-- -- (C) 2013-16 - ntop.org -- dirs = ntop.getDirs() package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path if(ntop.isPro()) then package.path = dirs.installdir .. "/pro/scripts/lua/modules/?.lua;" .. package.path require "snmp_utils" end require "lua_utils" require "graph_utils" require "alert_utils" require "historical_utils" debug_hosts = false page = _GET["page"] protocol_id = _GET["protocol"] host_info = url2hostinfo(_GET) host_ip = host_info["host"] host_name = hostinfo2hostkey(host_info) host_vlan = host_info["vlan"] or 0 always_show_hist = _GET["always_show_hist"] ntopinfo = ntop.getInfo() active_page = "hosts" interface.select(ifname) ifstats = interface.getStats() ifId = ifstats.id is_packetdump_enabled = isLocalPacketdumpEnabled() host = nil family = nil prefs = ntop.getPrefs() local hostkey = hostinfo2hostkey(host_info, nil, true --[[ force show vlan --]]) if((host_name == nil) or (host_ip == nil)) then sendHTTPHeader('text/html; charset=iso-8859-1') ntop.dumpFile(dirs.installdir .. "/httpdocs/inc/header.inc") dofile(dirs.installdir .. "/scripts/lua/inc/menu.lua") print("
Host parameter is missing (internal error ?)
") return end if(_GET["flow_rate_alert_threshold"] ~= nil and _GET["csrf"] ~= nil) then if (tonumber(_GET["flow_rate_alert_threshold"]) ~= nil) then page = "config" val = ternary(_GET["flow_rate_alert_threshold"] ~= "0", _GET["flow_rate_alert_threshold"], "25") ntop.setCache('ntopng.prefs.'..host_name..':'..tostring(host_vlan)..'.flow_rate_alert_threshold', val) interface.loadHostAlertPrefs(host_ip, host_vlan) end end if(_GET["syn_alert_threshold"] ~= nil and _GET["csrf"] ~= nil) then if (tonumber(_GET["syn_alert_threshold"]) ~= nil) then page = "config" val = ternary(_GET["syn_alert_threshold"] ~= "0", _GET["syn_alert_threshold"], "10") ntop.setCache('ntopng.prefs.'..host_name..':'..tostring(host_vlan)..'.syn_alert_threshold', val) interface.loadHostAlertPrefs(host_ip, host_vlan) end end if(_GET["flows_alert_threshold"] ~= nil and _GET["csrf"] ~= nil) then if (tonumber(_GET["flows_alert_threshold"]) ~= nil) then page = "config" val = ternary(_GET["flows_alert_threshold"] ~= "0", _GET["flows_alert_threshold"], "32768") ntop.setCache('ntopng.prefs.'..host_name..':'..tostring(host_vlan)..'.flows_alert_threshold', val) interface.loadHostAlertPrefs(host_ip, host_vlan) end end if(protocol_id == nil) then protocol_id = "" end -- print(">>>") print(host_info["host"]) print("<<<") if(debug_hosts) then traceError(TRACE_DEBUG,TRACE_CONSOLE, "Host:" .. host_info["host"] .. ", Vlan: "..host_vlan.."\n") end host = interface.getHostInfo(host_info["host"], host_vlan) restoreFailed = false if((host == nil) and ((_GET["mode"] == "restore") or (page == "historical"))) then if(debug_hosts) then traceError(TRACE_DEBUG,TRACE_CONSOLE, "Restored Host Info\n") end interface.restoreHost(host_info["host"], host_vlan) host = interface.getHostInfo(host_info["host"], host_vlan) restoreFailed = true end only_historical = false if(host == nil) then if (rrd_exists(host_ip, "bytes.rrd") and always_show_hist == "true") then page = "historical" only_historical = true sendHTTPHeader('text/html; charset=iso-8859-1') ntop.dumpFile(dirs.installdir .. "/httpdocs/inc/header.inc") dofile(dirs.installdir .. "/scripts/lua/inc/menu.lua") print [[
]] else -- We need to check if this is an aggregated host if(not(restoreFailed) and (host_info ~= nil) and (host_info["host"] ~= nil)) then json = ntop.getCache(host_info["host"].. "." .. ifId .. ".json") end sendHTTPHeader('text/html; charset=iso-8859-1') ntop.dumpFile(dirs.installdir .. "/httpdocs/inc/header.inc") dofile(dirs.installdir .. "/scripts/lua/inc/menu.lua") print('
Host '.. hostinfo2hostkey(host_info) .. ' cannot be found. ') if((json ~= nil) and (json ~= "")) then print(' Click here to restore it from cache.\n') else print(purgedErrorString()) end print("
") dofile(dirs.installdir .. "/scripts/lua/inc/footer.lua") return end else sendHTTPHeader('text/html; charset=iso-8859-1') ntop.dumpFile(dirs.installdir .. "/httpdocs/inc/header.inc") dofile(dirs.installdir .. "/scripts/lua/inc/menu.lua") -- Added global javascript variable, in order to disable the refresh of pie chart in case -- of historical interface print('\n\n') if(host["ip"] ~= nil) then host_name = hostinfo2hostkey(host) host_info["host"] = host["ip"] end if(_GET["custom_name"] ~=nil) then setHostAltName(hostinfo2hostkey(host_info), _GET["custom_name"]) end host["label"] = getHostAltName(hostinfo2hostkey(host_info)) hostbase = dirs.workingdir .. "/" .. ifId .. "/rrd/" .. getPathFromKey(hostinfo2hostkey(host_info)) rrdname = hostbase .. "/bytes.rrd" -- print(rrdname) print [[
