/gestion/admin/firewallEyes/gpl.txt |
---|
0,0 → 1,342 |
GNU GENERAL PUBLIC LICENSE |
Version 2, June 1991 |
Copyright (C) 1989, 1991 Free Software Foundation, Inc. |
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
Everyone is permitted to copy and distribute verbatim copies |
of this license document, but changing it is not allowed. |
Preamble |
The licenses for most software are designed to take away your |
freedom to share and change it. By contrast, the GNU General Public |
License is intended to guarantee your freedom to share and change free |
software--to make sure the software is free for all its users. This |
General Public License applies to most of the Free Software |
Foundation's software and to any other program whose authors commit to |
using it. (Some other Free Software Foundation software is covered by |
the GNU Library General Public License instead.) You can apply it to |
your programs, too. |
When we speak of free software, we are referring to freedom, not |
price. Our General Public Licenses are designed to make sure that you |
have the freedom to distribute copies of free software (and charge for |
this service if you wish), that you receive source code or can get it |
if you want it, that you can change the software or use pieces of it |
in new free programs; and that you know you can do these things. |
To protect your rights, we need to make restrictions that forbid |
anyone to deny you these rights or to ask you to surrender the rights. |
These restrictions translate to certain responsibilities for you if you |
distribute copies of the software, or if you modify it. |
For example, if you distribute copies of such a program, whether |
gratis or for a fee, you must give the recipients all the rights that |
you have. You must make sure that they, too, receive or can get the |
source code. And you must show them these terms so they know their |
rights. |
We protect your rights with two steps: (1) copyright the software, and |
(2) offer you this license which gives you legal permission to copy, |
distribute and/or modify the software. |
Also, for each author's protection and ours, we want to make certain |
that everyone understands that there is no warranty for this free |
software. If the software is modified by someone else and passed on, we |
want its recipients to know that what they have is not the original, so |
that any problems introduced by others will not reflect on the original |
authors' reputations. |
Finally, any free program is threatened constantly by software |
patents. We wish to avoid the danger that redistributors of a free |
program will individually obtain patent licenses, in effect making the |
program proprietary. To prevent this, we have made it clear that any |
patent must be licensed for everyone's free use or not licensed at all. |
The precise terms and conditions for copying, distribution and |
modification follow. |
GNU GENERAL PUBLIC LICENSE |
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION |
0. This License applies to any program or other work which contains |
a notice placed by the copyright holder saying it may be distributed |
under the terms of this General Public License. The "Program", below, |
refers to any such program or work, and a "work based on the Program" |
means either the Program or any derivative work under copyright law: |
that is to say, a work containing the Program or a portion of it, |
either verbatim or with modifications and/or translated into another |
language. (Hereinafter, translation is included without limitation in |
the term "modification".) Each licensee is addressed as "you". |
Activities other than copying, distribution and modification are not |
covered by this License; they are outside its scope. The act of |
running the Program is not restricted, and the output from the Program |
is covered only if its contents constitute a work based on the |
Program (independent of having been made by running the Program). |
Whether that is true depends on what the Program does. |
1. You may copy and distribute verbatim copies of the Program's |
source code as you receive it, in any medium, provided that you |
conspicuously and appropriately publish on each copy an appropriate |
copyright notice and disclaimer of warranty; keep intact all the |
notices that refer to this License and to the absence of any warranty; |
and give any other recipients of the Program a copy of this License |
along with the Program. |
You may charge a fee for the physical act of transferring a copy, and |
you may at your option offer warranty protection in exchange for a fee. |
2. You may modify your copy or copies of the Program or any portion |
of it, thus forming a work based on the Program, and copy and |
distribute such modifications or work under the terms of Section 1 |
above, provided that you also meet all of these conditions: |
a) You must cause the modified files to carry prominent notices |
stating that you changed the files and the date of any change. |
b) You must cause any work that you distribute or publish, that in |
whole or in part contains or is derived from the Program or any |
part thereof, to be licensed as a whole at no charge to all third |
parties under the terms of this License. |
c) If the modified program normally reads commands interactively |
when run, you must cause it, when started running for such |
interactive use in the most ordinary way, to print or display an |
announcement including an appropriate copyright notice and a |
notice that there is no warranty (or else, saying that you provide |
a warranty) and that users may redistribute the program under |
these conditions, and telling the user how to view a copy of this |
License. (Exception: if the Program itself is interactive but |
does not normally print such an announcement, your work based on |
