本文整理汇总了PHP中get_real_interface函数的典型用法代码示例。如果您正苦于以下问题:PHP get_real_interface函数的具体用法?PHP get_real_interface怎么用?PHP get_real_interface使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了get_real_interface函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: available_interfaces
/**
* list available interfaces for lagg
* @param null $selected_id selected item index
* @return array
*/
function available_interfaces($selected_id = null)
{
global $config;
// configured interfaces
$configured_interfaces = array();
foreach (get_configured_interface_list(false, true) as $intf) {
$configured_interfaces[] = get_real_interface($intf);
}
// lagg members from other lagg interfaces
$lagg_member_interfaces = array();
foreach ($config['laggs']['lagg'] as $lagg_idx => $lagg) {
if ($lagg_idx == $selected_id) {
continue;
}
foreach (explode(",", $lagg['members']) as $lagg_member) {
$lagg_member_interfaces[] = get_real_interface($lagg_member);
}
}
$interfaces = array();
foreach (get_interface_list() as $intf => $intf_info) {
if (strpos($intf, '_vlan')) {
// skip vlans
continue;
} elseif (in_array($intf, $lagg_member_interfaces)) {
// skip members of other lagg interfaces
continue;
} elseif (in_array($intf, $configured_interfaces)) {
// skip configured interfaces
continue;
}
$interfaces[$intf] = $intf_info;
}
return $interfaces;
}
开发者ID:8191,项目名称:opnsense-core,代码行数:39,代码来源:interfaces_lagg_edit.php
示例2: find_ip_interface
function find_ip_interface($ip, $bits = null)
{
if (!is_ipaddr($ip)) {
return false;
}
$isv6ip = is_ipaddrv6($ip);
/* if list */
$ifdescrs = get_configured_interface_list();
foreach ($ifdescrs as $ifdescr => $ifname) {
$ifip = $isv6ip ? get_interface_ipv6($ifname) : get_interface_ip($ifname);
if (is_null($ifip)) {
continue;
}
if (is_null($bits)) {
if ($ip == $ifip) {
$int = get_real_interface($ifname);
return $int;
}
} else {
if (ip_in_subnet($ifip, $ip . "/" . $bits)) {
$int = get_real_interface($ifname);
return $int;
}
}
}
return false;
}
开发者ID:noikiy,项目名称:core-2,代码行数:27,代码来源:wizard.php
示例3: get_interface_rates
function get_interface_rates($iface, &$inKbps, &$outKbps)
{
$realif = get_real_interface($iface);
$ifinfo1 = pfSense_get_interface_stats($realif);
$tmrStart = microtime(true);
usleep(100000);
$ifinfo2 = pfSense_get_interface_stats($realif);
$totTime = microtime(true) - $tmrStart;
$inKbps = abs($ifinfo2['inbytes'] - $ifinfo1['inbytes']) * (1 / $totTime) / 1000 * 8;
$outKbps = abs($ifinfo2['outbytes'] - $ifinfo1['outbytes']) * (1 / $totTime) / 1000 * 8;
}
开发者ID:alexpmorris,项目名称:pfsense-status-gateways-json,代码行数:11,代码来源:status_gateways_json.php
示例4: get_wireless_channel_info
function get_wireless_channel_info($interface)
{
$wireless_channels = array();
$cloned_interface = get_real_interface($interface);
if ($cloned_interface && is_interface_wireless($cloned_interface)) {
$chan_list = "/sbin/ifconfig {$cloned_interface} list txpower";
$stack_list = "/usr/bin/awk -F\"Channel \" '{ gsub(/\\*/, \" \"); print \$2 \"\\\n\" \$3 }'";
$format_list = "/usr/bin/awk '{print \$1 \",\" \$3 \" \" \$4 \",\" \$5 \",\" \$7}'";
$interface_channels = "";
exec("{$chan_list} | {$stack_list} | sort -u | {$format_list} 2>&1", $interface_channels);
