#!/usr/bin/perl
#
#
# PIX Logging Architecture
# [Kristof Philipsen]
#
# This file is part of PIX Logging Architecture
#
# PIX Logging Architecture is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# PIX Logging Architecture is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PIX Logging Architecture; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                                                                                                                                                                                                  
use DBI;
use CGI;
                                                                                                                                                                                                  
#
# include configuration
#
require "conf.pl";      # General Configuration
require "subs.pl";      # Subroutines
                                                                                                                                                                                                  
#
# Make Database Connection
#
db_connect();
                                                                                                                                                                                                  
#
# Get CGI Parameters
#
$query = new CGI;
$resource = clean_input($query->param("resource"));
$src_ip = clean_input($query->param("src_ip"));
$src_pt = clean_input($query->param("src_pt"));
$dst_ip = clean_input($query->param("dst_ip"));
$dst_pt = clean_input($query->param("dst_pt"));
$message = clean_input($query->param("log_message"));
$protocol = clean_input($query->param("protocol"));
$start_year = clean_input($query->param("start_year"));
$start_month = clean_input($query->param("start_month"));
$start_day = clean_input($query->param("start_day"));
$start_hour = clean_input($query->param("start_hour"));
$start_min = clean_input($query->param("start_min"));
$start_sec = clean_input($query->param("start_sec"));
$end_year = clean_input($query->param("end_year"));
$end_month = clean_input($query->param("end_month"));
$end_day = clean_input($query->param("end_day"));
$end_hour = clean_input($query->param("end_hour"));
$end_min = clean_input($query->param("end_min"));
$end_sec = clean_input($query->param("end_sec"));
$action = clean_input($query->param("action"));
$date_type = clean_input($query->param("date_type"));
$resolve = clean_input($query->param("resolve"));
$filter = clean_input($query->param("filter"));
$pager = clean_input($query->param("pager"));
$page = clean_input($query->param("page"));
$var_orient = clean_input($query->param("orientation"));
$var_sortby = clean_input($query->param("sortby"));

$todaydate=`date +%Y"-"%m"-"%d`;
$todaydate=~s/\n//g;

if ($page eq "") {
        $page="0";
        $next_page="1";
} else {
        $next_page=$page + 1;
        $prev_page=$page - 1;
}

if ($var_orient eq "") {
        $var_orient="asc";
}

if ($var_sortby eq "") {
        $var_sortby="log_id";
}


$pager = "50" unless $pager;
$var_count = $page * $pager;

if ($date_type eq "userdef") {
$start_date = "$start_year-$start_month-$start_day $start_hour:$start_min:$start_sec";
$end_date = "$end_year-$end_month-$end_day $end_hour:$end_min:$end_sec";
} 
if ($date_type eq "today") {
$start_date = "$todaydate 00:00:00";
$end_date = "$todaydate 23:59:59";
}                                                                                                                                                                                                  
if ($date_type eq "all") {
$start_date = "\%";
$end_state = "\%";
}