the Program is not required to print an announcement.) |
These requirements apply to the modified work as a whole. If |
identifiable sections of that work are not derived from the Program, |
and can be reasonably considered independent and separate works in |
themselves, then this License, and its terms, do not apply to those |
sections when you distribute them as separate works. But when you |
distribute the same sections as part of a whole which is a work based |
on the Program, the distribution of the whole must be on the terms of |
this License, whose permissions for other licensees extend to the |
entire whole, and thus to each and every part regardless of who wrote it. |
Thus, it is not the intent of this section to claim rights or contest |
your rights to work written entirely by you; rather, the intent is to |
exercise the right to control the distribution of derivative or |
collective works based on the Program. |
In addition, mere aggregation of another work not based on the Program |
with the Program (or with a work based on the Program) on a volume of |
a storage or distribution medium does not bring the other work under |
the scope of this License. |
3. You may copy and distribute the Program (or a work based on it, |
under Section 2) in object code or executable form under the terms of |
Sections 1 and 2 above provided that you also do one of the following: |
a) Accompany it with the complete corresponding machine-readable |
source code, which must be distributed under the terms of Sections |
1 and 2 above on a medium customarily used for software interchange; or, |
b) Accompany it with a written offer, valid for at least three |
years, to give any third party, for a charge no more than your |
cost of physically performing source distribution, a complete |
machine-readable copy of the corresponding source code, to be |
distributed under the terms of Sections 1 and 2 above on a medium |
customarily used for software interchange; or, |
c) Accompany it with the information you received as to the offer |
to distribute corresponding source code. (This alternative is |
allowed only for noncommercial distribution and only if you |
received the program in object code or executable form with such |
an offer, in accord with Subsection b above.) |
The source code for a work means the preferred form of the work for |
making modifications to it. For an executable work, complete source |
code means all the source code for all modules it contains, plus any |
associated interface definition files, plus the scripts used to |
control compilation and installation of the executable. However, as a |
special exception, the source code distributed need not include |
anything that is normally distributed (in either source or binary |
form) with the major components (compiler, kernel, and so on) of the |
operating system on which the executable runs, unless that component |
itself accompanies the executable. |
If distribution of executable or object code is made by offering |
access to copy from a designated place, then offering equivalent |
access to copy the source code from the same place counts as |
distribution of the source code, even though third parties are not |
compelled to copy the source along with the object code. |
4. You may not copy, modify, sublicense, or distribute the Program |
except as expressly provided under this License. Any attempt |
otherwise to copy, modify, sublicense or distribute the Program is |
void, and will automatically terminate your rights under this License. |
However, parties who have received copies, or rights, from you under |
this License will not have their licenses terminated so long as such |
parties remain in full compliance. |
5. You are not required to accept this License, since you have not |
signed it. However, nothing else grants you permission to modify or |
distribute the Program or its derivative works. These actions are |
prohibited by law if you do not accept this License. Therefore, by |
modifying or distributing the Program (or any work based on the |
Program), you indicate your acceptance of this License to do so, and |
all its terms and conditions for copying, distributing or modifying |
the Program or works based on it. |
6. Each time you redistribute the Program (or any work based on the |
Program), the recipient automatically receives a license from the |
original licensor to copy, distribute or modify the Program subject to |
these terms and conditions. You may not impose any further |
restrictions on the recipients' exercise of the rights granted herein. |
You are not responsible for enforcing compliance by third parties to |
this License. |
7. If, as a consequence of a court judgment or allegation of patent |
infringement or for any other reason (not limited to patent issues), |
conditions are imposed on you (whether by court order, agreement or |
otherwise) that contradict the conditions of this License, they do not |
excuse you from the conditions of this License. If you cannot |
distribute so as to satisfy simultaneously your obligations under this |
License and any other pertinent obligations, then as a consequence you |
may not distribute the Program at all. For example, if a patent |
license would not permit royalty-free redistribution of the Program by |
all those who receive copies directly or indirectly through you, then |
the only way you could satisfy both it and this License would be to |
refrain entirely from distribution of the Program. |
If any portion of this section is held invalid or unenforceable under |
any particular circumstance, the balance of the section is intended to |
apply and the section as a whole is intended to apply in other |
circumstances. |
It is not the purpose of this section to induce you to infringe any |
patents or other property right claims or to contest validity of any |