]] if((page == "overview") or (page == nil)) then print("\n") if(host["ip"] ~= nil) then if(host["mac"] ~= "00:00:00:00:00:00") then print("') end if((host["mac"] ~= "") and (info["version.enterprise_edition"])) then local ports = find_mac_snmp_ports(host["mac"]) if(ports ~= nil) then local rsps = 1 for host,port in pairs(ports) do rsps = rsps + 1 end if(rsps > 1) then print("\n") for host,port in pairs(ports) do print("") print("\n") end end end end if host.deviceIfIdx ~= nil and host.deviceIfIdx ~= 0 and ntop.isPro() then print("\n") end print("\n") end end if((host["city"] ~= nil) and (host["city"] ~= "")) then print(" [ " .. host["city"] .." "..getFlag(host["country"]).." ]") end drop_host_traffic = _GET["drop_host_traffic"] host_key = hostinfo2hostkey(host_info) if(drop_host_traffic ~= nil) then if(drop_host_traffic == "false") then ntop.delHashCache("ntopng.prefs.drop_host_traffic", host_key) else ntop.setHashCache("ntopng.prefs.drop_host_traffic", host_key, drop_host_traffic) end interface.updateHostTrafficPolicy(host_info["host"], host_vlan) else drop_host_traffic = ntop.getHashCache("ntopng.prefs.drop_host_traffic", host_key) if(drop_host_traffic == nil) then drop_host_traffic = "false" end end if(host["ip"] ~= nil) then print [[ ') end if(ifstats.vlan and (host["vlan"] ~= nil)) then print("\n") end if(ifstats.inline and (host.localhost or host.systemhost)) then print("') print('') end if((ifstats.inline and (host.localhost or host.systemhost)) or (host["os"] ~= "")) then print("") if(host["os"] ~= "") then print("\n") else print("\n") end if(ifstats.inline and (host.localhost or host.systemhost) and isAdministrator()) then if(_GET["host_quota"] ~= nil) then interface.select(ifname) -- if we submitted a form, nothing is select()ed interface.setHostQuota(tonumber(_GET["host_quota"]), host_info["host"], host_vlan) end host_quota_value = host["host_quota_mb"] if(_GET["host_quota"] ~= nil) then host_quota_value = _GET["host_quota"] end print [[') else print("") end end local labelKey = host_info["host"].."@"..host_info["vlan"] if(_GET["custom_icon"] ~=nil) then setHostIcon(labelKey, _GET["custom_icon"]) end if((host["asn"] ~= nil) and (host["asn"] > 0)) then print("") print('') print("\n") end if(host["ip"] ~= nil) then if(host["name"] == nil) then host["name"] = ntop.getResolvedAddress(host["ip"]) end print("") if(isAdministrator()) then print("\n") end if(host["ip"] ~= nil) then if(isAdministrator()) then print(" ]] end else -- print("") end if(host["num_alerts"] > 0) then print("\n") end print("\n") print("\n") if((host["bytes.sent"]+host["bytes.rcvd"]) > 0) then print("\n") end print("\n") local flows_th = "Recently Active Flows / Total" if interface.isPacketInterface() then if interface.isPcapDumpInterface() == false then flows_th = "Active Flows / Total Active / Low Goodput" else flows_th = "Flows / Total Active / Low Goodput" end end print("\n") print("") print("") if host["tcp.packets.seq_problems"] == true then print("\n") print("\n") print("\n") end if(host["json"] ~= nil) then print("\n") end print("
(Router) MAC Address" ..get_symbolic_mac(host["mac"]).. " "..getHostIcon(host["mac"]).."") else if(host["localhost"] == true and is_packetdump_enabled) then print("
Traffic Dump") end end if(host["localhost"] == true and is_packetdump_enabled) then dump_status = host["dump_host_traffic"] if(_GET["dump_traffic"] ~= nil) then if(_GET["dump_traffic"] == "true") then dump_status = true else dump_status = false end interface.select(ifname) -- if we submitted a form, nothing is select()ed interface.setHostDumpPolicy(dump_status, host_info["host"], host_vlan) end if(dump_status) then dump_traffic_checked = 'checked="checked"' dump_traffic_value = "false" -- Opposite else dump_traffic_checked = "" dump_traffic_value = "true" -- Opposite end if(isAdministrator()) then print [[
]] print[[]] print[[]] print(' Dump Traffic ') print('\n') print('
') end print('
Host SNMP LocationSNMP DeviceDevice Port
"..ntop.getResolvedAddress(host)..""..port.."
Device IP / Port Index".. host.deviceIP .."@"..host.deviceIfIdx.."
IP Address" .. host["ip"]) historicalProtoHostHref(getInterfaceId(ifname), host["ip"], nil, nil, nil) if(host["local_network_name"] ~= nil) then print(" [ ".. host["local_network_name"].." ]") end else if(host["mac"] ~= nil) then print("
MAC Address" .. host["mac"].. "
\n') print('
') print('
") if(ifstats.sprobe) then print('Source Id') else print('VLAN ID') end print(""..host["vlan"].."
Host Traffic Policy") print('
') if(host["l7_traffic_policy"] ~= nil) then print [[ ") end print('Modify Host Traffic Policy
') if(host["bridge.ingress_shaper_id"] ~= nil) then shaper_key = "ntopng.prefs.".. ifId ..".shaper_max_rate" ingress_max_rate = ntop.getHashCache(shaper_key, host["bridge.ingress_shaper_id"]) egress_max_rate = ntop.getHashCache(shaper_key, host["bridge.egress_shaper_id"]) print("

