-- -- (C) 2013-16 - ntop.org -- dirs = ntop.getDirs() package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path if((dirs.scriptdir ~= nil) and (dirs.scriptdir ~= "")) then package.path = dirs.scriptdir .. "/lua/modules/?.lua;" .. package.path end if ntop.isPro() then package.path = dirs.installdir .. "/scripts/lua/pro/modules/?.lua;" .. package.path package.path = dirs.installdir .. "/pro/scripts/callbacks/?.lua;" .. package.path require "common" local json = require "dkjson" end require "lua_utils" require "prefs_utils" require "graph_utils" require "alert_utils" require "db_utils" sendHTTPHeader('text/html; charset=iso-8859-1') page = _GET["page"] if_name = _GET["if_name"] ifid = (_GET["id"] or _GET["ifId"]) msg = "" function inline_input_form(name, placeholder, tooltip, value, can_edit, input_opts, input_clss) print [[
') print('\n') if(can_edit) then print(' ]] else if(value ~= nil) then print(value) end end print("
\n") end if(_GET["switch_interface"] ~= nil) then -- First switch interfaces so the new cookie will have effect ifname = interface.setActiveInterfaceId(tonumber(ifid)) --print("@"..ifname.."="..id.."@") if((ifname ~= nil) and (_SESSION["session"] ~= nil)) then key = getRedisPrefix("ntopng.prefs") .. ".ifname" ntop.setCache(key, ifname) msg = "
The selected interface " .. getHumanReadableInterfaceName(ifid) msg = msg .. " [id: ".. ifid .."] is now active
" ntop.setCache(getRedisPrefix("ntopng.prefs")..'.iface', ifid) else msg = "
Error while switching interfaces
" if(_SESSION["session"] == nil) then msg = msg .."
Empty session
" end end end -- parse interface names and possibly fall back to the selected interface: -- priority goes to the interface id if ifid ~= nil and ifid ~= "" then if_name = getInterfaceName(ifid) -- if not interface id is specified we look for the interface name elseif if_name ~= nil and if_name ~= "" then ifid = tostring(interface.name2id(if_name)) -- finally, we fall back to the default selected interface name else -- fall-back to the default interface if_name = ifname ifid = interface.name2id(ifname) end interface.select(if_name) -- local pcap dump is disabled if the nbox integration is enabled or -- if the user is not an administrator or if the interface: -- is a view -- is not a packet interface (i.e., it is zmq) is_packetdump_enabled = isLocalPacketdumpEnabled() is_packet_interface = interface.isPacketInterface() shaper_key = "ntopng.prefs."..ifid..".shaper_max_rate" ifstats = interface.getStats() if (isAdministrator()) then if(_GET["custom_name"] ~=nil) then if(_GET["csrf"] ~= nil) then -- TODO move keys to new schema: replace ifstats.name with ifid ntop.setCache('ntopng.prefs.'..ifstats.name..'.name',_GET["custom_name"]) end end if(_GET["scaling_factor"] ~= nil) then if(_GET["csrf"] ~= nil) then local sf = tonumber(_GET["scaling_factor"]) if(sf == nil) then sf = 1 end ntop.setCache(getRedisIfacePrefix(ifid)..'.scaling_factor',tostring(sf)) interface.loadScalingFactorPrefs() end end if is_packetdump_enabled then if(_GET["dump_all_traffic"] ~= nil and _GET["csrf"] ~= nil) then page = "packetdump" ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_all_traffic',_GET["dump_all_traffic"]) end if(_GET["dump_traffic_to_tap"] ~= nil and _GET["csrf"] ~= nil) then page = "packetdump" ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_tap',_GET["dump_traffic_to_tap"]) end if(_GET["dump_traffic_to_disk"] ~= nil and _GET["csrf"] ~= nil) then page = "packetdump" ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_disk',_GET["dump_traffic_to_disk"]) end if(_GET["dump_unknown_to_disk"] ~= nil and _GET["csrf"] ~= nil) then page = "packetdump" ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_unknown_disk',_GET["dump_unknown_to_disk"]) end if(_GET["dump_security_to_disk"] ~= nil and _GET["csrf"] ~= nil) then page = "packetdump" ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_security_disk',_GET["dump_security_to_disk"]) end if(_GET["sampling_rate"] ~= nil and _GET["csrf"] ~= nil) then if(tonumber(_GET["sampling_rate"]) ~= nil) then page = "packetdump" val = ternary(_GET["sampling_rate"] ~= "0", _GET["sampling_rate"], "1") ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_sampling_rate', val) end end if(_GET["max_pkts_file"] ~= nil and _GET["csrf"] ~= nil) then if(tonumber(_GET["max_pkts_file"]) ~= nil) then page = "packetdump" ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_max_pkts_file',_GET["max_pkts_file"]) end end if(_GET["max_sec_file"] ~= nil and _GET["csrf"] ~= nil) then if(tonumber(_GET["max_sec_file"]) ~= nil) then page = "packetdump" ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_max_sec_file',_GET["max_sec_file"]) end end if(_GET["max_files"] ~= nil and _GET["csrf"] ~= nil) then if(tonumber(_GET["max_files"]) ~= nil) then page = "packetdump" local max_files_size = tonumber(_GET["max_files"]) max_files_size = max_files_size * 1000000 ntop.setCache('ntopng.prefs.'..ifstats.name..'.dump_max_files', tostring(max_files_size)) end end interface.loadDumpPrefs() end end ntop.dumpFile(dirs.installdir .. "/httpdocs/inc/header.inc") print("") active_page = "if_stats" dofile(dirs.installdir .. "/scripts/lua/inc/menu.lua") print(msg) rrdname = fixPath(dirs.workingdir .. "/" .. ifstats.id .. "/rrd/bytes.rrd") url = ntop.getHttpPrefix()..'/lua/if_stats.lua?id=' .. ifid -- Added global javascript variable, in order to disable the refresh of pie chart in case -- of historical interface print('\n\n') print [[ ]] if((page == "overview") or (page == nil)) then print("\n") print("\n") if interface.isPcapDumpInterface() == false then print("\n") end if(ifstats["remote.name"] ~= nil) then print("") if(ifstats["remote.if_addr"] ~= "") then print("") end if(ifstats["probe.ip"] ~= "") then print("") end if(ifstats["probe.public_ip"] ~= "") then print("\n") else print("\n") end print("\n") end local is_physical_iface = (interface.isPacketInterface()) and (interface.isPcapDumpInterface() == false) if((ifstats["bridge.device_a"] == nil) or (ifstats["bridge.device_b"] == nil)) then print('\n') if is_physical_iface then if(ifstats.name ~= nil) then print('\n") end local speed_key = 'ntopng.prefs.'..ifname..'.speed' local speed = ntop.getCache(speed_key) if speed == nil or speed == "" or tonumber(speed) == nil then speed = ifstats.speed end print("") if interface.isPacketInterface() then print("\n") else print("") end else print("") end if(ifstats.ip_addresses ~= "") then tokens = split(ifstats.ip_addresses, ",") if(tokens ~= nil) then print("") end end print("\n") else print("") end if(ifstats["pkt_dumper"] ~= nil) then print("\n") print("") print("\n") end label = "Pkts" print[[ ]] if(ifstats.type ~= "zmq") then print [[ ]] else print [[ ]] end print [[ \n") if(ifstats.zmqRecvStats ~= nil) then print("\n") print("") end print("\n") print("\n") if(prefs.is_dump_flows_enabled) then local dump_to = "MySQL" if prefs.is_dump_flows_to_es_enabled == true then dump_to = "ElasticSearch" end local export_count = ifstats.stats.flow_export_count local export_rate = ifstats.stats.flow_export_rate local export_drops = ifstats.stats.flow_export_drops local export_drops_pct = 0 if export_drops > 0 and export_count > 0 then export_drops_pct = export_drops / export_count * 100 end print("\n") print("") print("") print("") print("") local span_danger = "" if(export_drops > 0) then span_danger = ' class="label label-danger"' end print("") print("") print("") end if((ifstats["bridge.device_a"] ~= nil) and (ifstats["bridge.device_b"] ~= nil)) then print("\n") print("\n") print("") print("") print("") print("") print("") print("") print("\n") print("") print("") print("") print("") print("") print("") print("\n") end print [[ ]] print("
Id" .. ifstats.id .. " ") print("
State") state = toggleTableButton("", "", "Active", "1","primary", "Paused", "0","primary", "toggle_local", "ntopng.prefs."..if_name.."_not_idle") if(state == "0") then on_state = true else on_state = false end interface.setInterfaceIdleState(on_state) print("
Remote ProbeInterface Name: "..ifstats["remote.name"].." [ ".. maxRateToString(ifstats.speed*1000) .." ]Interface IP: "..ifstats["remote.if_addr"].."Probe IP: "..ifstats["probe.ip"].."Public Probe IP: "..ifstats["probe.public_ip"].."  