foreach ($interface_channels as $channel_line) {
$channel_line = explode(",", $channel_line);
if (!isset($wireless_channels[$channel_line[0]])) {
$wireless_channels[$channel_line[0]] = $channel_line;
}
}
}
return $wireless_channels;
}
开发者ID:paudam,项目名称:opnsense-core,代码行数:19,代码来源:interfaces.php
示例5: array
/* define servers and ports snortdefservers */
$snort_servers = array("dns_servers" => "\$HOME_NET", "smtp_servers" => "\$HOME_NET", "http_servers" => "\$HOME_NET", "www_servers" => "\$HOME_NET", "sql_servers" => "\$HOME_NET", "telnet_servers" => "\$HOME_NET", "snmp_servers" => "\$HOME_NET", "ftp_servers" => "\$HOME_NET", "ssh_servers" => "\$HOME_NET", "pop_servers" => "\$HOME_NET", "imap_servers" => "\$HOME_NET", "sip_proxy_ip" => "\$HOME_NET", "sip_servers" => "\$HOME_NET", "rpc_servers" => "\$HOME_NET", "dnp3_server" => "\$HOME_NET", "dnp3_client" => "\$HOME_NET", "modbus_server" => "\$HOME_NET", "modbus_client" => "\$HOME_NET", "enip_server" => "\$HOME_NET", "enip_client" => "\$HOME_NET", "aim_servers" => "64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24");
/* if user has defined a custom ssh port, use it */
if (is_array($config['system']['ssh']) && isset($config['system']['ssh']['port'])) {
$ssh_port = $config['system']['ssh']['port'];
} else {
$ssh_port = "22";
}
$snort_ports = array("dns_ports" => "53", "smtp_ports" => "25", "mail_ports" => "25,465,587,691", "http_ports" => "36,80,81,82,83,84,85,86,87,88,89,90,311,383,591,593,631,901,1220,1414,1533,1741,1830,2301,2381,2809,3037,3057,3128,3443,3702,4343,4848,5250,6080,6988,7000,7001,7144,7145,7510,7777,7779,8000,8008,8014,8028,8080,8081,8082,8085,8088,8090,8118,8123,8180,8181,8222,8243,8280,8300,8500,8800,8888,8899,9000,9060,9080,9090,9091,9443,9999,10000,11371,15489,29991,33300,34412,34443,34444,41080,44440,50000,50002,51423,55555,56712", "oracle_ports" => "1024:", "mssql_ports" => "1433", "telnet_ports" => "23", "snmp_ports" => "161", "ftp_ports" => "21,2100,3535", "ssh_ports" => $ssh_port, "pop2_ports" => "109", "pop3_ports" => "110", "imap_ports" => "143", "sip_proxy_ports" => "5060:5090,16384:32768", "sip_ports" => "5060,5061,5600", "auth_ports" => "113", "finger_ports" => "79", "irc_ports" => "6665,6666,6667,6668,6669,7000", "smb_ports" => "139,445", "nntp_ports" => "119", "rlogin_ports" => "513", "rsh_ports" => "514", "ssl_ports" => "443,465,563,636,989,992,993,994,995,7801,7802,7900,7901,7902,7903,7904,7905,7906,7907,7908,7909,7910,7911,7912,7913,7914,7915,7916,7917,7918,7919,7920", "file_data_ports" => "\$HTTP_PORTS,110,143", "shellcode_ports" => "!80", "sun_rpc_ports" => "111,32770,32771,32772,32773,32774,32775,32776,32777,32778,32779", "DCERPC_NCACN_IP_TCP" => "139,445", "DCERPC_NCADG_IP_UDP" => "138,1024:", "DCERPC_NCACN_IP_LONG" => "135,139,445,593,1024:", "DCERPC_NCACN_UDP_LONG" => "135,1024:", "DCERPC_NCACN_UDP_SHORT" => "135,593,1024:", "DCERPC_NCACN_TCP" => "2103,2105,2107", "DCERPC_BRIGHTSTORE" => "6503,6504", "DNP3_PORTS" => "20000", "MODBUS_PORTS" => "502", "GTP_PORTS" => "2123,2152,3386");
// Sort our SERVERS and PORTS arrays to make values
// easier to locate for the user.