") print("") print("") print("
Ingress Policer"..maxRateToString(ingress_max_rate).."
Egress Policer"..maxRateToString(egress_max_rate).."
") end print('

') if(host["localhost"] == true) then drop_traffic = ntop.getHashCache("ntopng.prefs.drop_host_traffic", host_key) if(drop_traffic == "true") then drop_traffic_checked = 'checked="checked"' drop_traffic_value = "false" -- Opposite else drop_traffic_checked = "" drop_traffic_value = "true" -- Opposite end print('
') print[[]] print[[]] print(' Drop All Host Traffic') print('\n') print('
') else print(' ') end print('
OS "..mapOS2Icon(host["os"]) .. "
]] print[[]] print[[]] print('Host quota MB]]print('\n') print('
') print('
ASN") print(""..host.asname.." [ ASN ".. host.asn.." ]Whois Lookup
Name ") else print("") end if(host["ip"] == host["name"]) then print(" ") end print(host["name"] .. " ") if(host["localhost"] == true) then print('Local') else print('Remote') end if(host["privatehost"] == true) then print(' Private IP') end if(host["systemhost"] == true) then print(' System ') end print(getHostIcon(labelKey)) print("") print [[
]] print[[]] print[[]] print[[") pickIcon(labelKey) print [[  ]] print('\n') print [[
"..host_info["host"].."
Alerts "..host["num_alerts"] .. "
First / Last Seen" .. formatEpoch(host["seen.first"]) .. " [" .. secondsToTime(os.time()-host["seen.first"]) .. " ago]" .. "" .. formatEpoch(host["seen.last"]) .. " [" .. secondsToTime(os.time()-host["seen.last"]) .. " ago]" .. "
Sent vs Received Traffic Breakdown") breakdownBar(host["bytes.sent"], "Sent", host["bytes.rcvd"], "Rcvd", 0, 100) print("
Traffic Sent / Received" .. formatPackets(host["packets.sent"]) .. " / ".. bytesToSize(host["bytes.sent"]) .. " " .. formatPackets(host["packets.rcvd"]) .. " / ".. bytesToSize(host["bytes.rcvd"]) .. "
"..flows_th.."'As Client''As Server'
" .. formatValue(host["active_flows.as_client"]) .. " \n") print("/ " .. formatValue(host["flows.as_client"]) .. " \n") if interface.isPacketInterface() then print("/ " .. formatValue(host["low_goodput_flows.as_client"]) .. " \n") end print("" .. formatValue(host["active_flows.as_server"]) .. " \n") print("/ "..formatValue(host["flows.as_server"]) .. " \n") if interface.isPacketInterface() then print("/ " .. formatValue(host["low_goodput_flows.as_server"]) .. " \n") end print("
TCP Packets Sent AnalysisRetransmissions".. formatPackets(host["tcp.packets.retransmissions"]) .."
Out of Order".. formatPackets(host["tcp.packets.out_of_order"]) .."
Lost".. formatPackets(host["tcp.packets.lost"]) .."
JSON Download
\n") elseif((page == "packets")) then print [[ ]] if(host["bytes.sent"] > 0) then print('') end if(host["bytes.rcvd"] > 0) then print('') end hostinfo2json(host_info) print [[
Sent Distribution
Received Distribution

