#!/usr/bin/perl
#
#
# PIX Logging Architecture
# [Kristof Philipsen]
#
# This file is part of PIX Logging Architecture
#
# PIX Logging Architecture is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# PIX Logging Architecture is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PIX Logging Architecture; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                                                                                                                                                                                                  
use DBI;
use CGI;
                                                                                                                                                                                                  
#
# include configuration
#
require "conf.pl";      # General Configuration
require "subs.pl";      # Subroutines
                                                                                                                                                                                                  
#
# Make Database Connection
#
db_connect();
                                                                                                                                                                                                  
#
# Get CGI Parameters
#
$query = new CGI;
$id = clean_input($query->param("id"));
$datetime = clean_input($query->param("date"));
$matchdatabase = clean_input($query->param("showmatches"));
$showmatches=clean_input($matchdatabase);
$showoptions = clean_input($query->param("showoptions"));
$showxlate = clean_input($query->param("showxlate"));
$showgeneral = clean_input($query->param("showgeneral"));
$showspecific = clean_input($query->param("showspecific"));
$showdescription = clean_input($query->param("showdescription"));

if (length($showxlate) < "1") {
    $showxlate="1";
}

if (length($showgeneral) < "1") {
    $showgeneral="1";
}

if (length($showspecific) < "1") {
    $showspecific="1";
}

if (length($showoptions) < "1") {
    $showoptions="0";
}

if (length($matchdatabase) < "1") {
    $matchdatabase="0";
    $showmatches="0";
}

if (length($showdescription) < "1") {
    $showdescription="1";
}



($date,$time) = split(" ",$datetime);
                                                                                                                                                                                                  
#
# HTML SECTION
#
printtitle();
                                                                                                                                                                                                  
print <<EOF;
EOF
$getidall = "SELECT log_resource, log_action, log_message, log_time, log_protocol, log_src_ip, log_src_pt, log_dst_ip, log_dst_pt, log_flags, log_xlate_src_ip, log_xlate_src_pt, log_xlate_dst_ip, log_xlate_dst_pt FROM traffic_log WHERE log_id = \"$id\"";

$matchDescription = "SELECT b.traffic_type,b.description_name,b.description_detail from traffic_log a, traffic_description b where a.log_id= \"$id\" and b.log_type=\"traffic\" and (a.log_src_ip like b.log_src_ip and a.log_src_pt like b.log_src_pt and a.log_dst_ip like b.log_dst_ip and a.log_dst_pt like b.log_dst_pt and a.log_protocol like b.log_protocol and a.log_resource like b.log_resource and a.log_action like b.log_action)";
$statement1 = $db_handle->prepare($matchDescription) or die "Couldn't prepare query '$matchDescription': $DBI::errstr\n";