such claims; this section has the sole purpose of protecting the |
integrity of the free software distribution system, which is |
implemented by public license practices. Many people have made |
generous contributions to the wide range of software distributed |
through that system in reliance on consistent application of that |
system; it is up to the author/donor to decide if he or she is willing |
to distribute software through any other system and a licensee cannot |
impose that choice. |
This section is intended to make thoroughly clear what is believed to |
be a consequence of the rest of this License. |
8. If the distribution and/or use of the Program is restricted in |
certain countries either by patents or by copyrighted interfaces, the |
original copyright holder who places the Program under this License |
may add an explicit geographical distribution limitation excluding |
those countries, so that distribution is permitted only in or among |
countries not thus excluded. In such case, this License incorporates |
the limitation as if written in the body of this License. |
9. The Free Software Foundation may publish revised and/or new versions |
of the General Public License from time to time. Such new versions will |
be similar in spirit to the present version, but may differ in detail to |
address new problems or concerns. |
Each version is given a distinguishing version number. If the Program |
specifies a version number of this License which applies to it and "any |
later version", you have the option of following the terms and conditions |
either of that version or of any later version published by the Free |
Software Foundation. If the Program does not specify a version number of |
this License, you may choose any version ever published by the Free Software |
Foundation. |
10. If you wish to incorporate parts of the Program into other free |
programs whose distribution conditions are different, write to the author |
to ask for permission. For software which is copyrighted by the Free |
Software Foundation, write to the Free Software Foundation; we sometimes |
make exceptions for this. Our decision will be guided by the two goals |
of preserving the free status of all derivatives of our free software and |
of promoting the sharing and reuse of software generally. |
NO WARRANTY |
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY |
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN |
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES |
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED |
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS |
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE |
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, |
REPAIR OR CORRECTION. |
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING |
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR |
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, |
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING |
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED |
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY |
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER |
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE |
POSSIBILITY OF SUCH DAMAGES. |
END OF TERMS AND CONDITIONS |
How to Apply These Terms to Your New Programs |
If you develop a new program, and you want it to be of the greatest |
possible use to the public, the best way to achieve this is to make it |
free software which everyone can redistribute and change under these terms. |
To do so, attach the following notices to the program. It is safest |
to attach them to the start of each source file to most effectively |
convey the exclusion of warranty; and each file should have at least |
the "copyright" line and a pointer to where the full notice is found. |
<one line to give the program's name and a brief idea of what it does.> |
Copyright (C) <year> <name of author> |
This program is free software; you can redistribute it and/or modify |
it under the terms of the GNU General Public License as published by |
the Free Software Foundation; either version 2 of the License, or |
(at your option) any later version. |
This program is distributed in the hope that it will be useful, |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
GNU General Public License for more details. |
You should have received a copy of the GNU General Public License |
along with this program; if not, write to the Free Software |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
Also add information on how to contact you by electronic and paper mail. |
If the program is interactive, make it output a short notice like this |
when it starts in an interactive mode: |
Gnomovision version 69, Copyright (C) year name of author |
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. |
This is free software, and you are welcome to redistribute it |
under certain conditions; type `show c' for details. |
The hypothetical commands `show w' and `show c' should show the appropriate |
parts of the General Public License. Of course, the commands you use may |
be called something other than `show w' and `show c'; they could even be |
mouse-clicks or menu items--whatever suits your program. |
You should also get your employer (if you work as a programmer) or your |
school, if any, to sign a "copyright disclaimer" for the program, if |
necessary. Here is a sample; alter the names: |
Yoyodyne, Inc., hereby disclaims all copyright interest in the program |
`Gnomovision' (which makes passes at compilers) written by James Hacker. |
<signature of Ty Coon>, 1 April 1989 |
Ty Coon, President of Vice |
This General Public License does not permit incorporating your program into |
proprietary programs. If your program is a subroutine library, you may |