if (length($resource) < "1") {
    $resource="\%";
}
                                                                                                                                                                                                  
if (length($src_ip) < "1") {
    $src_ip="\%";
}
                                                                                                                                                                                                  
if (length($src_pt) < "1") {
    $src_pt="\%";
}
                                                                                                                                                                                                  
if (length($dst_ip) < "1") {
    $dst_ip="\%";
}
                                                                                                                                                                                                  
if (length($dst_pt) < "1") {
    $dst_pt="\%";
}

if (length($action) < "1") {
    $action="\%";
}

if (length($protocol) < "1") {
    $protocol="\%";
}

if (length($message) < "1") {
    $message="\%";
}


#
# DB Query
#

if ((length($start_year) < "1") && ($date_type ne "today")) {
$searchQuery = "SELECT log_id, log_time, log_resource, log_action, log_protocol, log_src_ip, log_src_pt, log_dst_ip, log_dst_pt, log_flags FROM traffic_log WHERE log_resource like \"$resource\" and log_action like \"$action\" and log_src_ip like \"$src_ip\" and log_src_pt like \"$src_pt\" and log_dst_ip like \"$dst_ip\" and log_dst_pt like \"$dst_pt\" and log_message like \"$message\" and log_protocol like \"$protocol\" order by $var_sortby $var_orient limit $var_count,$pager";
} else {
$searchQuery = "SELECT log_id, log_time, log_resource, log_action, log_protocol, log_src_ip, log_src_pt, log_dst_ip, log_dst_pt, log_flags FROM traffic_log WHERE log_time >= \"$start_date\" and log_time <= \"$end_date\" and log_resource like \"$resource\" and log_action like \"$action\" and log_src_ip like \"$src_ip\" and log_src_pt like \"$src_pt\" and log_dst_ip like \"$dst_ip\" and log_dst_pt like \"$dst_pt\" and log_message like \"$message\" and log_protocol like \"$protocol\" order by $var_sortby $var_orient limit $var_count,$pager";
}

if ($filter eq "1") {
if ((length($start_year) < "1") && ($date_type ne "today")) {
$searchQuery = "SELECT traffic_log.log_id, traffic_log.log_time, traffic_log.log_resource, traffic_log.log_action, traffic_log.traffic_log.log_protocol, traffic_log.log_src_ip, traffic_log.log_src_pt, traffic_log.log_dst_ip, traffic_log.log_dst_pt, traffic_log.log_flags FROM traffic_log left join log_filter on (traffic_log.log_resource like log_filter.log_resource and traffic_log.log_action like log_filter.log_action and traffic_log.log_protocol like log_filter.log_protocol and traffic_log.log_src_ip like log_filter.log_src_ip and traffic_log.log_src_pt like log_filter.log_src_pt and traffic_log.log_dst_ip like log_filter.log_dst_ip and traffic_log.log_dst_pt like log_filter.log_dst_pt and log_filter.filter_state like \"active\") where traffic_log.log_resource like \"$resource\" and traffic_log.log_action like \"$action\" and traffic_log.log_src_ip like \"$src_ip\" and traffic_log.log_src_pt like \"$src_pt\" and traffic_log.log_dst_ip like \"$dst_ip\" and traffic_log.log_dst_pt like \"$dst_pt\" and traffic_log.log_message like \"$message\" and traffic_log.log_protocol like \"$protocol\" and (log_filter.log_resource) is null and (log_filter.log_action) is null and (log_filter.log_protocol) is null and (log_filter.log_src_ip) is null and (log_filter.log_src_pt) is null and (log_filter.log_dst_ip) is null and ( log_filter.log_dst_pt) is null and (log_filter.filter_state) is null order by $var_sortby $var_orient limit $var_count,$pager";
} else {
$searchQuery = "SELECT traffic_log.log_id, traffic_log.log_time, traffic_log.log_resource, traffic_log.log_action, traffic_log.log_protocol, traffic_log.log_src_ip, traffic_log.log_src_pt, traffic_log.log_dst_ip, traffic_log.log_dst_pt, traffic_log.log_flags FROM traffic_log left join log_filter on (traffic_log.log_resource like log_filter.log_resource and traffic_log.log_action like log_filter.log_action and traffic_log.log_protocol like log_filter.log_protocol and traffic_log.log_src_ip like log_filter.log_src_ip and traffic_log.log_src_pt like log_filter.log_src_pt and traffic_log.log_dst_ip like log_filter.log_dst_ip and traffic_log.log_dst_pt like log_filter.log_dst_pt and log_filter.filter_state like \"active\") WHERE traffic_log.log_time >= \"$start_date\" and traffic_log.log_time <= \"$end_date\" and traffic_log.log_resource like \"$resource\" and traffic_log.log_action like \"$action\" and traffic_log.log_src_ip like \"$src_ip\" and traffic_log.log_src_pt like \"$src_pt\" and traffic_log.log_dst_ip like \"$dst_ip\" and traffic_log.log_dst_pt like \"$dst_pt\" and traffic_log.log_message like \"$message\" and traffic_log.log_protocol like \"$protocol\" and (log_filter.log_resource) is null and (log_filter.log_action) is null and (log_filter.log_protocol) is null and (log_filter.log_src_ip) is null and (log_filter.log_src_pt) is null and (log_filter.log_dst_ip) is null and ( log_filter.log_dst_pt) is null and (log_filter.filter_state) is null order by $var_sortby $var_orient limit $var_count,$pager";
}

