diff --git a/include/Paginator.h b/include/Paginator.h index 5ce285227d..2eb0abecb1 100644 --- a/include/Paginator.h +++ b/include/Paginator.h @@ -37,7 +37,9 @@ class Paginator { u_int8_t ip_version /* Either 4 or 6 */; int8_t unicast_traffic, unidirectional_traffic, alerted_flows, filtered_flows; u_int32_t deviceIP; - u_int16_t inIndex, outIndex; + u_int16_t inIndex, outIndex; + u_int16_t pool_filter; + u_int8_t *mac_filter; DetailsLevel details_level; bool details_level_set; LocationPolicy client_mode; @@ -98,6 +100,14 @@ class Paginator { if(outIndex) { (*f) = outIndex; return true; } return false; } + inline bool poolFilter(u_int16_t *f) const { + if(pool_filter != ((u_int16_t)-1)) { (*f) = pool_filter; return true; } return false; + } + + inline bool macFilter(u_int8_t **f) const { + if(mac_filter) { (*f) = mac_filter; return true; } return false; + } + inline bool clientMode(LocationPolicy *f) const { if(client_mode) { (*f) = client_mode; return true; } return false; } diff --git a/src/NetworkInterface.cpp b/src/NetworkInterface.cpp index c5e4a2b9ac..e2f0778860 100644 --- a/src/NetworkInterface.cpp +++ b/src/NetworkInterface.cpp @@ -2979,8 +2979,9 @@ static bool flow_search_walker(GenericHashEntry *h, void *user_data) { int ndpi_proto; u_int16_t port; int16_t local_network_id; - u_int16_t vlan_id; + u_int16_t vlan_id = 0, pool_filter; u_int8_t ip_version; + u_int8_t *mac_filter; LocationPolicy client_policy; LocationPolicy server_policy; bool unicast, unidirectional, alerted_flows; @@ -3084,6 +3085,20 @@ static bool flow_search_walker(GenericHashEntry *h, void *user_data) { && (f->get_srv_host() && (!f->get_srv_host()->get_ip()->isMulticastAddress() && !f->get_srv_host()->get_ip()->isBroadcastAddress())))))) return(false); /* false = keep on walking */ + /* Pool filter */ + if(retriever->pag + && retriever->pag->poolFilter(&pool_filter) + && !((f->get_cli_host() && f->get_cli_host()->get_host_pool() == pool_filter) + || (f->get_srv_host() && f->get_srv_host()->get_host_pool() == pool_filter))) + return(false); /* false = keep on walking */ + + /* Mac filter - NOTE: must stay below the vlan_id filter */ + if(retriever->pag + && retriever->pag->macFilter(&mac_filter) + && !((f->get_cli_host() && f->get_cli_host()->getMac() && f->get_cli_host()->getMac()->equal(vlan_id, mac_filter)) + || (f->get_srv_host() && f->get_srv_host()->getMac() && f->get_srv_host()->getMac()->equal(vlan_id, mac_filter)))) + return(false); /* false = keep on walking */ + retriever->elems[retriever->actNumEntries].flow = f; if(f->match(retriever->allowed_hosts)) { diff --git a/src/Paginator.cpp b/src/Paginator.cpp index 5efa0851fe..2685ec210c 100644 --- a/src/Paginator.cpp +++ b/src/Paginator.cpp @@ -47,6 +47,8 @@ Paginator::Paginator() { unidirectional_traffic = -1; alerted_flows = -1; filtered_flows = -1; + pool_filter = ((u_int16_t)-1); + mac_filter = NULL; deviceIP = inIndex = outIndex = 0; @@ -68,6 +70,7 @@ Paginator::~Paginator() { if(sort_column) free(sort_column); if(country_filter) free(country_filter); if(host_filter) free(host_filter); + if(mac_filter) free(mac_filter); } /* **************************************************** */ @@ -131,6 +134,11 @@ void Paginator::readOptions(lua_State *L, int index) { details_level = details_max; details_level_set = true; } + } else if(!strcmp(key, "macFilter")) { + const char* value = lua_tostring(L, -1); + if(mac_filter) free(mac_filter); + mac_filter = (u_int8_t *) malloc(6); + Utils::parseMac(mac_filter, value); } //else //ntop->getTrace()->traceEvent(TRACE_ERROR, "Invalid string type (%s) for option %s", lua_tostring(L, -1), key); break; @@ -154,6 +162,8 @@ void Paginator::readOptions(lua_State *L, int index) { outIndex = lua_tointeger(L, -1); else if(!strcmp(key, "ipVersion")) ip_version = lua_tointeger(L, -1); + else if(!strcmp(key, "poolFilter")) + pool_filter = lua_tointeger(L, -1); //else //ntop->getTrace()->traceEvent(TRACE_ERROR, "Invalid int type (%d) for option %s", lua_tointeger(L, -1), key); break;