consider it more useful to permit linking proprietary applications with the |
library. If this is what you want to do, use the GNU Library General |
Public License instead of this License. |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
/gestion/admin/firewallEyes/info.php |
---|
0,0 → 1,161 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
include("configuration.php"); |
include("include.php"); |
// authentification check |
authenticationCheck(); |
// Date in the past |
header("Expires: Mon, 26 Jul 2009 00:00:00 GMT"); |
// always modified |
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
// HTTP/1.1 |
header("Cache-Control: no-store, no-cache, must-revalidate"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
// HTTP/1.0 |
header("Pragma: no-cache"); |
set_time_limit (120); |
// GET INPUT |
$type=stripslashes($_GET["type"]); |
$p1=stripslashes($_GET["p1"]); |
$tool=stripslashes($_GET["tool"]); |
$toolsArray=$tools[$type]; |
$maxWidth=0; |
for($i=0; $i<count($logFields); $i++) { |
$maxWidth+=$logFields[$i][2]; |
} |
?> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<head> |
<title>informations</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> |
<link href="log.css" rel="stylesheet" type="text/css"/> |
</head> |
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF"> |
<div align="left" style="padding-left:18px"> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td class="toolBox"> |
<form method="GET" action="info.php"> |
<br/> |
<b>Informations on </b> |
<input type="text" name="p1" class="inputText" maxlength="100" value="<?=htmlentities(stripslashes($p1))?>"> |
<input type="hidden" name="type" value="<?=htmlentities(stripslashes($type))?>"> |
<br/><br/> |
<?php |
foreach($toolsArray as $toolName=>$toolInfos) { |
?> |
<input class="toolbutton" type="submit" name="tool" value="<?=htmlentities($toolName)?>"> |
<?php |
} |
?> |
</form> |
</td> |
</tr> |
</table> |
<?php |
flush(); |
if($tool) { |
if($toolsArray[$tool]["type"]=="command") { |
$myCommand=$toolsArray[$tool]["value"]; |
$myparam=$p1; |
if($toolsArray[$tool]["precompute"]=="extractdomain") { |
if (preg_match("/\d+\.\d+\.\d+\.\d+/", $p1)) { // it's an ip address |
$myparam=$p1; |
} else { |
$myparam=substr(strstr($p1,"."),1); // remove first part of canonical name |
} |
} |
$myCommand=str_replace("%p1%",$myparam,$myCommand); |
} |
if($toolsArray[$tool]["type"]=="url") { |
$myCommand=$toolsArray[$tool]["value"]; |
$myCommand=str_replace("%p1%",urlencode($p1),$myCommand); |
} |
?> |
<br/> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td class="toolCommandBoxHeader"> |
<?php |
if($toolsArray[$tool]["type"]=="url") { |
?> |
<a style="color: #FFFFFF" href="<?=$myCommand?>" target="q"><?=$myCommand?></a> |
<?php |
} else { |
echo($myCommand); |
} |
?> |
</td> |
</tr> |
</table> |
<?php |
flush(); |
?> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td class="toolCommandBox"> |
<?php |
if($toolsArray[$tool]["type"]=="command") { |
echo("<pre>"); |
passthru(escapeshellcmd($myCommand)); |
echo("</pre>"); |
} |
if($toolsArray[$tool]["type"]=="url") { |
?> |
<iframe name="window_recherche_affaire_resultat" src="<?=$myCommand?>" width="<?=$maxWidth+5?>" height="750" FRAMEBORDER=0> |
Your browser doesn't support iframe, unable to get url. |
</iframe> |
<?php |
} |
?> |
</td> |
</tr> |
</table> |
<?php |
} |
?> |
<br> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>" class="footer"> |
<tr> |
<td align="center"> |
<A HREF="http://www.creabilis.com" target="creabilis">Firewall Eyes</A> - <A HREF="http://www.gnu.org/licenses/gpl.html">GPL</A> - Creabilis © 2004 - Web site : <A HREF="http://firewalleyes.creabilis.com">http://firewalleyes.creabilis.com</A> |
</td> |
</tr> |
</table> |
</div> |
</body> |
</html> |
/gestion/admin/firewallEyes/images/info.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/dst-port.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/port-dst.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/header-background.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/source.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/destination.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/commandHeaderBkg.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/firewallEyes.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/logo-firewallEyes.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/src-port.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/port-src.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/gestion/admin/firewallEyes/images/buttonBkg.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/gestion/admin/firewallEyes/messages |
---|
0,0 → 1,21 |
Sep 24 04:03:01 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.0.5 DST=64.246.30.37 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3247 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 |
Sep 24 04:03:02 firewall kernel: RULE 6 -- DENY IN=eth1 OUT=eth1 SRC=172.50.230.95 DST=192.168.14.5 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18765 PROTO=TCP SPT=2277 DPT=25 LEN=28 |
Sep 24 04:03:02 firewall kernel: RULE 7 -- DENY IN=eth1 OUT=eth1 SRC=172.79.3.1 DST=192.168.0.12 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18764 PROTO=TCP SPT=3767 DPT=443 LEN=28 |
Sep 24 04:03:05 firewall kernel: RULE 2 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.0.55 DST=10.10.5.4 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=45067 DF PROTO=TCP SPT=1549 DPT=8080 WINDOW=8192 RES=0x00 SYN URGP=0 |
Sep 24 04:03:05 firewall kernel: RULE 8 -- ACCEPT IN=eth1 OUT=eth1 SRC=192.79.1.1 DST=172.48.3.1 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18775 PROTO=TCP SPT=1793 DPT=80 LEN=28 |
Sep 24 04:03:05 firewall kernel: RULE 2 -- REJECT IN=eth1 OUT=eth1 SRC=192.169.230.95 DST=192.168.31.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18774 PROTO=UDP SPT=1179 DPT=137 LEN=28 |