Name' .. ifstats.name..'Custom Name') label = getInterfaceNameAlias(ifstats.name) inline_input_form("custom_name", "Custom Name", "Specify an alias for the interface", label, isAdministrator(), 'autocorrect="off" spellcheck="false" pattern="^[_\\-a-zA-Z0-9]*$"') print("
Speed" .. maxRateToString(speed*1000) .. "Scaling Factor") local label = ntop.getCache(getRedisIfacePrefix(ifid)..".scaling_factor") if((label == nil) or (label == "")) then label = "1" end inline_input_form("scaling_factor", "Scaling Factor", "This should match your capture interface sampling rate", label, isAdministrator(), 'type="number" min="1" step="1"', 'no-spinner') end print("
Bridge"..ifstats["bridge.device_a"].." "..ifstats["bridge.device_b"].."
IP Address") for _,s in pairs(tokens) do t = string.split(s, "/") host = interface.getHostInfo(t[1]) if(host ~= nil) then print("
  • ".. t[1].."\n") else print("
  • ".. t[1].."\n") end end print("
    • Family ") print(ifstats.type) if(ifstats.inline) then print(" In-Path Interface (Bump in the Wire)") end if is_physical_iface then print("MTU"..ifstats.mtu.." bytes
    Packet DumperDumped PacketsDumped Files
    ".. formatValue(ifstats["pkt_dumper"]["num_dumped_pkts"]) .."
    ".. formatValue(ifstats["pkt_dumper"]["num_dumped_files"]) .."
    Traffic Breakdown
    ZMQ RX Statistics
    Collected Flows"..formatValue(ifstats.zmqRecvStats.flows).."") print("Interface RX Updates"..formatValue(ifstats.zmqRecvStats.events).."") print("sFlow Counter Updates"..formatValue(ifstats.zmqRecvStats.counters).."
    Ingress Traffic
    Received Traffic"..bytesToSize(ifstats.stats.bytes).." [".. formatValue(ifstats.stats.packets) .. " ".. label .."] ") print("Dropped Packets") if(ifstats.stats.drops > 0) then print('') end print(formatValue(ifstats.stats.drops).. " " .. label) if((ifstats.stats.packets+ifstats.stats.drops) > 0) then local pctg = round((ifstats.stats.drops*100)/(ifstats.stats.packets+ifstats.stats.drops), 2) if(pctg > 0) then print(" [ " .. pctg .. " % ] ") end end if(ifstats.stats.drops > 0) then print('') end print(" ") if (isAdministrator()) then print("\n") end print("
    "..dump_to.." Flows Export Statistics
    Exported Flows"..formatValue(export_count).."") print(" ["..formatValue(round(export_rate, 2)).." Flows/s]Dropped Flows"..formatValue(export_drops).." ") print("[" ..formatValue(round(export_drops_pct, 2)).."%] 
    Bridged Traffic
    Interface DirectionIngress PacketsEgress PacketsShaped PacketsFiltered PacketsSend ErrorBuffer Full
    ".. ifstats["bridge.device_a"] .. " ".. ifstats["bridge.device_b"] .."".. formatPackets(ifstats["bridge.a_to_b.in_pkts"]) .." ".. formatPackets(ifstats["bridge.a_to_b.out_pkts"]) .." ".. formatPackets(ifstats["bridge.a_to_b.shaped_pkts"]) .."".. formatPackets(ifstats["bridge.a_to_b.filtered_pkts"]) .."".. formatPackets(ifstats["bridge.a_to_b.num_pkts_send_error"]) .."".. formatPackets(ifstats["bridge.a_to_b.num_pkts_send_buffer_full"]) .."
    ".. ifstats["bridge.device_b"] .. " ".. ifstats["bridge.device_a"] .."".. formatPackets(ifstats["bridge.b_to_a.in_pkts"]) .." "..formatPackets( ifstats["bridge.b_to_a.out_pkts"]) .." ".. formatPackets(ifstats["bridge.b_to_a.shaped_pkts"]) .."".. formatPackets(ifstats["bridge.b_to_a.filtered_pkts"]) .."".. formatPackets(ifstats["bridge.b_to_a.num_pkts_send_error"]) .."".. formatPackets(ifstats["bridge.b_to_a.num_pkts_send_buffer_full"]) .."
