($hosts as $h) { if (!is_subnet(strip_host_logic($h)) && !is_ipaddr(strip_host_logic($h))) { $input_errors[] = sprintf(gettext("A valid IP address or CIDR block must be specified. [%s]"), $h); } } } if ($port != "") { if (!is_port(strip_not($port))) { $input_errors[] = gettext("Invalid value specified for port."); } } if ($snaplen == "") { $snaplen = 0; } else { if (!is_numeric($snaplen) || $snaplen < 0) { $input_errors[] = gettext("Invalid value specified for packet length."); } } if ($count == "") { $count = 0; } else { if (!is_numeric($count) || $count < 0) { $input_errors[] = gettext("Invalid value specified for packet count."); } } if (!count($input_errors)) { $do_tcpdump = true; conf_mount_rw(); if ($_POST['promiscuous']) { //if promiscuous mode is checked $disablepromiscuous = ""; } else { //if promiscuous mode is unchecked $disablepromiscuous = "-p"; } if ($_POST['dnsquery']) { //if dns lookup is checked $disabledns = ""; } else { //if dns lookup is unchecked $disabledns = "-n"; } if ($_POST['startbtn'] != "") { $action = gettext("Start"); //delete previous packet capture if it exists if (file_exists($fp.$fn)) { unlink ($fp.$fn); } } elseif ($_POST['stopbtn'] != "") { $action = gettext("Stop"); $processes_running = trim(shell_exec("/bin/ps axw -O pid= | /usr/bin/grep tcpdump | /usr/bin/grep {$fn} | /usr/bin/egrep -v '(pflog|grep)'")); //explode processes into an array, (delimiter is new line) $processes_running_array = explode("\n", $processes_running); //kill each of the packetcapture processes foreach ($processes_running_array as $process) { $process_id_pos = strpos($process, ' '); $process_id = substr($process, 0, $process_id_pos); exec("kill $process_id"); } } elseif ($_POST['downloadbtn'] != "") { //download file $fs = filesize($fp.$fn); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename=$fn"); header("Content-Length: $fs"); readfile($fp.$fn); exit; } } } else { $do_tcpdump = false; } include("head.inc"); ?>

/>

:









" . gettext("Enter 0 (zero) for no count limit.");?>

" . gettext("Note:") . " " . gettext("This option does not affect the level of detail when downloading the packet capture.");?>
/>

:
   "; } else { echo " "; } if (file_exists($fp.$fn) and $processisrunning != true) { echo " "; echo ""; echo "
" . gettext("The packet capture file was last updated:") . " " . date("F jS, Y g:i:s a.", filemtime($fp.$fn)); } ?>
"; if ($processisrunning == true) { echo("" . gettext("Packet Capture is running.") . "
"); } if ($do_tcpdump) { $matches = array(); if (in_array($fam, $fams)) { $matches[] = $fam; } if (in_array($proto, $protos)) { $matches[] = fixup_not($proto); } if ($port != "") { $matches[] = "port ".fixup_not($port); } if ($host != "") { $hostmatch = ""; $hostcount = 0; foreach ($hosts as $h) { $h = fixup_host($h, $hostcount++); if (!empty($h)) { $hostmatch .= " " . $h; } } if (!empty($hostmatch)) { $matches[] = "({$hostmatch})"; } } if ($count != "0") { $searchcount = "-c " . $count; } else { $searchcount = ""; } $selectedif = convert_friendly_interface_to_real_interface_name($selectedif); if ($action == gettext("Start")) { $matchstr = implode($matches, " and "); echo("" . gettext("Packet Capture is running.") . "
"); $cmd = "/usr/sbin/tcpdump -i {$selectedif} {$disablepromiscuous} {$searchcount} -s {$snaplen} -w {$fp}{$fn} " . escapeshellarg($matchstr); // Debug //echo $cmd; mwexec_bg ($cmd); } else { //action = stop echo("" . gettext("Packet Capture stopped.") . "

" . gettext("Packets Captured:") . "
"); ?>