Sep 24 04:03:07 firewall kernel: RULE 9 -- ACCEPT IN=eth1 OUT=eth1 SRC=172.79.1.78 DST=10.10.6.4 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18775 PROTO=TCP SPT=9957 DPT=80 LEN=28 |
Sep 24 04:03:08 firewall kernel: RULE 16 -- DENY IN=eth1 OUT=eth2 SRC=192.168.6.162 DST=64.4.23.188 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33598 DF PROTO=TCP SPT=3247 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 |
Sep 24 04:03:08 firewall kernel: RULE 16 -- ACCEPT IN=eth1 OUT=eth1 SRC=192.169.230.95 DST=192.168.31.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18780 PROTO=UDP SPT=7453 DPT=137 LEN=28 |
Sep 24 04:03:08 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=172.38.45.78 DST=10.10.5.7 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28 |
Sep 24 04:03:11 firewall kernel: RULE 13 -- DENY IN=eth1 OUT=eth1 SRC=192.169.0.5 DST=192.168.0.50 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18791 PROTO=UDP SPT=2813 DPT=137 LEN=28 |
Sep 24 04:03:11 firewall kernel: RULE 17 -- DENY IN=eth1 OUT=eth1 SRC=192.169.230.95 DST=192.168.1.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18790 PROTO=UDP SPT=2779 DPT=137 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 16 -- ACCEPT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=192.169.230.95 DST=10.0.12.5 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18796 PROTO=UDP SPT=4476 DPT=137 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=172.38.45.78 DST=10.10.5.7 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 16 -- DENY IN=eth1 OUT=eth1 SRC=10.10.45.7 DST=192.168.1.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18795 PROTO=UDP SPT=2781 DPT=123 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 14 -- ACCEPT IN=eth1 OUT=eth1 SRC=192.168.1.5 DST=192.168.0.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18794 PROTO=UDP SPT=33660 DPT=53 LEN=28 |
Sep 24 04:03:17 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.1.5 DST=64.246.30.37 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3247 DPT=80 WINDOW=64242 RES=0x00 SYN URGP=0 |
Sep 24 04:03:17 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.2.5 DST=192.168.1.78 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3657 DPT=80 WINDOW=64242 RES=0x00 SYN URGP=0 |
Sep 24 04:03:17 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=172.38.45.78 DST=10.10.5.7 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28 |
Sep 24 04:03:17 firewall kernel: RULE 3 -- ACCEPT IN=eth1 OUT=eth1 SRC=10.10.45.7 DST=192.168.0.8 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18806 PROTO=TCP SPT=2267 DPT=110 LEN=28 |
Sep 24 04:03:20 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.0.5 DST=64.246.30.37 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=1842 DPT=80 WINDOW=64248 RES=0x00 SYN URGP=0 |
/gestion/admin/firewallEyes/log.css |
---|
0,0 → 1,147 |
.tabCell { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
white-space: nowrap; |
float: left; |
overflow: hidden; |
border-left: 0px solid #9EB2E2; |
padding-top: 3px; |
padding-bottom: 3px; |
margin: 0px; |
text-align: left; |
} |
.header { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
background-color: #EEF1F9; |
border-top: 1px solid #9EB2E2; |
border-bottom: 1px solid #9EB2E2; |
color: #0C1E6C; |
font-weight: bold; |
text-align: center; |
} |
.footer { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 9px; |
background-color: #F4F8FB; |
border: 1px solid #9EB2E2; |
color: #0C1E6C; |
padding: 2px; |
} |
a { |
color: #0C1E6C; |
text-decoration:none; |
} |
a:hover { |
color: #800000; |
text-decoration:underline; |
} |
.ACCEPT { |
color: #006633; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.DROP { |
color: #800000; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.REJECT { |
color: #804040; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.ACCOUNTING { |
color: #000000; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.line1 { |
background-color: #FFFFFF; |
} |
.line2 { |
background-color: #F4F8FB; |
} |
.inputBlock { |
padding: 0px; |
margin: 0px; |
border: none; |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
white-space: nowrap; |
float: left; |
overflow: hidden; |
border-left: 1px solid #9EB2E2; |
padding: 2px; |
} |
.inputText { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 9px; |
color: #0C1E6C; |
border:1px solid #9EB2E2; |
padding: 2px; |
} |
.button { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 10px; |
font-weight: bold; |
color: #0C1E6C; |
background-color: #FFFFFF; |
width: 80px; |
height: 25px; |
background-image: url(images/buttonBkg.jpg); |
background-repeat: no-repeat; |
text-align: left; |
padding-left: 18pt; |
} |
.toolbutton { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 10px; |
font-weight: bold; |
color: #0C1E6C; |
background-color: #FFFFFF; |
width: 100px; |
height: 25px; |
background-image: url(images/buttonBkg.jpg); |
background-repeat: no-repeat; |
text-align: left; |
padding-left: 18pt; |
} |
.toolBox { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
font-weight: bold; |
background-color: #EEF1F9; |
border: 1px solid #9EB2E2; |
color: #0C1E6C; |
text-align: left; |
padding-left: 2pt; |
} |
.toolCommandBoxHeader { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
font-weight: bold; |
background-image: url(images/commandHeaderBkg.jpg); |
border: 1px solid #9EB2E2; |
color: #FFFFFF; |
text-align: center; |
} |
.toolCommandBox { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
background-color: #F4F7FF; |
border: 1px solid #9EB2E2; |
color: #0C1E6C; |
text-align: left; |
padding-left: 2pt; |
} |
.topbox { |
color: #FFFFFF; |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
border: none; |
padding: 2px; |
margin: 0px; |
} |
/gestion/admin/firewallEyes/include.php |
---|
0,0 → 1,139 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