ksort($snort_servers);
ksort($snort_ports);
$pconfig = $a_nat[$id];
/* convert fake interfaces to real */
$if_real = get_real_interface($pconfig['interface']);
$snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid'];
if ($_POST['save']) {
$natent = array();
$natent = $pconfig;
foreach ($snort_servers as $key => $server) {
if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"])) {
$input_errors[] = "Only aliases are allowed";
}
}
foreach ($snort_ports as $key => $server) {
if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"])) {
$input_errors[] = "Only aliases are allowed";
}
}
/* if no errors write to conf */
开发者ID:schinken,项目名称:pfsense-packages,代码行数:31,代码来源:snort_define_servers.php
示例6: array
?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
$tab_array = array();
foreach ($ciflist as $interface => $ifdescr) {
if (is_interface_wireless(get_real_interface($interface))) {
$enabled = false;
if ($if == $interface) {
$enabled = true;
}
$tab_array[] = array(gettext("Status") . " ({$ifdescr})", $enabled, "status_wireless.php?if={$interface}");
}
}
$rwlif = get_real_interface($if);
if ($_POST['rescanwifi'] != "") {
mwexec_bg("/sbin/ifconfig {$rwlif} scan 2>&1");
$savemsg = gettext("Rescan has been initiated in the background. Refresh this page in 10 seconds to see the results.");
}
if ($savemsg) {
print_info_box($savemsg);
}
display_top_tabs($tab_array);
?>
</td></tr>
<tr><td>
<div id="mainarea" class="tabcont">
<input type="hidden" name="if" id="if" value="<?php
echo htmlspecialchars($if);
?>
开发者ID:mtisza,项目名称:pfsense,代码行数:31,代码来源:status_wireless.php
示例7: snort_widget_get_alerts
function snort_widget_get_alerts()
{
global $config, $a_instance, $snort_nentries;
$snort_alerts = array();
/* read log file(s) */
$counter = 0;
foreach ($a_instance as $instanceid => $instance) {
$snort_uuid = $a_instance[$instanceid]['uuid'];
$if_real = get_real_interface($a_instance[$instanceid]['interface']);
/* make sure alert file exists, then "tail" the last '$snort_nentries' from it */
if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
exec("tail -{$snort_nentries} -r /var/log/snort/snort_{$if_real}{$snort_uuid}/alert > /tmp/alert_snort{$snort_uuid}");
if (file_exists("/tmp/alert_snort{$snort_uuid}")) {
/* 0 1 2 3 4 5 6 7 8 9 10 11 12 */
/* File format: timestamp,generator_id,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */
if (!($fd = fopen("/tmp/alert_snort{$snort_uuid}", "r"))) {
log_error(gettext("[Snort Widget] Failed to open file /tmp/alert_snort{$snort_uuid}"));
continue;
}
while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) {
if (count($fields) < 13) {
continue;
}
// Get the Snort interface this alert was received from
$snort_alerts[$counter]['instanceid'] = strtoupper($a_instance[$instanceid]['interface']);
// "fields[0]" is the complete timestamp in ASCII form. Convert
// to a UNIX timestamp so we can use it for various date and
// time formatting. Also extract the MM/DD/YY component and
// reverse its order to YY/MM/DD for proper sorting.
$fields[0] = trim($fields[0]);
// remove trailing space before comma delimiter
$tstamp = strtotime(str_replace("-", " ", $fields[0]));
// remove "-" between date and time components
$tmp = substr($fields[0], 6, 2) . '/' . substr($fields[0], 0, 2) . '/' . substr($fields[0], 3, 2);
$snort_alerts[$counter]['timestamp'] = str_replace(substr($fields[0], 0, 8), $tmp, $fields[0]);
$snort_alerts[$counter]['timeonly'] = date("H:i:s", $tstamp);
$snort_alerts[$counter]['dateonly'] = date("M d", $tstamp);
// Add square brackets around any any IPv6 address
if (strpos($fields[6], ":") === FALSE) {
$snort_alerts[$counter]['src'] = trim($fields[6]);
} else {
$snort_alerts[$counter]['src'] = "[" . trim($fields[6]) . "]";
}
// Add the SRC PORT if not null
if (!empty($fields[7])) {
$snort_alerts[$counter]['src'] .= ":" . trim($fields[7]);
}
// Add square brackets around any any IPv6 address