}
$searchResults=$db_handle->prepare("$searchQuery");

                                                                                                                                                                                                  
#
# HTML SECTION
#
printtitle();
                                                                                                                                                                                                  
print <<EOF;
<script language="JavaScript">
<!-- Original script borrowed from http://web.uvic.ca/atrsweb/vikes/default.html -->
<!-- Implemented at Kwantlen 26 June 2000 DMH -->
<!--
function MM_jumpMenu(targ,selObj,restore){ //v3.0
eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");
if (restore) selObj.selectedIndex=0;
}
//-->
</script>

<span class='titlehead'><b>PIX Traffic Logs > Search Results</b></span>
<br><br>
<span class="titlehead"><b>Pager Setting:</b></span> 
<select name="pager" onChange="MM_jumpMenu('parent',this,0)">
<option value="?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">$pager
<option>
<option value="?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=50">50
<option value="?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=100">100
<option value="?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=250">250
<option value="?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=500">500
<option value="?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=1000">1000
</select>
<br>
</form>
<br>

<table width="100%" bgcolor="white" cellpadding="0" cellspacing="0" border="0">
<td bgcolor="#000000" width="30%">&nbsp;<b><span class="main"><font color="white">PIX Traffic Logs > Search Results</font></span></b></td>
<td bgcolor="#ffffff" width="40%">
<center>
<a href="pix_search_result_traffic?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=$prev_page&pager=$pager" class="bodylink"><< Previous $pager Logs</a> <font color="#000000">|</font>
<a href="javascript:window.location.reload()" class="bodylink"><img src="images/reload.gif" align="bottom" border="0"> Refresh</img></a> <font color="#000000">|</font>
<a href="pix_search_result_traffic?orientation=$var_orient&sortby=$var_sortby&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=$next_page&pager=$pager" class="bodylink">Next $pager Logs >></a>
</center>
</td>

<td bgcolor="#ffffff" width="30%" align="right">
<select name="sorter" onChange="MM_jumpMenu('parent',this,0)">
<option>Sort By: (Optional)
<option>
<option value="?orientation=asc&sortby=log_id&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Log Time (Ascending) [Default]
<option value="?orientation=desc&sortby=log_id&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Log Time (Descending)
<option value="?orientation=asc&sortby=log_resource&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Logging Resource (Ascending)
<option value="?orientation=desc&sortby=log_resource&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Logging Resource (Descending)
<option value="?orientation=asc&sortby=log_action&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Log Action (Ascending)
<option value="?orientation=desc&sortby=log_action&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Log Action (Descending)
<option value="?orientation=asc&sortby=log_protocol&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Log Protocol (Ascending)
<option value="?orientation=desc&sortby=log_protocol&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Log Protocol (Descending)
<option value="?orientation=asc&sortby=log_src_ip&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Source IP (Ascending)
<option value="?orientation=desc&sortby=log_src_ip&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Source IP (Descending)
<option value="?orientation=asc&sortby=log_src_pt&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Source Port (Ascending)
<option value="?orientation=desc&sortby=log_src_pt&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Source Port (Descending)
<option value="?orientation=asc&sortby=log_dst_ip&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Destination IP (Ascending)
<option value="?orientation=desc&sortby=log_dst_ip&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Destination IP (Descending)
<option value="?orientation=asc&sortby=log_dst_pt&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Destination Port (Ascending)
<option value="?orientation=desc&sortby=log_dst_pt&resource=$resource&src_ip=$src_ip&src_pt=$src_pt&dst_ip=$dst_ip&dst_pt=$dst_pt&log_message=$message&protocol=$protocol&start_year=$start_year&start_month=$start_month&start_day=$start_day&start_hour=$start_hour&start_min=$start_min&start_sec=$start_sec&end_year=$end_year&end_month=$end_month&end_day=$end_day&end_hour=$end_hour&end_min=$end_min&end_sec=$end_sec&action=$action&date_type=$date_type&resolve=$resolve&filter=$filter&page=0&pager=$pager">Destination Port (Descending)
</select>
&nbsp;&nbsp; <span class="bodylink"><b>[ Page $next_page ]</b></span></td>
<tr>