// **************************************************************************** |
// return the regexp index for $columnName |
// **************************************************************************** |
function authenticationCheck() { |
global $IPAuthentication,$allowedClientIP; |
if ($IPAuthentication) { |
if(!in_array($_SERVER["REMOTE_ADDR"],$allowedClientIP)) { |
exit(); |
} |
} |
} |
// **************************************************************************** |
// return the regexp index for $columnName |
// **************************************************************************** |
function getIndexForColumn($columnName,$logFields) { |
for($i=0; $i<count($logFields); $i++) { |
if($logFields[$i][0]==$columnName) { |
Return $logFields[$i][1]; |
} |
} |
} |
// **************************************************************************** |
// return true if all criteria matches |
// **************************************************************************** |
function criteriaMatches($criteria,$logFields,$infoTab,$exactSearch) { |
$returnValue=true; |
for($i=0; $i<count($logFields); $i++) { |
$currentColumn=$logFields[$i][0]; |
$currentData=$infoTab[$logFields[$i][1]]; |
if($currentCriteria=$criteria[$currentColumn]) { // if criteria exists |
// test |
if(!searchString ($currentData,$currentCriteria,$exactSearch)) { |
Return false; |
} |
} |
} |
Return $returnValue; |
} |
// **************************************************************************** |
// return true strings founded |
// **************************************************************************** |
function searchString($haystack, $searchedWords,$exactSearch) { |
if($searchedWords[0]=="!") { |
$negate=true; |
$searchedWords=substr($searchedWords,1); |
} |
$returnValue=false; |
$wordTab=preg_split ("/[\s,]+/", $searchedWords); |
if($wordTab) { |
for($i=0; $i<count($wordTab); $i++) { |
if($currentWord=$wordTab[$i]) { |
// test |
if(($exactSearch ? $haystack==$currentWord : stristr ($haystack,$currentWord))) { |
$returnValue=true; |
break; |
} |
} |
} |
} |
if($negate) { |
Return (!$returnValue); |
} else { |
Return $returnValue; |
} |
} |
// **************************************************************************** |
// change lines to resolved items |
// **************************************************************************** |
function resolvAll() { |
global $logFields,$infoTab,$resolvIp,$resolvService,$indexForProtocol,$infoTabOriginal; |
for($i=0; $i<count($logFields); $i++) |
{ |
if($resolvIp) { |
if($logFields[$i][3]=="ip" && !strstr($infoTab[$logFields[$i][1]],"255")) { |
$infoTab[$logFields[$i][1]]=gethostbyaddr($infoTab[$logFields[$i][1]]); |
} |
} |
if($resolvService) { |
if($logFields[$i][3]=="service") { |
$currentProtocolIndex=$indexForProtocol; |
$service=getservbyport($infoTab[$logFields[$i][1]],strtolower($infoTab[$currentProtocolIndex])); |
if($service) { |
$infoTabOriginal[$logFields[$i][1]]=$infoTab[$logFields[$i][1]]; |
$infoTab[$logFields[$i][1]]=$service; |
} |
} |
} |
} |
} |
// **************************************************************************** |
// fgetrs : read line and put pointer at the begining |
// **************************************************************************** |
function fgetrs($fileHandle) { |
while (ftell($fileHandle)>=0) { |
$char = fgetc($fileHandle); |
if (ftell($fileHandle)==1) { |
fseek ($fileHandle,-1,SEEK_CUR); |
return $char.$line; |
} |
if ($char == "\n" || ftell($fileHandle)==1) { |
fseek ($fileHandle,-2,SEEK_CUR); |
return $line; |
} |
else { |
fseek ($fileHandle,-2,SEEK_CUR); |
$line = $char . $line; |
} |
} |
return $line; |
} |
?> |
/gestion/admin/firewallEyes/index.html |
---|
0,0 → 1,17 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> |
<html> |
<head> |
<title>firewall Eyes - Creabilis</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> |
</head> |
<frameset rows="115,*" frameborder="NO" border="0" framespacing="0"> |
<frame src="header.php" name="topFrame" scrolling="yes"> |
<frame src="logs.php" name="mainFrame"> |
</frameset> |
<noframes> |
<body> |
Your browser doesn't support frames. Unable to get it working. |
</body> |
</noframes> |
</html> |
/gestion/admin/firewallEyes/logs.php |
---|
0,0 → 1,148 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
include("configuration.php"); |
include("include.php"); |
// authentification check |
authenticationCheck(); |
// Date in the past |
header("Expires: Mon, 26 Jul 2004 00:00:00 GMT"); |
// always modified |
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
// HTTP/1.1 |
header("Cache-Control: no-store, no-cache, must-revalidate"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
// HTTP/1.0 |
header("Pragma: no-cache"); |
set_time_limit (300); |
// GET INPUT |
// log file, get input or first logfile |
$logfile=($_GET["logfile2display"] ? $logfiles[$_GET["logfile2display"]] : $logfiles[0]); |
$displayedLines=($_GET["displayedLines"] ? $_GET["displayedLines"] : $configuration["displayedLines"]); |
$configurationVars=Array("resolvIp","resolvService","readFromTheEnd","exactSearch","automaticRefresh"); |
foreach($configurationVars as $confVarName) { |
${$confVarName}=($_GET["searchAction"] ? $_GET[$confVarName] : $configuration[$confVarName]); |
} |
// init |
$lineCount=0; |
$indexForAction=getIndexForColumn("action",$logFields); |
$indexForProtocol=getIndexForColumn("protocol",$logFields); |
// get inputs |
$criteria=$_GET["criteria"]; |
$maxWidth=0; |
for($i=0; $i<count($logFields); $i++) { |
$maxWidth+=$logFields[$i][2]; |
} |
?> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<head> |
<title>Creabilis fw-Eyes</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> |
<link href="log.css" rel="stylesheet" type="text/css"/> |
<?php if ($automaticRefresh) {?> |
<meta http-equiv="refresh" content="<?=$automaticRefreshInterval?>"> |
<?php } ?> |
