1. Dashboard
  2. Articles
  3. Forum
    1. Unresolved Threads
  4. Members
    1. Recent Activities
    2. Users Online
  5. Community vs. Enterprise
  • Login
  • Register
  • Search
This Thread
  • Everywhere
  • This Thread
  • This Forum
  • Articles
  • Forum
  • Pages
  • More Options
  1. efw-forum - Endian Firewall Support Forum
  2. Forum
  3. Tips,Tricks, HowTo´s, MODs
  4. Tips, Links

iptstate problem / fehler / verbesserung

  • Preussal
  • January 24, 2011 at 7:21 PM
  • Preussal
    Student
    Posts
    79
    • January 24, 2011 at 7:21 PM
    • #1

    Hallo,

    unter dem Menüpunkt Statsu --> Verbindungen kann man ja eine liste der aktiven Verbindungen sehen.
    Diese wird mit dem cgi Script connections.cgi generiert was eigentlich nur das Programm "iptstate -s -R -bt" aufruft.

    mir ist jetzt aufgefallen das ich da ein Haufen angeblicher Verbindungen hab die die erst in "112:43:03" verschwinden werden.

    Lustiger weise sind diese Verbindungen schon längst weg bzw. werden von dem dahinter liegenden Server gar nicht mehr gehalten.
    anscheinend ist da irgendwo der wurm drin.

    mit

    Quote

    /usr/sbin/conntrack -F


    lässt dich das ganze leeren, somit hat man wenigstens eine saubere Tabelle falls das ganze wieder hängt

    schön wäre auch noch wenn man das cgi script erweitern könnte mit einer Suchfunktion.
    das man eine ip eingeben kann und nur diese gesucht wird.
    würde mit "iptstate -s -R -bt -D 127.0.0.1" gehen dann werden nur Verbindungen angezeigt die source IP 127.0.0.1 haben.

    http://xen-admin.de

    Edited once, last by Preussal (January 24, 2011 at 9:48 PM).

  • Preussal
    Student
    Posts
    79
    • January 24, 2011 at 9:45 PM
    • #2

    also ich bin jetzt kein Perl Gott oder so aber ich hab da jetzt mal ne Sortierung eingebaut

    Inhalt meiner /home/httpd/cgi-bin/connections.cgi

    Perl
    #!/usr/bin/perl
    #
    # (c) 2001 Jack Beglinger <jackb_guppy@yahoo.com>
    #
    # (c) 2003 Dave Roberts <countzerouk@hotmail.com> - colour coded netfilter/iptables rewrite for 1.3
    #
    # $Id: connections.cgi,v 1.6.2.4 2004/10/07 07:24:07 eoberlander Exp $
    #
    
    
    # Setup GREEN, ORANGE, IPCOP, VPN CIDR networks, masklengths and colours only once
    
    
    my @network;
    my @masklen;
    my @colour;
    
    
    use Net::IPv4Addr qw( :all );
    
    
    require '/var/efw/header.pl';
    
    
    &getcgihash(\%par);
    
    
    # Read various files
    
    
    my %netsettings;
    &readhash("${swroot}/ethernet/settings", \%netsettings);
    
    
    # Add Green Firewall Interface
    push(@network, $netsettings{'GREEN_ADDRESS'});
    push(@masklen, "255.255.255.255" );
    push(@colour, $colourfw );
    
    
    # Add Green Network to Array
    push(@network, $netsettings{'GREEN_NETADDRESS'});
    push(@masklen, $netsettings{'GREEN_NETMASK'} );
    push(@colour, $colourgreen );
    
    
    # Add Green Routes to Array
    my @routes = `/sbin/route -n | /bin/grep $netsettings{'GREEN_DEV'}`;
    foreach my $route (@routes) {
            chomp($route);
            my @temp = split(/[\t ]+/, $route);
            push(@network, $temp[0]);
            push(@masklen, $temp[2]);
            push(@colour, $colourgreen );
    }
    
    
    # Add Firewall Localhost 127.0.0.1
    push(@network, '127.0.0.1');
    push(@masklen, '255.255.255.255' );
    push(@colour, $colourfw );
    
    
    push(@network, '127.0.0.2');
    push(@masklen, '255.255.255.255' );
    push(@colour, $colourfw );
    
    
    # Add Orange Network
    if (orange_used()) {
            push(@network, $netsettings{'ORANGE_NETADDRESS'});
            push(@masklen, $netsettings{'ORANGE_NETMASK'} );
            push(@colour, $colourorange );
            # Add Orange Routes to Array
            @routes = `/sbin/route -n | /bin/grep $netsettings{'ORANGE_DEV'}`;
            foreach my $route (@routes) {
                    chomp($route);
                    my @temp = split(/[\t ]+/, $route);
                    push(@network, $temp[0]);
                    push(@masklen, $temp[2]);
                    push(@colour, $colourorange );
            }
    }
    