if (strpos($fields[8], ":") === FALSE) {
$snort_alerts[$counter]['dst'] = trim($fields[8]);
} else {
$snort_alerts[$counter]['dst'] = "[" . trim($fields[8]) . "]";
}
// Add the DST PORT if not null
if (!empty($fields[9])) {
$snort_alerts[$counter]['dst'] .= ":" . trim($fields[9]);
}
$snort_alerts[$counter]['msg'] = trim($fields[4]);
$counter++;
}
fclose($fd);
@unlink("/tmp/alert_snort{$snort_uuid}");
}
}
}
/* sort the alerts array */
if (isset($config['syslog']['reverse'])) {
sksort($snort_alerts, 'timestamp', false);
} else {
sksort($snort_alerts, 'timestamp', true);
}
return $snort_alerts;
}
开发者ID:LFCavalcanti,项目名称:pfsense-packages,代码行数:73,代码来源:snort_alerts.widget.php
示例8: gettext
if (isset($delbtn)) {
$id = $delbtn;
if (link_interface_to_group($id)) {
$input_errors[] = gettext("The interface is part of a group. Please remove it from the group to continue");
} else {
if (link_interface_to_bridge($id)) {
$input_errors[] = gettext("The interface is part of a bridge. Please remove it from the bridge to continue");
} else {
if (link_interface_to_gre($id)) {
$input_errors[] = gettext("The interface is part of a gre tunnel. Please delete the tunnel to continue");
} else {
if (link_interface_to_gif($id)) {
$input_errors[] = gettext("The interface is part of a gif tunnel. Please delete the tunnel to continue");
} else {
unset($config['interfaces'][$id]['enable']);
$realid = get_real_interface($id);
interface_bring_down($id);
/* down the interface */
unset($config['interfaces'][$id]);
/* delete the specified OPTn or LAN*/
if (is_array($config['dhcpd']) && is_array($config['dhcpd'][$id])) {
unset($config['dhcpd'][$id]);
services_dhcpd_configure();
}
if (count($config['filter']['rule']) > 0) {
foreach ($config['filter']['rule'] as $x => $rule) {
if ($rule['interface'] == $id) {
unset($config['filter']['rule'][$x]);
}
}
}
开发者ID:michaeleino,项目名称:pfsense,代码行数:31,代码来源:interfaces_assign.php
示例9: header
##|*DESCR=Allow access to the 'Diagnostics: Interface Traffic' page.
##|*MATCH=graph.php*
##|-PRIV
require "globals.inc";
require "guiconfig.inc";
header("Last-Modified: " . gmdate("D, j M Y H:i:s") . " GMT");
header("Expires: " . gmdate("D, j M Y H:i:s", time()) . " GMT");
header("Cache-Control: no-cache, no-store, must-revalidate");
// HTTP/1.1
header("Pragma: no-cache");
// HTTP/1.0
header("Content-type: image/svg+xml");
/********** HTTP GET Based Conf ***********/
$ifnum = @$_GET["ifnum"];
// BSD / SNMP interface name / number
$ifnum = get_real_interface($ifnum);
$ifname = @$_GET["ifname"] ? $_GET["ifname"] : "Interface {$ifnum}";
//Interface name that will be showed on top right of graph
/********* Other conf *******/
if (isset($config["widgets"]["trafficgraphs"]["scale_type"])) {
$scale_type = $config["widgets"]["trafficgraphs"]["scale_type"];
} else {
$scale_type = "up";
}
$nb_plot = 120;
//NB plot in graph
if ($_GET["timeint"]) {
$time_interval = $_GET["timeint"];
//Refresh time Interval
} else {
$time_interval = 3;
开发者ID:michaeleino,项目名称:pfsense,代码行数:31,代码来源:graph.php
示例10: foreach
}
if (file_exists("{$tmpfname}/{$prefix}gen-msg.map")) {
@copy("{$tmpfname}/{$prefix}gen-msg.map", "{$suricatadir}gen-msg.map");
}
/* Start the rules rebuild proccess for each configured interface */
if (is_array($config['installedpackages']['suricata']['rule']) && count($config['installedpackages']['suricata']['rule']) > 0) {
/* Set the flag to force rule rebuilds since we downloaded new rules, */
/* except when in post-install mode. Post-install does its own rebuild. */
if ($g['suricata_postinstall']) {
$rebuild_rules = false;
} else {
$rebuild_rules = true;
}
/* Create configuration for each active Suricata interface */
foreach ($config['installedpackages']['suricata']['rule'] as $value) {
$if_real = get_real_interface($value['interface']);
// Make sure the interface subdirectory exists. We need to re-create
// it during a pkg reinstall on the intial rules set download.