</head> |
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF"> |
<div align="left" style="padding-left:18px"> |
<?php |
if(!file_exists ($logfile)) { |
die("Le fichier n'existe pas : $logfile"); |
} |
if(!is_readable ($logfile)) { |
die("Ne peut pas lire le fichier : $logfile"); |
} |
$fd = fopen ($logfile, "r"); |
if ($readFromTheEnd){ |
// to the end |
fseek($fd,0,SEEK_END); |
} |
while (($readFromTheEnd ? ftell($fd)>0 : !feof ($fd))) { |
$line = ($readFromTheEnd ? fgetrs($fd) : fgets($fd, 1024)); |
if(preg_match($detectLine, $line)) { // it's a firewall line |
if(preg_match($LineRegExp, $line, $infoTab)) { |
// resolv dns/services |
$infoTabOriginal=null; |
resolvAll(); |
// Apply search array |
if(criteriaMatches($criteria,$logFields,$infoTab,$exactSearch)) { |
$lineCount++; |
$nb=($nb==1 ? 2 : 1); // for alternate display |
// line display |
?> |
<table class="<?=$infoTab[$indexForAction]?>" border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr class="line<?=$nb?>"> |
<?php |
for($i=0; $i<count($logFields); $i++) |
{ |
?> |
<td title="<?=($infoTabOriginal[$logFields[$i][1]] ? $infoTabOriginal[$logFields[$i][1]]." - " : "")?><?=$infoTab[$logFields[$i][1]]?>"> |
<span class="tabCell" style="width: <?=$logFields[$i][2]?>px" > |
<?php |
if($logFields[$i][4]) { |
?> |
<a href="info.php?type=<?=urlencode($logFields[$i][4])?>&p1=<?=urlencode($infoTab[$logFields[$i][1]])?>" title="informations"><img src="images/<?=str_replace(" ","-",($logFields[$i][0]))?>.gif" width="15" height="15" border="0" align="absmiddle"></a> |
<?php |
} |
?> |
<?=$infoTab[$logFields[$i][1]]?> |
</span> |
</td> |
<?php |
}?></tr> |
</table> |
<?php |
flush(); |
} |
} |
} |
if($lineCount>=$displayedLines) break; |
} |
// close file |
fclose ($fd); |
?> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth+2?>" class="footer"> |
<tr> |
<td align="center"> |
<A HREF="http://www.creabilis.com" target="creabilis">Firewall Eyes</A> - <A HREF="http://www.gnu.org/licenses/gpl.html">GPL</A> - Creabilis © 2004 - Web site : <A HREF="http://firewalleyes.creabilis.com">http://firewalleyes.creabilis.com</A> |
</td> |
</tr> |
</table> |
</div> |
</body> |
</html> |
/gestion/admin/firewallEyes/readme.txt |
---|
0,0 → 1,2 |
Latest documentation and installation instructions on : |
http://firewalleyes.creabilis.com |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
/gestion/admin/firewallEyes/configuration.php |
---|
0,0 → 1,121 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
// ***************** CONFIGURATION ********************* |
// activate authentication by IP |
// $IPAuthentication=true|false; |
$IPAuthentication=false; |
// alowed clientIP |
// one line by IP |
// $allowedClientIP[]="127.0.0.1"; |
$allowedClientIP[]="127.0.0.1"; |
// logfiles to parse, default is first |
// you can use file path like /etc/log/messages or nfs |
// or http like http://www.host.com/messages |
// or ftp like ftp://user:password@ftp.host.com/messages |
// $logfiles[]="/var/log/messages"; |
//$logfiles[]="/var/log/messages"; |
//$logfiles[]="/var/log/messages.1"; |
//$logfiles[]="/var/log/messages.2"; |
//$logfiles[]="/var/log/messages.3"; |
//$logfiles[]="/var/log/messages.4"; |
$folder = "/var/log/firewall"; |
$dossier = opendir($folder); |
$index=0; |
while ($Fichier = readdir($dossier)) { |
$exclusion = stripos ($Fichier, '.gz'); |
if ($Fichier != "." && $Fichier != ".." && $exclusion == 0) { |
$index ++; |
$logfiles[]=$folder . "/" . $Fichier; |
} # end if |
} # end while |
closedir($dossier); |
// automatic submit |
// automatic reload log display just after changing a display option (search strings, resolving, ...) |
// $automaticSubmit=true|false; |
$automaticSubmit=true; |
// default number of lines to display |
$configuration["displayedLines"]=50; |
// resolv ip |
$configuration["resolvIp"]=false; |
// resolv service |
$configuration["resolvService"]=true; |
// read log file from the end |
$configuration["readFromTheEnd"]=true; |
// exact search |
$configuration["exactSearch"]=false; |
// automatic refresh page every x secondes |
//$configuration["automaticRefresh"]=false|true; |
$configuration["automaticRefresh"]=false; |
// refresh interval in seconds |
$automaticRefreshInterval=10; |
// column array |
// syntax : name, index in regexp, width in pixels, type, toolname |
// type can be ip or service or protocol, used for resolution |
// to hide a column, just comment it with // |
$logFields[]=Array("date","1","60",null,null); |
$logFields[]=Array("heure","2","60",null,null); |
$logFields[]=Array("intf","5","50",null,null); |
$logFields[]=Array("source","6","150","ip","iptools"); |
$logFields[]=Array("destination","7","150","ip","iptools"); |
$logFields[]=Array("protocol","8","60","protocol",null); |
$logFields[]=Array("src port","9","60",null,null); |
$logFields[]=Array("dst port","10","80","service","srvtools"); |
$logFields[]=Array("règle","3","80",null,null); |
$logFields[]=Array("action","4","80",null,null); |
// ip tools |
// types are command or url |
// use %originalParameter% for values like ip address |
// use %transformedParameter% for values like dns address |
$tools["iptools"]["ping"]= array("type"=>"command", "value"=>"ping -c 5 %p1%"); |
$tools["iptools"]["traceroute"]=array("type"=>"command", "value"=>"traceroute %p1%"); |
$tools["iptools"]["DNS lookup"]= array("type"=>"command", "value"=>"host %p1%"); |
$tools["iptools"]["whois"]= array("type"=>"command", "value"=>"whois %p1%","precompute"=>"extractdomain"); |
$tools["iptools"]["nmap"]= array("type"=>"command", "value"=>"nmap %p1%"); |
$tools["iptools"]["HTTP Test"]= array("type"=>"url", "value"=>"http://%p1%"); |
// service tool |
$tools["srvtools"]["ISS Port db"]= array("type"=>"url", "value"=>"http://www.iss.net/security_center/advice/Exploits/Ports/%p1%/default.htm"); |