    
    # Add Blue Network
    if (blue_used()) {
            push(@network, $netsettings{'BLUE_NETADDRESS'});
            push(@masklen, $netsettings{'BLUE_NETMASK'} );
            push(@colour, $colourblue );
            # Add Blue Routes to Array
            @routes = `/sbin/route -n | /bin/grep $netsettings{'BLUE_DEV'}`;
            foreach my $route (@routes) {
                    chomp($route);
                    my @temp = split(/[\t ]+/, $route);
                    push(@network, $temp[0]);
                    push(@masklen, $temp[2]);
                    push(@colour, $colourblue );
            }
    }
    
    
    # add openvpn tunnels
    my $tunnels = get_taps();
    foreach my $taps (@$tunnels) {
        my $tun = $taps->{'tap'};
        my @routes = `/sbin/route -n | /bin/grep $tun`;
        foreach my $route (@routes) {
            chomp($route);
            my @temp = split(/[\t ]+/, $route);
            push(@network, $temp[0]);
            push(@masklen, $temp[2]);
            push(@colour, $colourvpn);
        }
    }
    
    
    # add remote openvpn networks
    if (-f "${swroot}/openvpn/enable") {
        my %openvpnsettings=();
        &readhash("${swroot}/openvpn/settings", \%openvpnsettings);
        my @routes = `/sbin/route -n | /bin/grep $openvpnsettings{'PURPLE_DEVICE'}`;
        foreach my $route (@routes) {
            chomp($route);
            my @temp = split(/[\t ]+/, $route);
            push(@network, $temp[0]);
            push(@masklen, $temp[2]);
            push(@colour, $colourvpn);
        }
    }
    
    
    my $uplinksref = get_uplinks();
    foreach my $uplink (@$uplinksref) {
        next if (! -f "${swroot}/uplinks/$uplink/active");
        next if (! -f "${swroot}/uplinks/$uplink/data");
        my %hash;
        readhash("${swroot}/uplinks/$uplink/data", \%hash);
        my $ip = $hash{'ip_address'};
        next if ($ip =~ /^$/);
    
    
        push(@network, $ip);
        push(@masklen, '255.255.255.255' );
        push(@colour, $colourfw );
    }
    
    
    &showhttpheaders();
    if($par{'action'} ne 'reload') {
        &openpage(_('Connections'), 1, '');
        &openbigbox($errormessage, $warnmessage, $notemessage);
        &openbox('100%', 'left', _('IPTables connection tracking'));
    }
    
    
    # Edit Start
    $buffer = $ENV{'QUERY_STRING'};
    @pairs = split(/&/, $buffer);
    foreach $pair (@pairs){
            ($name, $value) = split(/=/, $pair);
            $value =~ tr/+/ /;
            $value =~ s/%(..)/pack("C", hex($1))/eg;
            $FORM{$name} = $value;
    }
    
    
    $sortby  = $FORM{sortby};
    $asc  = $FORM{asc};
    
    
    if($par{'action'} ne 'reload') {
    
    
            if (!defined ($buffer)){
                printf <<END
                    <script type="text/javascript">
                        function loadConnections() {
                            \$('#connections').load('/cgi-bin/connections.cgi', {action: 'reload'});
                        }
    
    
                        \$(document).ready(function() {
                            var itvl = setInterval("loadConnections()", 1000*5);
                        });
                    </script>
    END
    ;
            }else{
                printf <<END
                    <script type="text/javascript">
                        function loadConnections() {
                            \$('#connections').load('/cgi-bin/connections.cgi?sortby=$sortby&asc=$asc', {action: 'reload'});
                        }
    
    
                        \$(document).ready(function() {
                            var itvl = setInterval("loadConnections()", 1000*5);
                        });
                    </script>
    END
    ;
            }
    }
    # Edit Ende
    
    
    if($par{'action'} ne 'reload') {
        print '<div id="connections">'
    }
    
    
    printf <<END
    <table width='100%'>
    <tr><td align='center'><b>%s: </b></td>
         <td align='center' bgcolor='$colourgreen'><b><font color='#FFFFFF'>%s</font></b></td>
         <td align='center' bgcolor='$colourred'><b><font color='#FFFFFF'>%s</font></b></td>
         <td align='center' bgcolor='$colourorange'><b><font color='#FFFFFF'>%s</font></b></td>
         <td align='center' bgcolor='$colourblue'><b><font color='#FFFFFF'>%s</font></b></td>
         <td align='center' bgcolor='$colourfw'><b><font color='#FFFFFF'>%s</font></b></td>
         <td align='center' bgcolor='$colourvpn'><b><font color='#FFFFFF'>%s</font></b></td>
    </tr>
    </table>
    
    
    