<td bgcolor="#a7a7a7" align="left" valign="top" height="3"></td>
<td bgcolor="#a7a7a7" align="left" valign="top" height="3"></td>
<td bgcolor="#a7a7a7" align="left" valign="top" height="3"></td>
</table>


<table width="100%" cellpadding="0" cellspacing="0" border="0">
<td bgcolor="#5479d8"><b><span class="button">Time</span></b></td>
<td bgcolor="#5479d8"><b><span class="button">Log Resource</span></b></td>
<td bgcolor="#5479d8"><b><span class="button">Action</span></b></td>
<td bgcolor="#5479d8"><b><span class="button">Protocol</b></span></td>
<td bgcolor="#5479d8"><b><span class="button">Source</b></font></td>
<td bgcolor="#5479d8"><b><span class="button">Source Port</b></font></td>
<td bgcolor="#5479d8"><b><span class="button">Destination</b></font></td>
<td bgcolor="#5479d8"><b><span class="button">Destination Port</b></font></td>
<td bgcolor="#5479d8"><b><span class="button">Flags</b></font></td>
EOF

$searchResults->execute();
while (($log_id,$log_time,$log_resource,$log_action,$log_protocol,$log_src_ip,$log_src_pt,$log_dst_ip,$log_dst_pt,$log_flags) = $searchResults->fetchrow) {
if ($log_src_pt eq "n/a") {
    $log_src_pt="-";
}
if ($log_dst_pt eq "n/a") {
     $log_dst_pt="-";
}
if ($log_flags eq "n/a") {
     $log_flags="-";
}
if ($resolve eq "true") {
    $log_src_ip =~ s/^\s+|\s+$//g;
    @bytes = split (/\./, $log_src_ip);
    $packaddr = pack ("C4", @bytes);
    if (!(($name, $altnames, $addrtype, $len, @addrlist) =gethostbyaddr ($packaddr, 2))) {
       $host_src_ip = "$log_src_ip";
    } else {
       $host_src_ip = $name;
    }
    $log_dst_ip =~ s/^\s+|\s+$//g;
    @bytes = split (/\./, $log_dst_ip);
    $packaddr = pack ("C4", @bytes);
    if (!(($name, $altnames, $addrtype, $len, @addrlist) =gethostbyaddr ($packaddr, 2))) {
       $host_dst_ip = "$log_dst_ip";
    } else {
     $host_dst_ip = $name;
    }
    $src_pt_name=getservbyport($log_src_pt,'tcp');
    if ($src_pt_name eq "") {
        $src_pt_name="$log_src_pt";
    }
    $dst_pt_name=getservbyport($log_dst_pt,'tcp');
    if ($dst_pt_name eq "") {
        $dst_pt_name="$log_dst_pt";
    }
print <<EOF;
<tr OnMouseOver="this.bgColor='#d9d9d9'" OnMouseOut="this.bgColor='#ffffff'" onClick="location.href='pix_traffic_id?id=$log_id&date=$log_time'">
<td><span class="table">$log_time</span></td>
<td><span class="table"><img src="images/pix_device.png" align="middle"></img> $log_resource</span></td>
EOF
if ($log_action eq "ACCEPT") {
print <<EOF;
<td><span class="table"><img src="images/accept.png" align="middle"></img></span></td>
EOF
}
if ($log_action eq "DROP") {
print <<EOF;
<td><span class="table"><img src="images/drop.png" align="middle"></img></span></td>
EOF
}
                                                                                                                                                                                                                