]] elseif((page == "ports")) then print [[ ]] if(host["bytes.sent"] > 0) then print('') end if(host["bytes.rcvd"] > 0) then print('') end hostinfo2json(host_info) print [[
Client Ports
Server Ports

]] elseif((page == "peers")) then host_info = url2hostinfo(_GET) flows = interface.getFlowPeers(host_info["host"], host_info["vlan"]) found = 0 for key, value in pairs(flows) do found = 1 break end if(found) then print [[
Top ]] print(hostinfo2hostkey(host_info) ) print [[ Peers
Top Peer Protocols

Host L7 Protocol Traffic Volume
]] else print(" No active flows have been observed for the specified host
") end elseif((page == "traffic")) then total = 0 for id, _ in ipairs(l4_keys) do k = l4_keys[id][2] if(host[k..".bytes.sent"] ~= nil) then total = total + host[k..".bytes.sent"] end if(host[k..".bytes.rcvd"] ~= nil) then total = total + host[k..".bytes.rcvd"] end end if(total == 0) then print("
No traffic has been observed for the specified host
") else print [[

]] print("

\n") for id, _ in ipairs(l4_keys) do label = l4_keys[id][1] k = l4_keys[id][2] sent = host[k..".bytes.sent"] if(sent == nil) then sent = 0 end rcvd = host[k..".bytes.rcvd"] if(rcvd == nil) then rcvd = 0 end if((sent > 0) or (rcvd > 0)) then print("\n") end end print("
L4 Protocol Overview
ProtocolSentReceivedBreakdownTotal
") fname = getRRDName(ifId, hostinfo2hostkey(host_info), k) if(not ntop.exists(fname)) then print("".. label .."") else print(label) end t = sent+rcvd historicalProtoHostHref(ifId, host, l4_keys[id][3], nil, nil) print("" .. bytesToSize(sent) .. "" .. bytesToSize(rcvd) .. "") breakdownBar(sent, "Sent", rcvd, "Rcvd", 0, 100) print("" .. bytesToSize(t).. "" .. round((t * 100)/total, 2).. " %
\n") print("\n") end elseif((page == "ndpi")) then if(host["ndpi"] ~= nil) then print [[

]] print("

Protocol Overview
\n") local direction_filter = "" local base_url = ntop.getHttpPrefix().."/lua/host_details.lua?ifname="..ifId.."&"..hostinfo2url(host_info).."&page=ndpi"; if(direction ~= nil) then direction_filter = '' end print('
') print('
') print [[ ]] print("\n") print ('\n') print ("") print("
Application ProtocolSentReceivedBreakdownTotal
\n") print [[ ]] end elseif(page == "activities") then print("\n") print [[ ]] -- Host activity stats if host["localhost"] == true then print [[ ]] -- showHostActivityStats(hostbase, "", "1h") end print("
Host Activity

Protocol Activity
User Traffic
Background Traffic
Resolution: 
]] if(ntop.getCache("ntopng.prefs.host_activity_rrd_creation") == "0") then print('Please enable Activities Timeseries preferences to save historical host activities.