if (!is_dir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}")) {
safe_mkdir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}");
}
if (!is_dir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}/rules")) {
safe_mkdir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}/rules");
}
$tmp = "Updating rules configuration for: " . convert_friendly_interface_to_friendly_descr($value['interface']) . " ...";
if ($pkg_interface != "console") {
update_status(gettext($tmp));
update_output_window(gettext("Please wait while Suricata interface files are being updated..."));
}
suricata_apply_customizations($value, $if_real);
$tmp = "\t" . $tmp . "\n";
开发者ID:randyqx,项目名称:pfsense-packages,代码行数:31,代码来源:suricata_check_for_rule_updates.php
示例11: elseif
}
$a_nat =& $config['installedpackages']['suricata']['rule'];
if (isset($_POST['id']) && is_numericint($_POST['id'])) {
$id = $_POST['id'];
} elseif (isset($_GET['id']) && is_numericint($_GET['id'])) {
$id = htmlspecialchars($_GET['id']);
}
if (is_null($id)) {
$id = 0;
}
if (isset($id) && $a_nat[$id]) {
$pconfig['autoflowbits'] = $a_nat[$id]['autoflowbitrules'];
$pconfig['ips_policy_enable'] = $a_nat[$id]['ips_policy_enable'];
$pconfig['ips_policy'] = $a_nat[$id]['ips_policy'];
}
$if_real = get_real_interface($a_nat[$id]['interface']);
$suricata_uuid = $a_nat[$id]['uuid'];
$snortdownload = $config['installedpackages']['suricata']['config'][0]['enable_vrt_rules'] == 'on' ? 'on' : 'off';
$emergingdownload = $config['installedpackages']['suricata']['config'][0]['enable_etopen_rules'] == 'on' ? 'on' : 'off';
$etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules'] == 'on' ? 'on' : 'off';
$snortcommunitydownload = $config['installedpackages']['suricata']['config'][0]['snortcommunityrules'] == 'on' ? 'on' : 'off';
$no_emerging_files = false;
$no_snort_files = false;
$enabled_rulesets_array = explode("||", $a_nat[$id]['rulesets']);
/* Test rule categories currently downloaded to $SURICATADIR/rules and set appropriate flags */
if ($emergingdownload == 'on') {
$test = glob("{$suricatadir}rules/" . ET_OPEN_FILE_PREFIX . "*.rules");
$et_type = "ET Open";
} elseif ($etpro == 'on') {
$test = glob("{$suricatadir}rules/" . ET_PRO_FILE_PREFIX . "*.rules");
$et_type = "ET Pro";
开发者ID:reimht,项目名称:pfsense-packages,代码行数:31,代码来源:suricata_rulesets.php
示例12: base64_encode
$newcp['timeout'] = 60;
/* file upload? */
if (is_uploaded_file($_FILES['htmlfile']['tmp_name'])) {
$newcp['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
}
if (is_uploaded_file($_FILES['errfile']['tmp_name'])) {
$newcp['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
}
if (is_uploaded_file($_FILES['logoutfile']['tmp_name'])) {
$newcp['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name']));
}
write_config();
if (!empty($oldifaces) && $oldifaces != $newcp['interface']) {
$ocpinterfaces = explode(",", $oldifaces);
foreach ($ocpinterfaces as $cpifgrp) {
$listrealif = get_real_interface($cpifgrp);
if (does_interface_exist($listrealif)) {
pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER);
$carpif = link_ip_to_carp_interface(find_interface_ip($listrealif));
if (!empty($carpif)) {
$carpsif = explode(" ", $carpif);
foreach ($carpsif as $cpcarp) {
pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER);
}
}
}
}
}
captiveportal_configure_zone($newcp);
filter_configure();
header("Location: services_captiveportal_zones.php");
开发者ID:rdmenezes,项目名称:pfsense,代码行数:31,代码来源:services_captiveportal.php
示例13: elseif
return true;
}
if (isset($_POST['instance']) && is_numericint($_POST['instance'])) {
$instanceid = $_POST['instance'];
} elseif (isset($_GET['instance']) && is_numericint($_GET['instance'])) {
$instanceid = $_GET['instance'];
}
if (is_null($instanceid)) {
$instanceid = 0;
}
if (!is_array($config['installedpackages']['suricata']['rule'])) {
$config['installedpackages']['suricata']['rule'] = array();
}
$a_instance =& $config['installedpackages']['suricata']['rule'];
$suricata_uuid = $a_instance[$instanceid]['uuid'];
$if_real = get_real_interface($a_instance[$instanceid]['interface']);
$suricatalogdir = SURICATALOGDIR;
// Load up the arrays of force-enabled and force-disabled SIDs
$enablesid = suricata_load_sid_mods($a_instance[$instanceid]['rule_sid_on']);
$disablesid = suricata_load_sid_mods($a_instance[$instanceid]['rule_sid_off']);
$pconfig = array();
if (is_array($config['installedpackages']['suricata']['alertsblocks'])) {
$pconfig['arefresh'] = $config['installedpackages']['suricata']['alertsblocks']['arefresh'];
$pconfig['alertnumber'] = $config['installedpackages']['suricata']['alertsblocks']['alertnumber'];
}
if (empty($pconfig['alertnumber'])) {
$pconfig['alertnumber'] = '250';
}
if (empty($pconfig['arefresh'])) {
$pconfig['arefresh'] = 'off';
}
开发者ID:MarkVLK,项目名称:pfsense-packages,代码行数:31,代码来源:suricata_alerts.php
示例14: base64_encode
}
if ($_POST['configpassthru']) {
$natent['configpassthru'] = base64_encode(str_replace("\r\n", "\n", $_POST['configpassthru']));
} else {
unset($natent['configpassthru']);
}
// Check if EVE OUTPUT TYPE is 'syslog' and auto-enable Suricata syslog output if true.
