X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fconnections.cgi;h=d566cf7ebb29b98bcfdb8bdfe38ea7847eae678a;hb=c12392c0ef3aa71cda43fe38cfd22e4afab5cc5e;hp=fbd7fcd7cd5adbd325f20d7330644e97edcf254d;hpb=5122dafe9d1816b3d06135fc14a008f6115d0035;p=people%2Fteissler%2Fipfire-2.x.git

diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
index fbd7fcd7c..d566cf7eb 100644
--- a/html/cgi-bin/connections.cgi
+++ b/html/cgi-bin/connections.cgi
@@ -34,6 +34,31 @@ require "${General::swroot}/header.pl";
 
 my $colour_multicast = "#A0A0A0";
 
+# sort arguments for connection tracking table
+# the sort field. eg. 1=src IP, 2=dst IP, 3=src port, 4=dst port
+my $SORT_FIELD = 0;
+# the sort order. (a)scending orr (d)escending
+my $SORT_ORDER = 0;
+# cgi query arguments
+my %cgiin;
+# debug mode
+my $debug = 0;
+
+# retrieve query arguments
+# note: let a-z A-Z and 0-9 pass as value only
+if (length ($ENV{'QUERY_STRING'}) > 0){
+	my $name;
+	my $value;
+	my $buffer = $ENV{'QUERY_STRING'};
+	my @pairs = split(/&/, $buffer);
+	foreach my $pair (@pairs){
+		($name, $value) = split(/=/, $pair);
+		$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # e.g. "%20" => " "
+		$value =~ s/[^a-zA-Z0-9]*//g; # a-Z 0-9 will pass
+		$cgiin{$name} = $value; 
+	}
+}
+
 &Header::showhttpheaders();
 
 my @network=();
@@ -43,12 +68,40 @@ my @colour=();
 my %netsettings=();
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 
+# output cgi query arrguments to browser on debug
+if ( $debug ){
+	&Header::openbox('100%', 'center', 'DEBUG');
+	my $debugCount = 0;
+	foreach my $line (sort keys %cgiin) {
+		print "$line = '$cgiin{$line}'<br />\n";
+		$debugCount++;
+	}
+	print "&nbsp;Count: $debugCount\n";
+	&Header::closebox();
+}
+
 #workaround to suppress a warning when a variable is used only once
 my @dummy = ( ${Header::table1colour} );
 undef (@dummy);
 
-# Read the connection tracking table.
-open(CONNTRACK, "/usr/local/bin/getconntracktable | sort -k 5,5 --numeric-sort --reverse |") or die "Unable to read conntrack table";
+# check sorting arguments
+if ( $cgiin{'sort_field'} ~~ [ '1','2','3','4','5','6','7','8','9' ] ) {
+	$SORT_FIELD = $cgiin{'sort_field'};
+
+	if ( $cgiin{'sort_order'} ~~ [ 'a','d','A','D' ] ) {
+		$SORT_ORDER = lc($cgiin{'sort_order'});
+	}
+}
+
+# Read and sort the connection tracking table
+# do sorting 
+if ($SORT_FIELD and $SORT_ORDER) { 
+	# field sorting when sorting arguments are sane
+	open(CONNTRACK, "/usr/local/bin/getconntracktable | /usr/local/bin/consort.sh $SORT_FIELD $SORT_ORDER |") or die "Unable to read conntrack table";
+} else {
+	# default sorting with no query arguments
+	open(CONNTRACK, "/usr/local/bin/getconntracktable | sort -k 5,5 --numeric-sort --reverse |") or die "Unable to read conntrack table";
+}
 my @conntrack = <CONNTRACK>;
 close(CONNTRACK);
 
@@ -133,6 +186,11 @@ if ($netsettings{'BLUE_DEV'}) {
 	}
 }
 
+# Add Orange Firewall Interface
+push(@network, $netsettings{'ORANGE_ADDRESS'});
+push(@masklen, "255.255.255.255" );
+push(@colour, ${Header::colourfw} );
+
 # Add Orange Network
 if ($netsettings{'ORANGE_DEV'}) {
 	push(@network, $netsettings{'ORANGE_NETADDRESS'});
@@ -258,21 +316,81 @@ print <<END;
 	<br>
 END
 