') end print [[

NOTE:
The above map filters host application traffic by splitting it in real user reaffic (e.g. web page access)
and background traffic (e.g. your email client periodically checks for email presence). Host traffic sent (upload)
is marked as negative value in blue, traffic received (download) is marked as positive in green.

\n") elseif(page == "dns") then if(host["dns"] ~= nil) then print("\n") print("") print("") print("") print("") if(host["dns"]["sent"]["num_queries"] > 0) then print [[ ]] end print("") print("") print("") if(host["dns"]["rcvd"]["num_queries"] > 0) then print [[ ]] end print('\n') print("
DNS BreakdownQueriesPositive RepliesError RepliesReply Breakdown
Sent".. formatValue(host["dns"]["sent"]["num_queries"]) .." ".. formatValue(host["dns"]["sent"]["num_replies_ok"]) .." ".. formatValue(host["dns"]["sent"]["num_replies_error"]) .." ") breakdownBar(host["dns"]["sent"]["num_replies_ok"], "OK", host["dns"]["sent"]["num_replies_error"], "Error", 0, 100) print("
DNS Query Sent Distribution
Rcvd".. formatValue(host["dns"]["rcvd"]["num_queries"]) .." ".. formatValue(host["dns"]["rcvd"]["num_replies_ok"]) .." ".. formatValue(host["dns"]["rcvd"]["num_replies_error"]) .." ") breakdownBar(host["dns"]["rcvd"]["num_replies_ok"], "OK", host["dns"]["rcvd"]["num_replies_error"], "Error", 50, 100) print("
DNS Rcvd Query Distribution
Request vs Reply') breakdownBar(host["dns"]["sent"]["num_queries"], "Queries", host["dns"]["rcvd"]["num_replies_ok"]+host["dns"]["rcvd"]["num_replies_error"], "Replies", 30, 70) print('
\n") end elseif(page == "http") then if(http ~= nil) then print("\n") if(host["sites"] ~= nil) then old_top_len = table.len(host["sites.old"]) if(old_top_len > 10) then old_top_len = 10 end top_len = table.len(host["sites"]) if(top_len > 10) then top_len = 10 end if(old_top_len > top_len) then num = old_top_len else num = top_len end print("\n") sites = {} for k,v in pairsByValues(host["sites"], rev) do table.insert(sites, { k, v }) end sites_old = {} for k,v in pairsByValues(host["sites.old"], rev) do table.insert(sites_old, { k, v }) end for i=1,num do if(sites[i] == nil) then sites[i] = { "", 0 } end if(sites_old[i] == nil) then sites_old[i] = { "", 0 } end print("\n") else print(" \n") end if(sites_old[i][1] ~= "") then print("\n") else print(" \n") end end end print("") print("") print("") print("") print("") print("") print("") print("") print("") print("") print("") print("") print("") vh = http["virtual_hosts"] if(vh ~= nil) then local now = os.time() local ago1h = now - 3600 num = table.len(vh) if(num > 0) then local ifId = getInterfaceId(ifname) print("\n") for k,v in pairsByKeys(vh, asc) do local j = string.gsub(k, "%.", "___") print("") print("") print("") print("\n") end end end print("
Top Visited SitesCurrent SitesContactsLast 5 Minute SitesContacts
") if(sites[i][1] ~= "") then print(formatWebSite(sites[i][1])..""..sites[i][2].." "..formatWebSite(sites_old[i][1])..""..sites_old[i][2].."
 
HTTP QueriesMethodRequestsDistribution
GET".. formatValue(http["sender"]["query"]["num_get"]) .." ") print [[
]] print("
POST".. formatValue(http["sender"]["query"]["num_post"]) .."
HEAD".. formatValue(http["sender"]["query"]["num_head"]) .."
PUT".. formatValue(http["sender"]["query"]["num_put"]) .."
Other Method".. formatValue(http["sender"]["query"]["num_other"]) .."
 