    
    <table cellpadding='2' width="100%">
      <tr>
        <td align='center'><b>%s</b></td>
        <td align='center'><b>%s</b></td>
        <td align='center'><b>%s</b></td>
        <td align='center'><b>%s</b></td>
        <td align='center'><b>%s</b></td>
        <td align='center'><b>%s</b></td>
        <td align='center'><b>%s</b></td>
      </tr>
    END
    ,
    _('Legend'),
    _('LAN'),
    _('INTERNET'),
    _('DMZ'),
    _('Wireless'),
    $brand.' '.$product,
    _('VPN (IPsec)'),
    _('Source IP'." <a href='/cgi-bin/connections.cgi?sortby=souce&asc=1'><b>ASC</b></a> <a href='/cgi-bin/connections.cgi?sortby=sourc&asc=0'><b>DESC</b></a>"),
    _('Source port'),
    _('Destination IP'." <a href='/cgi-bin/connections.cgi?sortby=desti&asc=1'><b>ASC</b></a> <a href='/cgi-bin/connections.cgi?sortby=desti&asc=0'><b>DESC</b></a>"),
    _('Destination port'),
    _('Protocol'),
    _('Status'." <a href='/cgi-bin/connections.cgi?sortby=state&asc=1'><b>ASC</b></a> <a href='/cgi-bin/connections.cgi?sortby=state&asc=0'><b>DESC</b></a>"),
    _('Expires'." <a href='/cgi-bin/connections.cgi?sortby=ttl&asc=1'><b>ASC</b></a> <a href='/cgi-bin/connections.cgi?sortby=ttl&asc=0'><b>DESC</b></a>")
    
    
    ;
    # Edit Start
    if ($sortby eq 'desti'){
            $sort_by = "d";
    }elsif ($sortby eq 'sourc'){
            $sort_by = "";
    }elsif ($sortby eq 'state'){
            $sort_by = "s";
    }elsif ($sortby eq 'ttl'){
            $sort_by = "t";
    }else{
            $sort_by = "t";
    }
    
    
    if ($asc eq '1'){
            $ausfueren = 'sudo iptstate -s -b'.$sort_by;
    }else{
            $ausfueren = 'sudo iptstate -s -R -b'.$sort_by;
    }
    #print $ausfueren;
    
    
    my @active = `$ausfueren`;
    #my @active = `sudo iptstate -s -R -bt`;
    #Edit Ende
    
    
    #open (ACTIVE, "/proc/net/ipsec_eroute");
    #my @vpn = <ACTIVE>;
    #close (ACTIVE);
    
    
    
    
    my $i=0;
    foreach my $line (@active) {
        $i++;
        if ($i < 3) {
            next;
        }
        chomp($line);
        my @temp = split(' ',$line);
    
    
        my ($sip, $sport) = split(':', $temp[0]);
        my ($dip, $dport) = split(':', $temp[1]);
        my $proto = $temp[2];
        my $state = $temp[3];
        my $ttl = $temp[4];
    
    
        if (($proto eq 'udp') && ($ttl eq '')) {
            $ttl = $state;
            $state = '&nbsp;';
        }
    
    
        my $sipcol = ipcolour($sip);
        my $dipcol = ipcolour($dip);
    
    
        my $sserv = '';
        if ($sport < 1024) {
            $sserv = uc(getservbyport($sport, lc($proto)));
            if ($sserv ne '') {
                $sserv = "&nbsp($sserv)";
            }
        }
    
    
        my $dserv = '';
        if ($dport < 1024) {
            $dserv = uc(getservbyport($dport, lc($proto)));
            if ($dserv ne '') {
                $dserv = "&nbsp($dserv)";
            }
        }
    
    
        printf <<END
        <tr class='odd'>
          <td align='center' bgcolor='$sipcol'>
            <a href='/cgi-bin/ipinfo.cgi?ip=$sip'>
              <font color='#FFFFFF'>$sip</font>
            </a>
          </td>
          <td align='center' bgcolor='$sipcol'>
            <a href='http://isc.sans.org/port_details.php?port=$sport' target='top'>
              <font color='#FFFFFF'>$sport$sserv</font>
            </a>
          </td>
          <td align='center' bgcolor='$dipcol'>
            <a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
              <font color='#FFFFFF'>$dip</font>
            </a>
          </td>
          <td align='center' bgcolor='$dipcol'>
            <a href='http://isc.sans.org/port_details.php?port=$dport' target='top'>
              <font color='#FFFFFF'>$dport$dserv</font>
            </a>
          </td>
          <td align='center'>$proto</td>
          <td align='center'>$state</td>
          <td align='center'>$ttl</td>
        </tr>
    END
    ;
    }
    
    
    print '</table>';
    
    
    if($par{'action'} ne 'reload') {
        print '</div>';
    }
    
    
    if($par{'action'} ne 'reload') {
        &closebox();
        &closebigbox();
        &closepage();
    }
    
    
    sub ipcolour($) {
            my $id = 0;
            my $line;
            my $colour = $colourred;
            my ($ip) = $_[0];
            my $found = 0;
            foreach my $line (@network)
            {
                    if (!$found && ipv4_in_network( $network[$id] , $masklen[$id], $ip) ) {
                            $found = 1;
                            $colour = $colour[$id];
                    }
                    $id++;
            }
            return $colour
    }
    Display More

    Übernehme keine Garantie


    Schaut dann so aus

    Images

    • Unbenannt.JPG
      • 71.16 kB
      • 780 × 362

    http://xen-admin.de

Unterstützt von

  1. Privacy Policy
  2. Legal Notice
Powered by WoltLab Suite™