+if ($SORT_FIELD and $SORT_ORDER) {
+	my @sort_field_name = (
+		$Lang::tr{'source ip'},
+		$Lang::tr{'destination ip'},
+		$Lang::tr{'source port'},
+		$Lang::tr{'destination port'},
+		$Lang::tr{'protocol'},
+		$Lang::tr{'connection'}.' '.$Lang::tr{'status'},
+		$Lang::tr{'expires'}.' ('.$Lang::tr{'seconds'}.')',
+		$Lang::tr{'download'},
+		$Lang::tr{'upload'}
+	);
+	my $sort_order_name;
+	if (lc($SORT_ORDER) eq "a") {
+		$sort_order_name = $Lang::tr{'sort ascending'};
+	} else {
+		$sort_order_name = $Lang::tr{'sort descending'};
+	}
+
+print <<END
+	<div style="font-weight:bold;margin:10px;font-size: 70%">
+		$sort_order_name: $sort_field_name[$SORT_FIELD-1]
+	</div>
+END
+;
+}
+
 # Print table header.
 print <<END;
 	<table width='100%'>
-		<tr>
+		<tr valign="top"">
 			<th align='center'>
-				$Lang::tr{'protocol'}
+				<a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+			</th>
+			<th align='center' colspan="2">
+				<a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+				&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+				<a href="?sort_field=3&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=3&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+			</th>
+			<th align='center' colspan="2">
+				<a href="?sort_field=2&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=2&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+				&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+				<a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
 			</th>
 			<th align='center'>
-				$Lang::tr{'source ip and port'}
+				<a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+				&nbsp;&nbsp;&nbsp;&nbsp;
+				<a href="?sort_field=9&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=9&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
 			</th>
-			<th>&nbsp;</th>
 			<th align='center'>
+				<a href="?sort_field=6&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=6&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+			</th>
+			<th align='center'>
+				<a href="?sort_field=7&sort_order=d"><img style="width:10px" src="/images/up.gif"></a>
+				<a href="?sort_field=7&sort_order=a"><img style="width:10px" src="/images/down.gif"></a>
+			</th>
+		</tr>
+		<tr valign="top"">
+			<th align='center'>
+				$Lang::tr{'protocol'}
+			</th>
+			<th align='center' colspan="2">
+				$Lang::tr{'source ip and port'}
+			</th>
+			<th align='center' colspan="2">
 				$Lang::tr{'dest ip and port'}
 			</th>
-			<th>&nbsp;</th>
 			<th align='center'>
 				$Lang::tr{'download'} /
 				<br>$Lang::tr{'upload'}
@@ -326,9 +444,13 @@ foreach my $line (@conntrack) {
 
 	# Source and destination.
 	my $sip;
+	my $sip_ret;
 	my $dip;
+	my $dip_ret;
 	my $sport;
+	my $sport_ret;
 	my $dport;
+	my $dport_ret;
 	my @packets;
 	my @bytes;
 
@@ -344,16 +466,32 @@ foreach my $line (@conntrack) {
 
 		switch ($key) {
 			case "src" {
-				$sip = $val;
+				if ($sip == "") {
+					$sip = $val;
+				} else {
+					$dip_ret = $val;
+				}
 			}
 			case "dst" {
-				$dip = $val;
+				if ($dip == "") {
+					$dip = $val;
+				} else {
+					$sip_ret = $val;
+				}
 			}
 			case "sport" {
-				$sport = $val;
+				if ($sport == "") {
+					$sport = $val;
+				} else {
+					$dport_ret = $val;
+				}
 			}
 			case "dport" {
-				$dport = $val;
+				if ($dport == "") {
+					$dport = $val;
+				} else {
+					$sport_ret = $val;
+				}
 			}
 			case "packets" {
 				push(@packets, $val);
@@ -370,17 +508,11 @@ foreach my $line (@conntrack) {
 	my $sserv = '';
 	if ($sport < 1024) {
 		$sserv = uc(getservbyport($sport, lc($l4proto)));
-		if ($sserv ne '') {
-			$sserv = "&nbsp;($sserv)";
-		}
 	}
 
 	my $dserv = '';
 	if ($dport < 1024) {
 		$dserv = uc(getservbyport($dport, lc($l4proto)));
-		if ($dserv ne '') {
-			$dserv = "&nbsp;($dserv)";
-		}
 	}
 
 	my $bytes_in = format_bytes($bytes[0]);
@@ -389,6 +521,49 @@ foreach my $line (@conntrack) {
 	# Format TTL
 	$ttl = format_time($ttl);
 