if ($natent['eve_output_type'] == "syslog" && $natent['alertsystemlog'] == "off") {
$natent['alertsystemlog'] = "on";
$savemsg = gettext("EVE Output to syslog requires Suricata alerts to be copied to the system log, so 'Send Alerts to System Log' has been auto-enabled.");
}
$if_real = get_real_interface($natent['interface']);
if (isset($id) && $a_rule[$id] && $action == '') {
// See if moving an existing Suricata instance to another physical interface
if ($natent['interface'] != $a_rule[$id]['interface']) {
$oif_real = get_real_interface($a_rule[$id]['interface']);
if (suricata_is_running($a_rule[$id]['uuid'], $oif_real)) {
suricata_stop($a_rule[$id], $oif_real);
$suricata_start = true;
} else {
$suricata_start = false;
}
@rename("{$suricatalogdir}suricata_{$oif_real}{$a_rule[$id]['uuid']}", "{$suricatalogdir}suricata_{$if_real}{$a_rule[$id]['uuid']}");
conf_mount_rw();
@rename("{$suricatadir}suricata_{$a_rule[$id]['uuid']}_{$oif_real}", "{$suricatadir}suricata_{$a_rule[$id]['uuid']}_{$if_real}");
conf_mount_ro();
}
$a_rule[$id] = $natent;
} elseif (strcasecmp($action, 'dup') == 0) {
// Duplicating an existing interface to a new interface, so set flag to build new rules
$rebuild_rules = true;
开发者ID:randyqx,项目名称:pfsense-packages,代码行数:31,代码来源:suricata_interfaces_edit.php
示例15: restore_config_section_xmlrpc
//.........这里部分代码省略.........
$oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['interface'] = $vip['interface'];
$oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['subnet'] = $vip['subnet'];
} else {
if ($vip['mode'] == "ipalias" && (substr($vip['interface'], 0, 4) == '_vip' || strpos($vip['interface'], "lo0"))) {
$oldvips[$vip['subnet']]['content'] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}";
$oldvips[$vip['subnet']]['interface'] = $vip['interface'];
$oldvips[$vip['subnet']]['subnet'] = $vip['subnet'];
} else {
if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !(substr($vip['interface'], 0, 4) == '_vip') || strpos($vip['interface'], "lo0")) {
$vipbackup[] = $vip;
}
}
}
}
}
}
// For vip section, first keep items sent from the master
$config = array_merge_recursive_unique($config, $params[0]);
/* Then add ipalias and proxyarp types already defined on the backup */
if (is_array($vipbackup) && !empty($vipbackup)) {
if (!is_array($config['virtualip'])) {
$config['virtualip'] = array();
}
if (!is_array($config['virtualip']['vip'])) {
$config['virtualip']['vip'] = array();
}
foreach ($vipbackup as $vip) {
array_unshift($config['virtualip']['vip'], $vip);
}
}
/* Log what happened */
$mergedkeys = implode(",", array_merge(array_keys($params[0]), $sync_full_done));
write_config(sprintf(gettext("Merged in config (%s sections) from XMLRPC client."), $mergedkeys));
/*
* The real work on handling the vips specially
* This is a copy of intefaces_vips_configure with addition of not reloading existing/not changed carps
*/
if (isset($params[0]['virtualip']) && is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) {
$carp_setuped = false;
$anyproxyarp = false;
foreach ($config['virtualip']['vip'] as $vip) {
if ($vip['mode'] == "carp" && isset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"])) {
if ($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['content'] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") {
if (does_vip_exist($vip)) {
unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]);
continue;
// Skip reconfiguring this vips since nothing has changed.
}
}
} else {
if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip") && isset($oldvips[$vip['subnet']])) {
if ($oldvips[$vip['subnet']]['content'] == "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") {
if (does_vip_exist($vip)) {
unset($oldvips[$vip['subnet']]);
continue;
// Skip reconfiguring this vips since nothing has changed.