    NOTE:

    In ethernet networks, each packet has an overhead of 24 bytes [preamble (7 bytes), start of frame (1 byte), CRC (4 bytes), and IFG (12 bytes)]. Such overhead needs to be accounted to the interface traffic, but it is not added to the traffic being exchanged between IP addresses. This is because such data contributes to interface load, but it cannot be accounted in the traffic being exchanged by hosts, and thus expect little discrepancies between host and interface traffic values.

    \n") elseif((page == "packets")) then print [[ ]] print("\n") print("\n") print("\n") print [[
    TCP Packets AnalysisRetransmissions".. formatPackets(ifstats.tcpPacketStats.retransmissions) .."
    Out of Order".. formatPackets(ifstats.tcpPacketStats.out_of_order) .."
    Lost".. formatPackets(ifstats.tcpPacketStats.lost) .."
    Size Distribution

    ]] elseif(page == "ndpi") then --fc = interface.getnDPIFlowsCount() --for k,v in pairs(fc) do -- io.write(k.."="..v.."\n") --end print [[

    Cumulative Protocol Stats
    Live Flows Count

    NOTE: This chart depicts only TCP connections.
    ]] print [[ ]] print("\n") print ('\n') print ("") print("
    Application ProtocolTotal (Since Startup)Percentage
    \n") print [[ ]] elseif(page == "historical") then rrd_file = _GET["rrd_file"] selected_epoch = _GET["epoch"] if(selected_epoch == nil) then selected_epoch = "" end topArray = makeTopStatsScriptsArray() if(rrd_file == nil) then rrd_file = "bytes.rrd" end drawRRD(ifstats.id, nil, rrd_file, _GET["graph_zoom"], url.."&page=historical", 1, _GET["epoch"], selected_epoch, topArray) --drawRRD(ifstats.id, nil, rrd_file, _GET["graph_zoom"], url.."&page=historical", 1, _GET["epoch"], selected_epoch, topArray, _GET["comparison_period"]) elseif(page == "trafficprofiles") then print("\n") print("\n") for pname,pbytes in pairs(ifstats.profiles) do local trimmed = trimSpace(pname) local rrdname = fixPath(dirs.workingdir .. "/" .. ifid .. "/profilestats/" .. getPathFromKey(trimmed) .. "/bytes.rrd") local statschart_icon = '' if ntop.exists(rrdname) then statschart_icon = '' end print("\n") end print [[
    Profile NameChartTraffic
    "..pname..""..statschart_icon..""..bytesToSize(pbytes).."
    ]] elseif(page == "packetdump") then if is_packetdump_enabled then dump_all_traffic = ntop.getCache('ntopng.prefs.'..ifstats.name..'.dump_all_traffic') dump_status_tap = ntop.getCache('ntopng.prefs.'..ifstats.name..'.dump_tap') dump_status_disk = ntop.getCache('ntopng.prefs.'..ifstats.name..'.dump_disk') dump_unknown_disk = ntop.getCache('ntopng.prefs.'..ifstats.name..'.dump_unknown_disk') dump_security_disk = ntop.getCache('ntopng.prefs.'..ifstats.name..'.dump_security_disk') if(dump_all_traffic == "true") then dump_all_traffic_checked = 'checked="checked"' dump_all_traffic_value = "false" -- Opposite else dump_all_traffic_checked = "" dump_all_traffic_value = "true" -- Opposite end if(dump_status_disk == "true") then dump_traffic_checked = 'checked="checked"' dump_traffic_value = "false" -- Opposite else dump_traffic_checked = "" dump_traffic_value = "true" -- Opposite end if(dump_unknown_disk == "true") then dump_unknown_checked = 'checked="checked"' dump_unknown_value = "false" -- Opposite else dump_unknown_checked = "" dump_unknown_value = "true" -- Opposite end if(dump_security_disk == "true") then dump_security_checked = 'checked="checked"' dump_security_value = "false" -- Opposite else dump_security_checked = "" dump_security_value = "true" -- Opposite end if(dump_status_tap == "true") then dump_traffic_tap_checked = 'checked="checked"' dump_traffic_tap_value = "false" -- Opposite else dump_traffic_tap_checked = "" dump_traffic_tap_value = "true" -- Opposite end print("\n") print("\n") print("\n") print("\n") print("\n") print("\n") print("\n") print [[ ]] print("") print("\n") print("\n") print [[ ]] print("\n") print [[ ]] print("\n") print [[ ]] print("
    Packet Dump") print [[
    Dump All Traffic') print('') print('\n') print('
    ') print("
    Packet Dump To Disk") print [[
    Dump Traffic To Disk') if(dump_traffic_checked ~= "") then dumped = interface.getInterfacePacketsDumpedFile() print(" - "..ternary(dumped, dumped, 0).." packets dumped") end print('') print('\n') print('
    ') print("
    ") print [[
    Dump Unknown Traffic To Disk ') print('\n') print('
    ') print("
    ") print [[
    Dump Traffic To Disk On Security Alert ') print('\n') print('
    ') print("
    Packet Dump To Tap") if(interface.getInterfaceDumpTapName() ~= "") then print [[
    Dump Traffic To Tap ') print('('..interface.getInterfaceDumpTapName()..')') if(dump_traffic_tap_checked ~= "") then dumped = interface.getInterfacePacketsDumpedTap() print(" - "..ternary(dumped, dumped, 0).." packets dumped") end print(' ') print('\n') print('
    ') else print("Disabled. Please restart ntopng with --enable-taps") end print("
    Sampling Rate]] if(dump_security_checked ~= "") then print[[
    ]] print('1 : \n') print [[  
    NOTE: Sampling rate is applied only when dumping packets caused by a security alert
    (e.g. a volumetric DDoS attack) and not to those hosts/flows that have been marked explicitly for dump.     ]] else print('Disabled. Enable packet dump on security alert.') end print[[
    Dump To Disk Parameters
    Pcap Dump Directory") pcapdir = dirs.workingdir .."/"..ifstats.id.."/pcap/" print(pcapdir.."
    Max Packets per File
    ]] print('\n') print [[ pkts  
    Maximum number of packets to store on a pcap file before creating a new file.
    Max Duration of File
    ]] print('\n') print [[  sec  
    Maximum pcap file duration before creating a new file.
    NOTE: a dump file is closed when it reaches first the maximum size or duration specified.
    Max Size of Dump Files
    ]] print('\n') print [[   MB    
    Maximum size of created pcap files.
    NOTE: total file size is checked daily and old dump files are automatically overwritten after reaching the threshold.
    ") end elseif(page == "alerts") then local ifname_clean = "iface_"..tostring(ifid) local tab = _GET["tab"] local re_arm_minutes = nil if(tab == nil) then tab = alerts_granularity[1][1] end print [[

    ]] print('\n') print("\n") print("\n") for k,v in pairsByKeys(alert_functions_description, asc) do print("\n") end print [[
    Alert FunctionThreshold
    "..k.."\n") print("\n") print("\n\n") print("
    "..v.."\n") print("
    Re-arm minutes
    The re-arm is the dead time between one alert generation and the potential generation of the next alert of the same kind.