HTTP ResponsesResponse codeResponsesDistribution
1xx (Informational)".. formatValue(http["receiver"]["response"]["num_1xx"]) .." ") print [[
]] print("
2xx (Success)".. formatValue(http["receiver"]["response"]["num_2xx"]) .."
3xx (Redirection)".. formatValue(http["receiver"]["response"]["num_3xx"]) .."
4xx (Client Error)".. formatValue(http["receiver"]["response"]["num_4xx"]) .."
5xx (Server Error)".. formatValue(http["receiver"]["response"]["num_5xx"]) .."
Virtual HostsNameTraffic SentTraffic ReceivedRequests Served
"..k.." ") historicalProtoHostHref(ifId, host, nil, nil, k) print(""..bytesToSize(vh[k]["bytes.sent"])..""..bytesToSize(vh[k]["bytes.rcvd"])..""..formatValue(vh[k]["http.requests"]).."
\n") end elseif(page == "flows") then print [[
]] end elseif(page == "categories") then print [[
Traffic Categories
NOTE:
  • Percentages are related only to classified traffic. ]] if ntop.getCache("ntopng.prefs.host_categories_rrd_creation") ~= "1" then print("
  • Historical per-category traffic data can be enabled via ntopng Preferences.") print(" When enabled, RRDs with 5-minute samples will be created for each category detected and historical data will become accessible by clicking on each category.
    • ") else print("
  • Category labels can be clicked to browse historical data.
    • ") end print [[
]] elseif(page == "snmp") then if(ntop.isPro()) then print_snmp_report(host_ip, true, ifId) end elseif(page == "talkers") then print("
") print('
') dofile(dirs.installdir .. "/scripts/lua/inc/sankey.lua") print("

") elseif(page == "geomap") then print("
") print [[
]] addGoogleMapsScript() print[[
]] ntop.dumpFile(dirs.installdir .. "/httpdocs/inc/geolocation_disclaimer.inc") print [[
]] elseif(page == "jaccard") then -- NOTE: code temporarely disabled print [[
]] jaccard = interface.similarHostActivity(host_info["host"],host_info["vlan"]) if(jaccard ~= nil) then print [[ ]] vals = {} for k,v in pairs(jaccard) do vals[v] = k end max_hosts = 10 n = 0 if(host["name"] == nil) then host["name"] = ntop.getResolvedAddress(host["ip"]) end for v,k in pairsByKeys(vals, rev) do if(v > 0) then if(n == 0) then print("\n") print("\n") end correlated_host = interface.getHostInfo(k) if(correlated_host ~= nil) then if(correlated_host["name"] == nil) then correlated_host["name"] = ntop.getResolvedAddress(correlated_host["ip"]) end -- print the host row together with the Jaccard coefficient print("") -- print("") print("") print(""); -- print the activity map row print(" ]] print("") n = n +1 if(n >= max_hosts) then break end end end end if(n > 0) then print("
Local Hosts Similar to ".. hostinfo2hostkey(host) .."Jaccard CoefficientActivity Map
"..correlated_host["name"]..""..hostinfo2hostkey(correlated_host)..""..round(v,2)..""); print(""); print [[
\n") else print("There is no host correlated to ".. hostinfo2hostkey(host).."

\n") end print [[ Note:

]] end elseif(page == "contacts") then if(num > 0) then mode = "embed" if(host["name"] == nil) then host["name"] = ntop.getResolvedAddress(host["ip"]) end name = host["name"] dofile(dirs.installdir .. "/scripts/lua/hosts_interaction.lua") print("\n") print("\n") print("") if(cnum == 0) then print("") else print("\n") end if(snum == 0) then print("") else print("\n") end print("\n") print("
Client Contacts (Initiator)Server Contacts (Receiver)
No client contacts so far\n") print("\n") -- TOFIX VLAN (We need to remove the host vlan and add the client vlan) -- Client sortTable = {} for k,v in pairs(host["contacts"]["client"]) do sortTable[v]=k end num = 0 max_num = 64 -- Do not create huge maps for _v,k in pairsByKeys(sortTable, rev) do if(num >= max_num) then break end num = num + 1 name = interface.getHostInfo(k) -- TOFIX VLAN (We need to remove the host vlan and add the client vlan) v = host["contacts"]["client"][k] info = interface.getHostInfo(k) if(info ~= nil) then if(info["name"] ~= nil) then n = info["name"] else n = ntop.getResolvedAddress(info["ip"]) end url = ""..n.."" else url = k end if(info ~= nil) then url = url .. getFlag(info["country"]).." " end -- print(v.."
") print("\n") end print("
Server AddressContacts
"..url.."" .. formatValue(v) .. "
No server contacts so far\n") print("\n") -- Server sortTable = {} for k,v in pairs(host["contacts"]["server"]) do sortTable[v]=k end for _v,k in pairsByKeys(sortTable, rev) do v = host["contacts"]["server"][k] info = interface.getHostInfo(k) if(info ~= nil) then if(info["name"] ~= nil) then n = info["name"] else n = ntop.getResolvedAddress(info["ip"]) end url = ""..n.."" else url = k end if(info ~= nil) then url = url ..getFlag(info["country"]).." " end print("\n") end print("
Client AddressContacts
"..url.."" .. formatValue(v) .. "
\n") else print("No contacts for this host") end elseif(page == "alerts") then checkDeleteStoredAlerts() local tab = _GET["tab"] local re_arm_minutes = nil print('') -- Before doing anything we need to check if we need to save values vals = { } alerts = "" to_save = false if((_GET["to_delete"] ~= nil) and (_GET["SaveAlerts"] == nil)) then delete_alert_configuration(hostkey, ifname) alerts = nil elseif tab ~= "alert_list" then for k,_ in pairs(alert_functions_description) do value = _GET["value_"..k] operator = _GET["operator_"..k] if((value ~= nil) and (operator ~= nil)) then --io.write("\t"..k.."\n") to_save = true value = tonumber(value) if(value ~= nil) then if(alerts ~= "") then alerts = alerts .. "," end alerts = alerts .. k .. ";" .. operator .. ";" .. value else if ntop.isPro() then ntop.withdrawNagiosAlert(host_ip, tab, k, "OK, alarm not installed") end end end end --print(alerts) if(to_save) then refresh_alert_configuration(hostkey, ifname, tab, alerts) if(alerts == "") then ntop.delHashCache(get_alerts_hash_name(tab, ifname), hostkey) else ntop.setHashCache(get_alerts_hash_name(tab, ifname), hostkey, alerts) end else alerts = ntop.getHashCache(get_alerts_hash_name(tab, ifname), hostkey) end if _GET["re_arm_minutes"] then ntop.setHashCache(get_re_arm_alerts_hash_name(tab), "ifid_"..tostring(ifId).."_"..hostkey, _GET["re_arm_minutes"]) end re_arm_minutes = ntop.getHashCache(get_re_arm_alerts_hash_name(tab), "ifid_"..tostring(ifId).."_"..hostkey) if not re_arm_minutes then re_arm_minutes="" end end if(alerts ~= nil) then --print(alerts) --tokens = string.split(alerts, ",") tokens = split(alerts, ",") --print(tokens) if(tokens ~= nil) then for _,s in pairs(tokens) do t = string.split(s, ";") --print("-"..t[1].."-") if(t ~= nil) then vals[t[1]] = { t[2], t[3] } end end end end if tab == "alert_list" then _GET["entity"] = "host" _GET["entity_val"] = hostkey _GET["host"] = host_ip _GET["vlan"] = host_vlan _GET["ifname"] = ifId drawAlertTables(num_alerts, num_engaged_alerts, 0, _GET) else print [[ ]] print('\n') print("\n") print("\n") for k,v in pairsByKeys(alert_functions_description, asc) do print("\n") end print [[
Alert FunctionThreshold
"..k.."\n") print("\n") print("\n\n") print("
"..v.."\n") print("
Rearm minutes