$statement2 = $db_handle->prepare($getidall) or die "Couldn't prepare query '$getidall': $DBI::errstr\n";
$statement2->execute();
while (($log_resource,$log_action,$log_message,$log_time,$log_protocol,$log_src_ip,$log_src_pt,$log_dst_ip,$log_dst_pt,$log_flags,$log_xlate_src_ip,$log_xlate_src_pt,$log_xlate_dst_ip,$log_xlate_dst_pt) = $statement2->fetchrow) {
my ($name, $altnames,$addrtype,$len,$packaddr,@bytes);
($l_date,$l_time) = split(" ",$log_time);
$log_src_ip =~ s/^\s+|\s+$//g; 
@bytes = split (/\./, $log_src_ip);
$packaddr = pack ("C4", @bytes);
if (!(($name, $altnames, $addrtype, $len, @addrlist) =gethostbyaddr ($packaddr, 2))) {
    $host_src_ip = "0";
}else{
    $host_src_ip = $name;
}
$log_dst_ip =~ s/^\s+|\s+$//g;
@bytes = split (/\./, $log_dst_ip);
$packaddr = pack ("C4", @bytes);
if (!(($name, $altnames, $addrtype, $len, @addrlist) =gethostbyaddr ($packaddr, 2))) {
    $host_dst_ip = "0";
}else{
    $host_dst_ip = $name;
}
$src_pt_name=getservbyport($log_src_pt,'tcp');
$dst_pt_name=getservbyport($log_dst_pt,'tcp');
if (($log_xlate_src_ip ne "") && ($log_xlate_src_pt ne "") && ($log_xlate_dst_ip ne "") && ($log_xlate_dst_pt ne "")) {
     $log_xlate_src_ip =~ s/^\s+|\s+$//g;
     @bytes = split (/\./, $log_xlate_src_ip);
     $packaddr = pack ("C4", @bytes);
     if (!(($name, $altnames, $addrtype, $len, @addrlist) =gethostbyaddr ($packaddr, 2))) {
        $host_xlate_src_ip = "0";
     } else{
        $host_xlate_src_ip = $name;
     }
     $log_xlate_dst_ip =~ s/^\s+|\s+$//g;
     @bytes = split (/\./, $log_xlate_dst_ip);
     $packaddr = pack ("C4", @bytes);
     if (!(($name, $altnames, $addrtype, $len, @addrlist) =gethostbyaddr ($packaddr, 2))) {
       $host_xlate_dst_ip = "0";
     } else {
       $host_xlate_dst_ip = $name;
     }
    $xlate_src_pt_name=getservbyport($log_xlate_src_pt,'tcp');
    $xlate_dst_pt_name=getservbyport($log_xlate_dst_pt,'tcp');
}
print <<EOF;
<table width="70% bgcolor="#ffffff" cellpadding="0" cellspacing="0" border="0">
<td bgcolor="#5479d8"><span class="main"><font color="#ffffff"><b>PIX Log ID: $id</b></font></span></td>
<td bgcolor="#5479d8" align="right" valign="top"><span class="main"></span></td>
<tr>
<td bgcolor="#000000" height="2"></td>
<td bgcolor="#000000" height="2"></td>
<tr>
<td bgcolor="#d9d9d9"></td>
<td align="right" valign="top" bgcolor="#d9d9d9">
<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=1&showoptions=1&showgeneral=1&showxlate=1&showspecific=1&showdescription=1" class="bodylink"><img src="images/pla_plus.gif" align="bottom" border="0"></img> expand all</a>
&nbsp;&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=0&showoptions=0&showgeneral=0&showxlate=0&showspecific=0&showdescription=0" class="bodylink"><img src="images/pla_minus.gif" align="bottom" border="0"></img> collapse all</a>
</td>
<tr>
<td height="10"></td>
<td height="10"></td>
<tr>
EOF

if ($showgeneral eq "0") {
print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=1&showxlate=$showxlate&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_plus.gif" border="0"></img></a> <span class="button">General Log Details</span>
</td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF
}


                                                                                                                                                                        
if ($showgeneral eq "1") {
print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=0&showxlate=$showxlate&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_minus.gif" border="0"></a> <span class="button">General Log Details</span>
</td>
<td>
<br>
</td>
<tr>
<td height="2" bgcolor="#000000"></td>
<td height="2" bgcolor="#000000"></td>
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Logging Resource:
</span>
</td>
<td>
<span class="main">
<img src="images/pix_device.png" align="top"></img> $log_resource
</span>
</td>
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle">  Logging Date/Time:
</span>
</td>
<td>
<span class="main">
$log_time
</span>
</td>
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle">  PIX Logging ID:
</span>
</td>
<td>
<span class="main">
$log_message
</span>
</td>
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle">  Traffic Protocol:
</span>
</td>
<td>
<span class="main">
EOF

if ($log_protocol eq "TCP") {
print <<EOF;
<img src="images/tcp_service.png" align="top"></img> $log_protocol (Flags: $log_flags)
EOF
}

if ($log_protocol eq "UDP") {
print <<EOF;
<img src="images/udp_service.png" align="top"></img> $log_protocol (Flags: $log_flags)
EOF
}

if ($log_protocol eq "ICMP") {
print <<EOF;
<img src="images/icmp_service.png" align="top"></img> $log_protocol (Flags: $log_flags)
EOF
}

print <<EOF;
</span>
</td>
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle">  Traffic Action:
</span>
</td>
<td>
<span class="main">
EOF
if ($log_action eq "ACCEPT") {
print <<EOF;
<img src="images/accept.png" align="top"></img> $log_action
EOF
}
if ($log_action eq "DROP") {
print <<EOF;
<img src="images/drop.png" align="top"></img> $log_action
EOF
}
print <<EOF;
</span>
</td>
<tr>
<td><td></td>
<td><br></td>
<tr>
<td></td>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF
}


if ($showspecific eq "0") {

print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=1&showdescription=$showdescription"><img src="images/pla_plus.gif" border="0"> <span class="button">Specific Log Details</span>
</td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF

}


if ($showspecific eq "1") {

print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=0&showdescription=$showdescription"><img src="images/pla_minus.gif" border="0"></a> <span class="button">Specific Log Details</span>
</td>
<td>
<br>
</td>
<tr>
<td height="2" bgcolor="#000000"></td>
<td height="2" bgcolor="#000000"></td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150" align="top" valign="top">
<span class="main">
<img src="images/pla_blank.gif" align="middle">  Source IP:
</span>
</td>
<td>
<span class="main">
$log_src_ip 
EOF
if ($host_src_ip ne "0") {
   print "(<i>$host_src_ip</i>)";
}
print <<EOF;
<span class="main">
&nbsp;&nbsp; [ <a href="src-whois?ip=$log_src_ip" class="bodylink">WHOIS</a> ]
&nbsp; [ <a href="pla_stats?firewall=$log_resource&id=srcip&log_id=$id&var_fld=$log_src_ip&datetime=$l_date" class="bodylink">PLA Graphs</a> ]
</span>
</td>
EOF
if (($log_protocol eq "TCP") || ($log_protocol eq "UDP")) {
print <<EOF;
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Source Port:
</span>
</td>
<td>
<span class="main">
$log_src_pt
EOF
if ($src_pt_name ne "") {
   print "(<i>$src_pt_name</i>)";
}
print <<EOF;
&nbsp;&nbsp; [ <a href="pla_stats?firewall=$log_resource&id=srcpt&log_id=$id&var_fld=$log_src_pt&datetime=$l_date" class="bodylink">PLA Graphs</a> ]
</span>
</td>
EOF
}
print <<EOF;
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Dest. IP:
</span>
</td>
<td>
<span class="main">
$log_dst_ip 
EOF
if ($host_dst_ip ne "0") {
   print "(<i>$host_dst_ip</i>)";
}
print <<EOF;
<span class="main">
&nbsp;&nbsp; [ <a href="src-whois?ip=$log_dst_ip" class="bodylink">WHOIS</span></a> ]
&nbsp; [ <a href="pla_stats?firewall=$log_resource&id=dstip&log_id=$id&var_fld=$log_dst_ip&datetime=$l_date" class="bodylink">PLA Graphs</a> ]
</span>
</td>
EOF
if (($log_protocol eq "TCP") || ($log_protocol eq "UDP")) {
print <<EOF;
<tr>
<td width="150">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Dest. Port:
</span>
</td>
<td>
<span class="main">
$log_dst_pt
EOF
if ($dst_pt_name ne "") {
   print "(<i>$dst_pt_name</i>)";
}
print <<EOF;
&nbsp;&nbsp; [ <a href="pla_stats?firewall=$log_resource&id=dstpt&log_id=$id&var_fld=$log_dst_pt&datetime=$l_date" class="bodylink">PLA Graphs</a> ]
</span>
</td>
EOF
}
print <<EOF;
<tr>
<td><td></td>
<td><br></td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF

}


if (($log_xlate_src_ip ne "") && ($log_xlate_src_pt ne "") && ($log_xlate_dst_ip ne "") && ($log_xlate_dst_pt ne "")) {
   if ($log_xlate_src_ip eq $log_src_ip) {
       $log_xlate_src_ip="Original (no translation)";
   } else {
       $log_xlate_src_ip="$log_xlate_src_ip ($host_xlate_src_ip)&nbsp;&nbsp; [ <a href=\"src-whois?ip=$log_xlate_src_ip\" class=\"bodylink\">WHOIS</span></a> ] &nbsp;[ <a href=\"pla_stats?firewall=$log_resource&id=xsrcip&log_id=$id&var_fld=$log_xlate_src_ip&datetime=$l_date\" class=\"bodylink\">PLA Graphs</a> ]";
   }
   if ($log_xlate_src_pt eq $log_src_pt) {
       $log_xlate_src_pt="Original (no translation)";
   } else {
     if ($xlate_src_pt_name ne "") {
         $log_xlate_src_pt="$log_xlate_src_pt (<i>$xlate_src_pt_name</i>)&nbsp;&nbsp; [ <a href=\"pla_stats?firewall=$log_resource&id=xsrcpt&log_id=$id&var_fld=$log_xlate_src_pt&datetime=$l_date\" class=\"bodylink\">PLA Graphs</a> ] &nbsp;";
     }
   }
   if ($log_xlate_dst_ip eq $log_dst_ip) {
       $log_xlate_dst_ip="Original (no translation)";
   } else {
     $log_xlate_dst_ip="$log_xlate_dst_ip ($host_xlate_dst_ip)&nbsp;&nbsp; [ <a href=\"src-whois?ip=$log_xlate_src_ip\" class=\"bodylink\">WHOIS</span></a> ] &nbsp; [ <a href=\"pla_stats?firewall=$log_resource&id=xdstip&log_id=$id&var_fld=$log_xlate_dst_ip&datetime=$l_date\" class=\"bodylink\">PLA Graphs</a> ]";
   }
   if ($log_xlate_dst_pt eq $log_dst_pt) {
       $log_xlate_dst_pt="Original (no translation)";
   } else {
     if ($xlate_dst_pt_name ne "") {
         $log_xlate_dst_pt="$log_xlate_dst_pt (<i>$xlate_dst_pt_name</i>)&nbsp;&nbsp; [ <a href=\"pla_stats?firewall=$log_resource&id=xdstpt&log_id=$id&var_fld=$log_xlate_dst_pt&datetime=$l_date\" class=\"bodylink\">PLA Graphs</a> ] &nbsp;";
     }
   }

if ($showxlate eq "0") {
                                                                                                                                                                                                                     
print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=1&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_plus.gif" border="0"></a> <span class="button">Address Translation</span>
</td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF
                                                                                                                                                                                                                     
}
                                                                                                                                                                                                                     
if ($showxlate eq "1") {

print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=0&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_minus.gif" border="0"></a>  <span class="button">Address Translation</span>
</td>
<tr>
<td height="2" bgcolor="#000000"></td>
<td height="2" bgcolor="#000000"></td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150" align="left" valign="top">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Translated Source IP:
</span>
</td>
<td align="left" valign="top">
<span class="main">
$log_xlate_src_ip
</span
</td>
<tr>
<td width="150" align="left" valign="top">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Translated Source Port:
</span>
</td>
<td align="left" valign="top">
<span class="main">
$log_xlate_src_pt
</span
</td>
<tr>
<td width="150" align="left" valign="top">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Translated Dest. IP:
</span>
</td>
<td align="left" valign="top">
<span class="main">
$log_xlate_dst_ip
</span
</td>
<tr>
<td width="150" align="left" valign="top">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Translated Dest. Port:
</span>
</td>
<td align="left" valign="top">
<span class="main">
$log_xlate_dst_pt
</span
</td>
<tr>
<tr>
<td><td></td>
<td><br></td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>

EOF
}

}


$statement1->execute();
while (($traffic_type,$description_name,$description_detail) = $statement1->fetchrow) {
if (length($traffic_type) >= "1") {

if ($showdescription eq "0") {
print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=$showspecific&showdescription=1"><img src="images/pla_plus.gif" border="0"></a> <span class="button">Traffic Description</span>
</td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF
}

if ($showdescription eq "1") {

print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$showmatches&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=$showspecific&showdescription=0"><img src="images/pla_minus.gif" border="0"></a> <span class="button">Traffic Description</span>
</td>
<tr>
<td height="2" bgcolor="#000000"></td>
<td height="2" bgcolor="#000000"></td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150" align="left" valign="top"> 
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Traffic Type/Priority:
</span>
</td>
<td align="left" valign="top">
<span class="main">
$traffic_type
</span
</td>
<tr>
<td width="150" align="left" valign="top">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Description Name:
</span>
</td>
<td align="left" valign="top">
<span class="main">
$description_name
</span
</td>
<tr>
<td width="150" align="left" valign="top">
<span class="main">
<img src="images/pla_blank.gif" align="middle"> Description Detail:
</span>
</td>
<td align="left" valign="top">
<span class="main">
$description_detail
</span>
</td>
<tr>
<tr>
<td><td></td>
<td><br></td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF
}
}

