| 318 |
richard |
1 |
<?php
|
|
|
2 |
/*
|
|
|
3 |
* firewall Eyes
|
|
|
4 |
* Copyright (C) 2004 Creabilis
|
|
|
5 |
*
|
|
|
6 |
* This program is free software; you can redistribute it and/or modify
|
|
|
7 |
* it under the terms of the GNU General Public License as published by
|
|
|
8 |
* the Free Software Foundation; either version 2 of the License, or (at
|
|
|
9 |
* your option) any later version.
|
|
|
10 |
*
|
|
|
11 |
* This program is distributed in the hope that it will be useful, but
|
|
|
12 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
13 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
14 |
* General Public License for more details.
|
|
|
15 |
*
|
|
|
16 |
* You should have received a copy of the GNU General Public License
|
|
|
17 |
* along with this program; if not, write to the Free Software
|
|
|
18 |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
19 |
*
|
|
|
20 |
*/
|
|
|
21 |
// ****************************************************************************
|
|
|
22 |
// return the regexp index for $columnName
|
|
|
23 |
// ****************************************************************************
|
|
|
24 |
function authenticationCheck() {
|
|
|
25 |
global $IPAuthentication,$allowedClientIP;
|
|
|
26 |
if ($IPAuthentication) {
|
|
|
27 |
if(!in_array($_SERVER["REMOTE_ADDR"],$allowedClientIP)) {
|
|
|
28 |
exit();
|
|
|
29 |
}
|
|
|
30 |
}
|
|
|
31 |
}
|
|
|
32 |
// ****************************************************************************
|
|
|
33 |
// return the regexp index for $columnName
|
|
|
34 |
// ****************************************************************************
|
|
|
35 |
function getIndexForColumn($columnName,$logFields) {
|
|
|
36 |
for($i=0; $i<count($logFields); $i++) {
|
|
|
37 |
if($logFields[$i][0]==$columnName) {
|
|
|
38 |
Return $logFields[$i][1];
|
|
|
39 |
}
|
|
|
40 |
}
|
|
|
41 |
}
|
|
|
42 |
// ****************************************************************************
|
|
|
43 |
// return true if all criteria matches
|
|
|
44 |
// ****************************************************************************
|
|
|
45 |
function criteriaMatches($criteria,$logFields,$infoTab,$exactSearch) {
|
|
|
46 |
$returnValue=true;
|
|
|
47 |
for($i=0; $i<count($logFields); $i++) {
|
|
|
48 |
$currentColumn=$logFields[$i][0];
|
|
|
49 |
$currentData=$infoTab[$logFields[$i][1]];
|
|
|
50 |
if($currentCriteria=$criteria[$currentColumn]) { // if criteria exists
|
|
|
51 |
// test
|
|
|
52 |
if(!searchString ($currentData,$currentCriteria,$exactSearch)) {
|
|
|
53 |
Return false;
|
|
|
54 |
}
|
|
|
55 |
}
|
|
|
56 |
}
|
|
|
57 |
Return $returnValue;
|
|
|
58 |
}
|
|
|
59 |
// ****************************************************************************
|
|
|
60 |
// return true strings founded
|
|
|
61 |
// ****************************************************************************
|
|
|
62 |
function searchString($haystack, $searchedWords,$exactSearch) {
|
|
|
63 |
|
|
|
64 |
if($searchedWords[0]=="!") {
|
|
|
65 |
$negate=true;
|
|
|
66 |
$searchedWords=substr($searchedWords,1);
|
|
|
67 |
}
|
|
|
68 |
$returnValue=false;
|
|
|
69 |
$wordTab=preg_split ("/[\s,]+/", $searchedWords);
|
|
|
70 |
if($wordTab) {
|
|
|
71 |
for($i=0; $i<count($wordTab); $i++) {
|
|
|
72 |
if($currentWord=$wordTab[$i]) {
|
|
|
73 |
// test
|
|
|
74 |
if(($exactSearch ? $haystack==$currentWord : stristr ($haystack,$currentWord))) {
|
|
|
75 |
$returnValue=true;
|
|
|
76 |
break;
|
|
|
77 |
}
|
|
|
78 |
}
|
|
|
79 |
|
|
|
80 |
}
|
|
|
81 |
}
|
|
|
82 |
if($negate) {
|
|
|
83 |
Return (!$returnValue);
|
|
|
84 |
} else {
|
|
|
85 |
Return $returnValue;
|
|
|
86 |
}
|
|
|
87 |
}
|
|
|
88 |
|
|
|
89 |
// ****************************************************************************
|
|
|
90 |
// change lines to resolved items
|
|
|
91 |
// ****************************************************************************
|
|
|
92 |
function resolvAll() {
|
|
|
93 |
global $logFields,$infoTab,$resolvIp,$resolvService,$indexForProtocol,$infoTabOriginal;
|
|
|
94 |
for($i=0; $i<count($logFields); $i++)
|
|
|
95 |
{
|
|
|
96 |
if($resolvIp) {
|
|
|
97 |
if($logFields[$i][3]=="ip" && !strstr($infoTab[$logFields[$i][1]],"255")) {
|
|
|
98 |
$infoTab[$logFields[$i][1]]=gethostbyaddr($infoTab[$logFields[$i][1]]);
|
|
|
99 |
}
|
|
|
100 |
}
|
|
|
101 |
if($resolvService) {
|
|
|
102 |
if($logFields[$i][3]=="service") {
|
|
|
103 |
$currentProtocolIndex=$indexForProtocol;
|
|
|
104 |
$service=getservbyport($infoTab[$logFields[$i][1]],strtolower($infoTab[$currentProtocolIndex]));
|
|
|
105 |
if($service) {
|
|
|
106 |
$infoTabOriginal[$logFields[$i][1]]=$infoTab[$logFields[$i][1]];
|
|
|
107 |
$infoTab[$logFields[$i][1]]=$service;
|
|
|
108 |
}
|
|
|
109 |
}
|
|
|
110 |
}
|
|
|
111 |
}
|
|
|
112 |
}
|
|
|
113 |
|
|
|
114 |
|
|
|
115 |
// ****************************************************************************
|
|
|
116 |
// fgetrs : read line and put pointer at the begining
|
|
|
117 |
// ****************************************************************************
|
|
|
118 |
function fgetrs($fileHandle) {
|
|
|
119 |
while (ftell($fileHandle)>=0) {
|
|
|
120 |
|
|
|
121 |
$char = fgetc($fileHandle);
|
|
|
122 |
if (ftell($fileHandle)==1) {
|
|
|
123 |
fseek ($fileHandle,-1,SEEK_CUR);
|
|
|
124 |
return $char.$line;
|
|
|
125 |
}
|
|
|
126 |
|
|
|
127 |
if ($char == "\n" || ftell($fileHandle)==1) {
|
|
|
128 |
fseek ($fileHandle,-2,SEEK_CUR);
|
|
|
129 |
return $line;
|
|
|
130 |
}
|
|
|
131 |
else {
|
|
|
132 |
fseek ($fileHandle,-2,SEEK_CUR);
|
|
|
133 |
$line = $char . $line;
|
|
|
134 |
}
|
|
|
135 |
}
|
|
|
136 |
return $line;
|
|
|
137 |
}
|
|
|
138 |
|
|
|
139 |
?>
|