+	my $sip_extra;
+	if ($sip ne $sip_ret) {
+		$sip_extra = "<font color='#FFFFFF'>&gt;</font> ";
+		$sip_extra .= "<a href='/cgi-bin/ipinfo.cgi?ip=$sip_ret'>";
+		$sip_extra .= "	<font color='#FFFFFF'>$sip_ret</font>";
+		$sip_extra .= "</a>";
+	}
+
+	my $dip_extra;
+	if ($dip ne $dip_ret) {
+		$dip_extra = "<font color='#FFFFFF'>&gt;</font> ";
+		$dip_extra .= "<a href='/cgi-bin/ipinfo.cgi?ip=$dip_ret'>";
+		$dip_extra .= " <font color='#FFFFFF'>$dip_ret</font>";
+		$dip_extra .= "</a>";
+	}
+
+
+	my $sport_extra;
+	if ($sport ne $sport_ret) {
+		my $sserv_ret = '';
+		if ($sport_ret < 1024) {
+			$sserv_ret = uc(getservbyport($sport_ret, lc($l4proto)));
+		}
+
+		$sport_extra = "<font color='#FFFFFF'>&gt;</font> ";
+		$sport_extra .= "<a href='http://isc.sans.org/port_details.php?port=$sport_ret' target='top' title='$sserv_ret'>";
+		$sport_extra .= " <font color='#FFFFFF'>$sport_ret</font>";
+		$sport_extra .= "</a>";
+	}
+
+	my $dport_extra;
+	if ($dport ne $dport_ret) {
+		my $dserv_ret = '';
+		if ($dport_ret < 1024) {
+			$dserv_ret = uc(getservbyport($dport_ret, lc($l4proto)));
+		}
+
+		$dport_extra = "<font color='#FFFFFF'>&gt;</font> ";
+		$dport_extra .= "<a href='http://isc.sans.org/port_details.php?port=$dport_ret' target='top' title='$dserv_ret'>";
+		$dport_extra .= " <font color='#FFFFFF'>$dport_ret</font>";
+		$dport_extra .= "</a>";
+	}
+
 	print <<END;
 	<tr>
 		<td align='center'>$l4proto</td>
@@ -396,21 +571,25 @@ foreach my $line (@conntrack) {
 			<a href='/cgi-bin/ipinfo.cgi?ip=$sip'>
 				<font color='#FFFFFF'>$sip</font>
 			</a>
+			$sip_extra
 		</td>
 		<td align='center' bgcolor='$sip_colour'>
-			<a href='http://isc.sans.org/port_details.php?port=$sport' target='top'>
-				<font color='#FFFFFF'>$sport$sserv</font>
+			<a href='http://isc.sans.org/port_details.php?port=$sport' target='top' title='$sserv'>
+				<font color='#FFFFFF'>$sport</font>
 			</a>
+			$sport_extra
 		</td>
 		<td align='center' bgcolor='$dip_colour'>
 			<a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
 				<font color='#FFFFFF'>$dip</font>
 			</a>
+			$dip_extra
 		</td>
 		<td align='center' bgcolor='$dip_colour'>
-			<a href='http://isc.sans.org/port_details.php?port=$dport' target='top'>
-				<font color='#FFFFFF'>$dport$dserv</font>
+			<a href='http://isc.sans.org/port_details.php?port=$dport' target='top' title='$dserv'>
+				<font color='#FFFFFF'>$dport</font>
 			</a>
+			$dport_extra
 		</td>
 		<td align='center'>
 			$bytes_in / $bytes_out