    [ Delete All Interface Configured Alerts ]
    ]] end elseif(page == "config") then local if_name = ifstats.name local ifname_clean = "iface_"..tostring(ifid) if(isAdministrator()) then trigger_alerts = _GET["trigger_alerts"] if(trigger_alerts ~= nil) then if(trigger_alerts == "true") then ntop.delHashCache(get_alerts_suppressed_hash_name(ifname), ifname_clean) else ntop.setHashCache(get_alerts_suppressed_hash_name(ifname), ifname_clean, trigger_alerts) end end end print("\n") suppressAlerts = ntop.getHashCache(get_alerts_suppressed_hash_name(ifname), ifname_clean) if((suppressAlerts == "") or (suppressAlerts == nil) or (suppressAlerts == "true")) then alerts_checked = 'checked="checked"' alerts_value = "false" -- Opposite else alerts_checked = "" alerts_value = "true" -- Opposite end print [[ ') print [[]] print("
    Interface Alerts
    Trigger alerts for interface '..if_name..'') print('\n') print('') print('
    ') print('
    ") elseif(page == "filtering") then if not isAdministrator() then error() end local shaper_utils = require("shaper_utils") policy_key = "ntopng.prefs.".. ifid ..".l7_policy" any_net = "0.0.0.0/0@0" -- ==================================== function get_shapers_from_parameters(callback) local done = {} for option,value in pairs(_GET) do local sp = split(option, "ishaper_") local k = nil if #sp == 2 then k = sp[2] else sp = split(option, "eshaper_") if #sp == 2 then k = sp[2] end end if k ~= nil then if not done[k] then done[k] = true; callback(k, _GET["ishaper_"..k], _GET["eshaper_"..k]) end end end end if (_GET["view_network"] ~= nil) then local ingress_key = "ntopng.prefs.".. ifid ..".l7_policy_ingress_shaper_id" -- this is used by host_details.lua. Checks if the network exists, otherwise creates it if ntop.getHashCache(ingress_key, _GET["view_network"]) ~= "" then -- network exists, redirect jsUrlChange("if_stats.lua?id="..ifid.."&page=filtering&network=".._GET["view_network"].."#protocols") else -- network does not exist, trigger add action print("") end end if((_GET["csrf"] ~= nil) and (_GET["edit_networks"] ~= nil)) then local ingress_key = "ntopng.prefs.".. ifid ..".l7_policy_ingress_shaper_id" local egress_key = "ntopng.prefs.".. ifid ..".l7_policy_egress_shaper_id" local proto_shapers_cloned = false get_shapers_from_parameters(function(network_key, ingress_shaper, egress_shaper) -- reconstruct from url encoded -- TODO ipv6 local address format? network_key = network_key:gsub("(%d+)_(%d+)_(%d+)_(%d+)", "%1.%2.%3.%4") network_key = network_key:gsub("_2F", "/") network_key = network_key:gsub("_40", "@") initial_policy = "" if(_GET["clone"] ~= nil) then local clone_from = shaper_utils.addVlan0(_GET["clone"]) -- clone blacklist rules value = ntop.getHashCache(policy_key, clone_from) if value ~= nil then initial_policy = value end -- clone shaped protocols rules local net_ingress_key = shaper_utils.getProtoShaperKey(ifid, network_key, "ingress") local net_egress_key = shaper_utils.getProtoShaperKey(ifid, network_key, "egress") for _,proto_config in pairs(shaper_utils.getNetworkProtoShapers(ifid, clone_from, false)) do ntop.setHashCache(net_ingress_key, proto_config.protoId, proto_config.ingress); ntop.setHashCache(net_egress_key, proto_config.protoId, proto_config.egress); proto_shapers_cloned = true end end ntop.setHashCache(policy_key, network_key, initial_policy) ntop.setHashCache(ingress_key, network_key, ingress_shaper) ntop.setHashCache(egress_key, network_key, egress_shaper) end) if proto_shapers_cloned then -- reload the l7 networks in use by protocol shapers interface.reloadL7ProtoRules(); end interface.reloadL7Rules() jsUrlChange("if_stats.lua?id="..ifid.."&page=filtering") end if((_GET["csrf"] ~= nil) and (_GET["delete_network"] ~= nil) and (_GET["delete_network"] ~= any_net)) then local target_net = _GET["delete_network"] -- delete network policy ntop.delHashCache(policy_key, target_net) -- delete network shaping settings key = "ntopng.prefs.".. ifid ..".l7_policy_ingress_shaper_id" ntop.delHashCache(key, target_net) key = "ntopng.prefs.".. ifid ..".l7_policy_egress_shaper_id" ntop.delHashCache(key, target_net) -- delete l7 protocols rules of that network local keys = ntop.getKeysCache(shaper_utils.getProtoShaperKey(ifid, target_net, "*")) or {} for key,_ in pairs(keys) do ntop.delCache(key) end -- reload all the rules, and update hosts affected by removal interface.reloadL7Rules(target_net) jsUrlChange("if_stats.lua?id="..ifid.."