The rearm is the dead time between one alert generation and the potential generation of the next alert of the same kind.
[ Delete All Host Configured Alerts ]
]] end -- closes tab ~= "alert_list" elseif (page == "config") then if(isAdministrator()) then trigger_alerts = _GET["trigger_alerts"] if(trigger_alerts ~= nil) then if(trigger_alerts == "true") then ntop.delHashCache(get_alerts_suppressed_hash_name(ifname), hostkey) interface.enableHostAlerts(host_ip, host_vlan) else ntop.setHashCache(get_alerts_suppressed_hash_name(ifname), hostkey, trigger_alerts) interface.disableHostAlerts(host_ip, host_vlan) end end end local flow_rate_alert_thresh = 'ntopng.prefs.'..host_ip..':'..tostring(host_vlan)..'.flow_rate_alert_threshold' local syn_alert_thresh = 'ntopng.prefs.'..host_ip..':'..tostring(host_vlan)..'.syn_alert_threshold' local flows_alert_thresh = 'ntopng.prefs.'..host_ip..':'..tostring(host_vlan)..'.flows_alert_threshold' if _GET["flow_rate_alert_threshold"] ~= nil and _GET["flow_rate_alert_threshold"] ~= "" then ntop.setPref(flow_rate_alert_thresh, _GET["flow_rate_alert_threshold"]) flow_rate_alert_thresh = _GET["flow_rate_alert_threshold"] else local v = ntop.getPref(flow_rate_alert_thresh) if v ~= nil and v ~= "" then flow_rate_alert_thresh = v else flow_rate_alert_thresh = 25 end end if _GET["syn_alert_threshold"] ~= nil and _GET["syn_alert_threshold"] ~= "" then ntop.setPref(syn_alert_thresh, _GET["syn_alert_threshold"]) syn_alert_thresh = _GET["syn_alert_threshold"] else local v = ntop.getPref(syn_alert_thresh) if v ~= nil and v ~= "" then syn_alert_thresh = v else syn_alert_thresh = 10 end end if _GET["flows_alert_threshold"] ~= nil and _GET["flows_alert_threshold"] ~= "" then ntop.setPref(flows_alert_thresh, _GET["flows_alert_threshold"]) flows_alert_thresh = _GET["flows_alert_threshold"] else local v = ntop.getPref(flows_alert_thresh) if v ~= nil and v ~= "" then flows_alert_thresh = v else flows_alert_thresh = 32768 end end print("\n") print("\n") print [[ ]] print("\n") print [[ ]] print("\n") print [[ ]] local suppressAlerts = ntop.getHashCache(get_alerts_suppressed_hash_name(ifname), hostkey) if((suppressAlerts == "") or (suppressAlerts == nil) or (suppressAlerts == "true")) then alerts_checked = 'checked="checked"' alerts_value = "false" -- Opposite else alerts_checked = "" alerts_value = "true" -- Opposite end print [[ ') print [[]] print("
Host Flow Alert Threshold]] print[[
]] print[[]] print[[]] print('\n') print('  
Max number of new flows/sec over which a host is considered a flooder. Default: 25.
]] print[[
Host SYN Alert Threshold]] print[[
]] print[[]] print[[]] print('\n') print [[  
Max number of sent TCP SYN packets/sec over which a host is considered a flooder. Default: 10.
]] print[[
Host Flows Threshold]] print[[
]] print[[]] print[[]] print('\n') print [[  
Max number of flows over which a host is considered a flooder. Default: 32768.
]] print[[
Host Alerts
]] print[[]] print[[]] print(' Trigger alerts for host '..host_ip..'') print('\n') print('') print('
') print('
") elseif(page == "historical") then if(_GET["rrd_file"] == nil) then rrdfile = "bytes.rrd" else rrdfile=_GET["rrd_file"] end host_url = "host="..host_ip host_key = host_ip if(host_vlan and (host_vlan > 0)) then host_url = host_url.."&vlan="..host_vlan host_key = host_key.."@"..host_vlan end drawRRD(ifId, host_key, rrdfile, _GET["graph_zoom"], ntop.getHttpPrefix()..'/lua/host_details.lua?ifname='..ifId..'&'..host_url..'&page=historical', 1, _GET["epoch"], nil, makeTopStatsScriptsArray()) elseif(page == "traffic_report") then dofile(dirs.installdir .. "/pro/scripts/lua/enterprise/traffic_report.lua") elseif(page == "sprobe") then print [[
]] print [[
Show :
Aggregated by :


Top Users
]] print [[
Show :
Aggregated by :


Top Processes
]] print [[
Show :
Aggregated by :


Processes Traffic Tree
Mouse over to show the process information or double click to show more information.
]] print [[
]] print [[ ]] -- End Sprobe Page end end if (host ~= nil) then print [[ ]] end dofile(dirs.installdir .. "/scripts/lua/inc/footer.lua")