$tools["srvtools"]["IANA ports"]= array("type"=>"url", "value"=>"http://www.iana.org/assignments/port-numbers"); |
$tools["srvtools"]["Google"]= array("type"=>"url", "value"=>"http://www.google.com/search?hl=en&q=port+%p1%"); |
// regExp for detecting a firewall line |
$detectLine="/RULE/S"; |
// regExp for line parsing |
$LineRegExp="/(\w+\s+\d+)\s+(\S+)\s+\S+.*RULE (\S+).+-\s+(\S+).*IN=(\S+).*SRC=(\S+)\s+DST=(\S+).*PROTO=(\S+).*SPT=(\S+).*DPT=(\S+)/S"; |
//line sample : |
//Sep 24 18:07:35 passerelle kernel: RULE 14 -- ACCEPT IN=eth1 OUT= MAC=00:04:e2:43:1c:c4:00:0b:cd:f9:f4:42:08:00 SRC=192.168.0.1 DST=172.31.0.253 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=11059 DF PROTO=TCP SPT=1537 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 |
?> |
/gestion/admin/firewallEyes/header.php |
---|
0,0 → 1,154 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
include("configuration.php"); |
include("include.php"); |
// authentification check |
authenticationCheck(); |
// Date in the past |
header("Expires: Mon, 26 Jul 2004 00:00:00 GMT"); |
// always modified |
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
// HTTP/1.1 |
header("Cache-Control: no-store, no-cache, must-revalidate"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
// HTTP/1.0 |
header("Pragma: no-cache"); |
set_time_limit (300); |
// TODO: |
// predifined filters : all accept, all dropped/rejected |
//line example : |
//Sep 24 18:07:35 passerelle kernel: RULE 14 -- ACCEPT IN=eth1 OUT= MAC=00:04:e2:43:1c:c4:00:0b:cd:f9:f4:42:08:00 SRC=172.31.200.189 DST=172.31.1.253 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=11059 DF PROTO=TCP SPT=1537 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0 |
$logfile=$configuration["logfile"]; |
$displayedLines=($_GET["displayedLines"] ? $_GET["displayedLines"] : $configuration["displayedLines"]); |
$configurationVars=Array("resolvIp","resolvService","readFromTheEnd","exactSearch","automaticRefresh"); |
foreach($configurationVars as $confVarName) { |
${$confVarName}=($_GET["searchAction"] ? $_GET[$confVarName] : $configuration[$confVarName]); |
} |
// init |
$lineCount=0; |
$indexForAction=getIndexForColumn("action",$logFields); |
$indexForProtocol=getIndexForColumn("protocol",$logFields); |
// get inputs |
$criteria=$_GET["criteria"]; |
$maxWidth=0; |
for($i=0; $i<count($logFields); $i++) { |
$maxWidth+=$logFields[$i][2]; |
} |
?> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<head> |
<title>Creabilis fw-Eyes</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> |
<link href="log.css" rel="stylesheet" type="text/css"/> |
<script> |
function myrefresh() { |
<?php if ($automaticSubmit) {?> |
document.forms["search"].submit() |
<?php } ?> |
} |
</script> |
</head> |
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF"> |
<table width="100%" height="100" border="0" cellpadding="0" cellspacing="0" background="images/header-background.jpg"> |
<tr> |
<td valign="bottom" align="left" style="padding-left:19px"> |
<form method="GET" action="logs.php" style="margin: 0px;padding: 0px;" name="search" target="mainFrame"> |
<INPUT type="hidden" name="searchAction" value="1"> |
<div class="topbox" > |
</div> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td rowspan="2" valign="top"><img src="images/logo-firewallEyes.gif" width="58" height="38" align="top"><img src="images/firewallEyes.jpg" width="199" height="48" align="top"></td> |
<td align="right" class="topbox"> lignes affichées |
<input name="displayedLines" type="text" class="inputText" style="width:30 px;" size="3" maxlength="6" value="<?=htmlentities(stripslashes($displayedLines))?>" onChange="myrefresh()"> |
fichier log <select name="logfile2display" class="inputText" onChange="myrefresh()"> |
<?php |
foreach($logfiles as $currentIndex=>$currentLogfile) { |
?> |
<option value="<?=htmlspecialchars($currentIndex)?>"> |
<?=htmlspecialchars($currentLogfile)?> |
</option> |
<?php |
} |
?> |
</select> <input type="checkbox" name="readFromTheEnd" id="readFromTheEnd" value="1" <?= ($readFromTheEnd ? "checked" : "")?> onClick="myrefresh()"> |
<label for="readFromTheEnd"> lecture depuis la fin </label></td> |
</tr> |
<tr> |
<td colspan="<?=count($logFields)?>" align="left" class="topbox"> |
<input type="checkbox" name="automaticRefresh" id="automaticRefresh" value="1" <?= ($automaticRefresh ? "checked" : "")?> onClick="myrefresh()"> |
<label for="automaticRefresh">raffraichissement auto </label> |
<input type="checkbox" name="resolvIp" id="resolvIp" value="1" <?= ($resolvIp ? "checked" : "")?> onClick="myrefresh()"> |
<label for="resolvIp">resolv IP </label> |
<input type="checkbox" name="resolvService" id="resolvService" value="1" <?= ($resolvService ? "checked" : "")?> onClick="myrefresh()"> |
<label for="resolvService">resolv services </label> |
<input type="checkbox" name="exactSearch" id="exactSearch" value="1" <?= ($exactSearch ? "checked" : "")?> onClick="myrefresh()"> |
<label for="exactSearch">recherche exacte </label> |
<input class="button" type="submit" value="Afficher"> |
<!-- <input class="button" type="button" value="reset" onClick="top.window.location='index.html'">--> |
</td> |
</tr> |
</table> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<?php |
// tab header |
for($i=0; $i<count($logFields); $i++) { |
?><td class="header"><span style="width: <?=$logFields[$i][2]?>px" class="header"> <?=$logFields[$i][0]?></span> |
</td><?php |
}?> |
</tr> |
<tr> |
<?php |
// search form |
for($i=0; $i<count($logFields); $i++) { |
?><td><span style="width: <?=$logFields[$i][2]?>px"><input type="text" name="criteria[<?=htmlentities($logFields[$i][0])?>]" value="<?=htmlentities(stripslashes($criteria[$logFields[$i][0]]))?>" style="width: <?=$logFields[$i][2]?>px" class="inputText" onChange="myrefresh()"></span> |
</td> |
<?php |
}?> |
</tr> |
</table> |
</form> |
</td> |
</tr> |
</table> |
</body> |
</html> |