}
}
unset($oldvips[$vip['subnet']]);
}
}
switch ($vip['mode']) {
case "proxyarp":
$anyproxyarp = true;
break;
case "ipalias":
interface_ipalias_configure($vip);
break;
case "carp":
if ($carp_setuped == false) {
$carp_setuped = true;
}
interface_carp_configure($vip);
break;
}
}
/* Cleanup remaining old carps */
foreach ($oldvips as $oldvipar) {
$oldvipif = get_real_interface($oldvipar['interface']);
if (!empty($oldvipif)) {
if (is_ipaddrv6($oldvipar['subnet'])) {
mwexec("/sbin/ifconfig " . escapeshellarg($oldvipif) . " inet6 " . escapeshellarg($oldvipar['subnet']) . " delete");
} else {
pfSense_interface_deladdress($oldvipif, $oldvipar['subnet']);
}
}
}
if ($carp_setuped == true) {
interfaces_sync_setup();
}
if ($anyproxyarp == true) {
interface_proxyarp_configure();
}
}
if ($old_ipsec_enabled !== ipsec_enabled()) {
vpn_ipsec_configure();
}
unset($old_config);
return $xmlrpc_g['return']['true'];
}
开发者ID:michaeleino,项目名称:pfsense,代码行数:101,代码来源:xmlrpc.php
示例16: suricata_widget_get_alerts
function suricata_widget_get_alerts()
{
global $config, $a_instance, $suri_nentries;
$suricata_alerts = array();
/* read log file(s) */
$counter = 0;
foreach ($a_instance as $instanceid => $instance) {
$suricata_uuid = $a_instance[$instanceid]['uuid'];
$if_real = get_real_interface($a_instance[$instanceid]['interface']);
// make sure alert file exists, then grab the most recent {$suri_nentries} from it
// and write them to a temp file.
if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.log")) {
exec("tail -{$suri_nentries} -r /var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.log > /tmp/surialerts_{$suricata_uuid}");
if (file_exists("/tmp/surialerts_{$suricata_uuid}")) {
/*************** FORMAT without CSV patch -- ALERT -- ***********************************************************************************/
/* Line format: timestamp action[**] [gid:sid:rev] msg [**] [Classification: class] [Priority: pri] {proto} src:srcport -> dst:dstport */
/* 0 1 2 3 4 5 6 7 8 9 10 11 12 */
/****************************************************************************************************************************************/
/**************** FORMAT without CSV patch -- DECODER EVENT -- **************************************************************************/
/* Line format: timestamp action[**] [gid:sid:rev] msg [**] [Classification: class] [Priority: pri] [**] [Raw pkt: ...] */
/* 0 1 2 3 4 5 6 7 */
/************** *************************************************************************************************************************/
if (!($fd = fopen("/tmp/surialerts_{$suricata_uuid}", "r"))) {
log_error(gettext("[Suricata Widget] Failed to open file /tmp/surialerts_{$suricata_uuid}"));
continue;
}
$buf = "";
while (($buf = fgets($fd)) !== FALSE) {
$fields = array();
$tmp = array();
// Parse alert log entry to find the parts we want to display
$fields[0] = substr($buf, 0, strpos($buf, ' '));
// The regular expression match below returns an array as follows:
// [2] => GID, [3] => SID, [4] => REV, [5] => MSG, [6] => CLASSIFICATION, [7] = PRIORITY
preg_match('/\\[\\*{2}\\]\\s\\[((\\d+):(\\d+):(\\d+))\\]\\s(.*)\\[\\*{2}\\]\\s\\[Classification:\\s(.*)\\]\\s\\[Priority:\\s(\\d+)\\]\\s/', $buf, $tmp);
$fields['gid'] = trim($tmp[2]);
$fields['sid'] = trim($tmp[3]);
$fields['rev'] = trim($tmp[4]);
$fields['msg'] = trim($tmp[5]);
$fields['class'] = trim($tmp[6]);
$fields['priority'] = trim($tmp[7]);
// The regular expression match below looks for the PROTO, SRC and DST fields
// and returns an array as follows:
// [1] = PROTO, [2] => SRC:SPORT [3] => DST:DPORT
if (preg_match('/\\{(.*)\\}\\s(.*)\\s->\\s(.*)/', $buf, $tmp)) {
// Get SRC
$fields['src'] = trim(substr($tmp[2], 0, strrpos($tmp[2], ':')));
if (is_ipaddrv6($fields['src'])) {
$fields['src'] = inet_ntop(inet_pton($fields['src']));
}
// Get SPORT
$fields['sport'] = trim(substr($tmp[2], strrpos($tmp[2], ':') + 1));
// Get DST
$fields['dst'] = trim(substr($tmp[3], 0, strrpos($tmp[3], ':')));
if (is_ipaddrv6($fields['dst'])) {
$fields['dst'] = inet_ntop(inet_pton($fields['dst']));
}
// Get DPORT
$fields['dport'] = trim(substr($tmp[3], strrpos($tmp[3], ':') + 1));
} else {
// If no PROTO and IP ADDR, then this is a DECODER EVENT
$fields['src'] = gettext("Decoder Event");
$fields['sport'] = "";
$fields['dst'] = "";
$fields['dport'] = "";
}
// Create a DateTime object from the event timestamp that
// we can use to easily manipulate output formats.