&page=filtering") end net = _GET["network"] or _GET["proto_network"] or _GET["view_network"] if(net ~= nil) then net = shaper_utils.addVlan0(net) end -- NB: this cannot be null, since it contains at least the 'any' network nets = ntop.getHashKeysCache(policy_key) or {} -- tprint(nets) if(net == nil) then -- If there is not &network= parameter then use the first network available for k,v in pairsByKeys(nets, asc) do net = k break end end selected_network = net if(selected_network == nil) then selected_network = any_net end if((_GET["csrf"] ~= nil) and (_GET["add_shapers"] ~= nil)) then for shaper,mrate in pairs(_GET) do local sp = split(shaper, "shaper_") if #sp == 2 then local shaper_id = tonumber(sp[2]) local max_rate = tonumber(mrate) --~ tprint(shaper_id.." "..max_rate) if(max_rate > 1048576) then max_rate = -1 end if(max_rate < -1) then max_rate = -1 end ntop.setHashCache(shaper_key, shaper_id, max_rate) end end interface.reloadShapers() jsUrlChange("if_stats.lua?id="..ifid.."&page=filtering#shapers") end if((_GET["csrf"] ~= nil) and (_GET["delete_shaper"] ~= nil)) then local shaper_id = _GET["delete_shaper"] shaper_utils.deleteShaper(ifid, shaper_id) jsUrlChange("if_stats.lua?id="..ifid.."&page=filtering#shapers") end if((_GET["csrf"] ~= nil) and (_GET["proto_network"] ~= nil)) then local target_net = _GET["proto_network"] if (_GET["del_l7_proto"] ~= nil) then local protocol_id = _GET["del_l7_proto"] key = shaper_utils.getProtoShaperKey(ifid, target_net, "ingress") ntop.delHashCache(key, protocol_id) key = shaper_utils.getProtoShaperKey(ifid, target_net, "egress") ntop.delHashCache(key, protocol_id) else -- TODO totally remove blacklist code if (ntop.getHashCache(policy_key, target_net) ~= _GET["blacklist"]) then -- *** Handle the blacklist *** ntop.setHashCache(policy_key, target_net, _GET["blacklist"]) interface.reloadL7Rules() end -- *** Handle the shaped protocols *** get_shapers_from_parameters(function(proto_id, ingress_shaper, egress_shaper) local ingress_key = shaper_utils.getProtoShaperKey(ifid, target_net, "ingress") local egress_key = shaper_utils.getProtoShaperKey(ifid, target_net, "egress") ntop.setHashCache(ingress_key, proto_id, ingress_shaper) ntop.setHashCache(egress_key, proto_id, egress_shaper) end) end -- Note: this could optimized to only reload this specific network interface.reloadL7ProtoRules(); jsUrlChange("if_stats.lua?id="..ifid.."&page=filtering&network="..target_net.."#protocols") end print [[
    ]] -- ==== Manage networks tab ==== print [[
    ]] print [[
    ]] -- ****************************************** local shapers = shaper_utils.getSortedShapers(ifid) function print_shapers(shapers, curshaper_id, terminator) terminator = terminator or "\n" if(curshaper_id == "") then curshaper_id = "0" else curshaper_id = tostring(curshaper_id) end for _,shaper in ipairs(shapers) do print(""..terminator) end end -- ****************************************** locals = ntop.getLocalNetworks() locals_empty = (next(locals) == nil) print[[
    ]] -- ****************************************** -- ==== Manage protocols tab ==== print [[

    ]] print(i18n("shaping.network_group")) print[[
    ]] blacklist = { } rules = ntop.getHashCache(policy_key, selected_network) if((rules ~= nil) and (string.len(rules) > 0)) then local protos = split(rules, ",") for k,v in pairs(protos) do blacklist[v] = 1 end end protos = interface.getnDPIProtocols() function print_ndpi_protocols(protos, selected, excluded, terminator) selected = selected or {} excluded = excluded or {} terminator = terminator or "\n" for k,v in pairsByKeys(protos, asc) do if((k ~= "GRE") and (k ~= "BGP") and (k ~= "IGMP") and (k ~= "IPP") and (k ~= "IP_in_IP") and (k ~= "OSPF") and (k ~= "PPTP") and (k ~= "SCTP") and (k ~= "TFTP") and (not excluded[v]) -- excluded by protocol number and (not excluded[k]) -- excluded by protocol name ) then print(""..terminator) end end end print [[
    ]] -- ****************************************** -- ==== Manage shapers tab ==== print[[
    ]] print [[
    ]] print(i18n('shaping.notes')) print[[
    ]] elseif page == "traffic_report" then dofile(dirs.installdir .. "/pro/scripts/lua/enterprise/traffic_report.lua") end dofile(dirs.installdir .. "/scripts/lua/inc/footer.lua") print(" ]] print [[ ]]