if ($log_protocol eq "TCP") {
print <<EOF;
<td><span class="table"><img src="images/tcp_service.png" align="middle"></img></span></td>
EOF
}
                                                                                                                                                                                                                
if ($log_protocol eq "UDP") {
print <<EOF;
<td><span class="table"><img src="images/udp_service.png" align="middle"></img></span></td>
EOF
}
                                                                                                                                                                                                                
if ($log_protocol eq "ICMP") {
print <<EOF;
<td><span class="table"><img src="images/icmp_service.png" align="middle"></img></span></td>
EOF
}
                                                                                                                                                                                                                
print <<EOF;
<td><span class="table">$host_src_ip</span></td>
<td><span class="table">$src_pt_name</span></td>
<td><span class="table">$host_dst_ip</span></td>
<td><span class="table">$dst_pt_name</span></td>
<td><span class="table">$log_flags</span></a></td>
EOF
} else {
print <<EOF;
<tr OnMouseOver="this.bgColor='#d9d9d9'" OnMouseOut="this.bgColor='#ffffff'" onClick="location.href='pix_traffic_id?id=$log_id&date=$log_time'">
<td><span class="table">$log_time</span></td>
<td><span class="table"><img src="images/pix_device.png" align="middle"></img> $log_resource</span></td>
EOF
if ($log_action eq "ACCEPT") {
print <<EOF;
<td><span class="table"><img src="images/accept.png" align="middle"></img></span></td>
EOF
}
if ($log_action eq "DROP") {
print <<EOF;
<td><span class="table"><img src="images/drop.png" align="middle"></img></span></td>
EOF
}
 
if ($log_protocol eq "TCP") {
print <<EOF;
<td><span class="table"><img src="images/tcp_service.png" align="middle"></img></span></td>
EOF
}
 
if ($log_protocol eq "UDP") {
print <<EOF;
<td><span class="table"><img src="images/udp_service.png" align="middle"></img></span></td>
EOF
}
 
if ($log_protocol eq "ICMP") {
print <<EOF;
<td><span class="table"><img src="images/icmp_service.png" align="middle"></img></span></td>
EOF
}
 
print <<EOF;
<td><span class="table">$log_src_ip</span></td>
<td><span class="table">$log_src_pt</span></td>
<td><span class="table">$log_dst_ip</span></td>
<td><span class="table">$log_dst_pt</span></td>
<td><span class="table">$log_flags</span></a></td>
EOF
}
}
#print <<EOF;
#<tr OnMouseOver="this.bgColor='#d9d9d9'" OnMouseOut="this.bgColor='#ffffff'" onClick="location.href='pix_traffic_id?id=$log_id&date=$log_time'">
#<td><a href="pix_traffic_id?id=$log_id&date=$log_time" class="bodylink">$log_id</span></td>
#<td><span class="table">$log_time</span></td>
#<td><span class="table">$log_action</span></td>
#<td><span class="table">$log_protocol</span></font></td>
#<td><span class="table">$log_src_ip</span></td>
#<td><span class="table">$log_src_pt</span></td>
#<td><span class="table">$log_dst_ip</span></td>
#<td><span class="table">$log_dst_pt</span></td>
#<td><span class="table">$log_flags</span></a></td>
#<tr>
#EOF
#}
print <<EOF;
<tr>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
<td bgcolor="#5479d8" height="10"></td>
</table>
EOF

$db_handle->disconnect();