$event_tm = date_create_from_format("m/d/Y-H:i:s.u", $fields[0]);
// Check the 'CATEGORY' field for the text "(null)" and
// substitute "No classtype defined".
if ($fields['class'] == "(null)") {
$fields['class'] = "No classtype assigned";
}
$suricata_alerts[$counter]['instanceid'] = strtoupper(convert_friendly_interface_to_friendly_descr($a_instance[$instanceid]['interface']));
$suricata_alerts[$counter]['timestamp'] = strval(date_timestamp_get($event_tm));
$suricata_alerts[$counter]['timeonly'] = date_format($event_tm, "H:i:s");
$suricata_alerts[$counter]['dateonly'] = date_format($event_tm, "M d");
$suricata_alerts[$counter]['msg'] = $fields['msg'];
// Add square brackets around any IPv6 address
if (is_ipaddrv6($fields['src'])) {
$suricata_alerts[$counter]['src'] = "[" . $fields['src'] . "]";
} else {
$suricata_alerts[$counter]['src'] = $fields['src'];
}
// Add the SRC PORT if not null
if (!empty($fields['sport']) || $fields['sport'] == '0') {
$suricata_alerts[$counter]['src'] .= ":" . $fields['sport'];
}
// Add square brackets around any IPv6 address
if (is_ipaddrv6($fields['dst'])) {
$suricata_alerts[$counter]['dst'] = "[" . $fields['dst'] . "]";
} else {
$suricata_alerts[$counter]['dst'] = $fields['dst'];
}
// Add the DST PORT if not null
if (!empty($fields['dport']) || $fields['dport'] == '0') {
$suricata_alerts[$counter]['dst'] .= ":" . $fields['dport'];
}
$counter++;
//.........这里部分代码省略.........
开发者ID:LFCavalcanti,项目名称:pfsense-packages,代码行数:101,代码来源:suricata_alerts.widget.php
示例17: write_config
}
$a_nat[$id] = $natent;
write_config("Suricata pkg: modified Barnyard2 settings.");
// No need to rebuild rules for Barnyard2 changes
$rebuild_rules = false;
conf_mount_rw();
sync_suricata_package_config();
conf_mount_ro();
// If disabling Barnyard2 on the interface, stop any
// currently running instance. If an instance is
// running, signal it to reload the configuration.
// If Barnyard2 is enabled but not running, start it.
if ($a_nat[$id]['barnyard_enable'] == "off") {
suricata_barnyard_stop($a_nat[$id], get_real_interface($a_nat[$id]['interface']));
} elseif ($a_nat[$id]['barnyard_enable'] == "on") {
if (suricata_is_running($a_nat[$id]['uuid'], get_real_interface($a_nat[$id]['interface']), "barnyard2")) {
suricata_barnyard_reload_config($a_nat[$id], "HUP");
} else {
// Notify user a Suricata restart is required if enabling Barnyard2 for the first time
$savemsg = gettext("NOTE: you must restart Suricata on this interface to activate unified2 logging for Barnyard2.");
}
}
$pconfig = $natent;
} else {
// We had errors, so save previous field data to prevent retyping
$pconfig = $_POST;
}
}
$if_friendly = convert_friendly_interface_to_friendly_descr($a_nat[$id]['interface']);
$pgtitle = gettext("Suricata: Interface {$if_friendly} - Barnyard2 Settings");
include_once "head.inc";
开发者ID:LFCavalcanti,项目名称:pfsense-packages,代码行数:31,代码来源:suricata_barnyard.php
|
客服电话
APP下载
官方微信
请发表评论