}

if ($matchdatabase ne "1") {
print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=1&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_plus.gif" border="0"></a> <span class="button">Database Matches</span>
</td>
<td></td>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF

}

if ($matchdatabase eq "1") {

print <<EOF;

<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=0&showoptions=$showoptions&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_minus.gif" border="0"></a> <span class="button">Database Matches</span>
</td>
<tr>
<td height="2" bgcolor="#000000"></td>
<td height="2" bgcolor="#000000"></td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
EOF
if (($log_protocol eq "TCP") || ($log_protocol eq "UDP")) {
$dbMatch1="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" and log_src_pt LIKE \"$log_src_pt\" and log_dst_ip LIKE  \"$log_dst_ip\" and log_dst_pt LIKE \"$log_dst_pt\" ";
$dbMatch1_bis = $db_handle->prepare($dbMatch1);
$dbMatch1_bis->execute();
while ($dbMatch1_result = $dbMatch1_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip&src_pt=$log_src_pt&dst_ip=$log_dst_ip&dst_pt=$log_dst_pt" class="bodylink">$dbMatch1_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) from SOURCE PORT ($log_src_pt) to DEST IP ($log_dst_ip) on DEST PORT ($log_dst_pt).
</span>
</td>
<tr>
EOF
$dbMatch2="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" and log_src_pt LIKE \"$log_src_pt\" and log_dst_ip LIKE  \"$log_dst_ip\" ";
$dbMatch2_bis = $db_handle->prepare($dbMatch2);
$dbMatch2_bis->execute();
while ($dbMatch2_result = $dbMatch2_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip&src_pt=$log_src_pt&dst_ip=$log_dst_ip" class="bodylink">$dbMatch2_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) from SOURCE PORT ($log_src_pt) to DEST IP ($log_dst_ip) on ANY PORT.
</span>
</td>
<tr>
EOF
$dbMatch3="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" and log_src_pt LIKE \"$log_src_pt\" ";
$dbMatch3_bis = $db_handle->prepare($dbMatch3);
$dbMatch3_bis->execute();
while ($dbMatch3_result = $dbMatch3_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip&src_pt=$log_src_pt" class="bodylink">$dbMatch3_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) from SOURCE PORT ($log_src_pt) to ANY IP on ANY PORT.
</span>
</td>
<tr>
EOF
$dbMatch4="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" and log_dst_ip LIKE \"$log_dst_ip\"  and log_dst_pt LIKE \"$log_dst_pt\"";
$dbMatch4_bis = $db_handle->prepare($dbMatch4);
$dbMatch4_bis->execute();
while ($dbMatch4_result = $dbMatch4_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip&dst_ip=$log_dst_ip&dst_pt=$log_dst_pt" class="bodylink">$dbMatch4_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) from ANY PORT to DEST IP ($log_dst_ip) on DEST PORT ($log_dst_pt).
</span>
</td>
<tr>
EOF
$dbMatch5="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" ";
$dbMatch5_bis = $db_handle->prepare($dbMatch5);
$dbMatch5_bis->execute();
while ($dbMatch5_result = $dbMatch5_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip"  class="bodylink">$dbMatch5_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) from ANY PORT to ANY IP on ANY PORT.
</span>
</td>
<tr>
EOF

$dbMatch6="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" and log_src_pt LIKE \"$log_src_pt\" and log_dst_pt LIKE  \"$log_dst_pt\"";
$dbMatch6_bis = $db_handle->prepare($dbMatch6);
$dbMatch6_bis->execute();
while ($dbMatch6_result = $dbMatch6_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip&src_pt=$log_src_pt&dst_pt=$log_dst_pt" class="bodylink">$dbMatch6_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) from SOURCE PORT ($log_src_pt) to ANY on DEST PORT ($log_dst_pt).
</span>
</td>
<tr>
EOF

$dbMatch7="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" and log_dst_ip LIKE  \"$log_dst_ip\"";
$dbMatch7_bis = $db_handle->prepare($dbMatch7);
$dbMatch7_bis->execute();
while ($dbMatch7_result = $dbMatch7_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip&dst_ip=$log_dst_ip" class="bodylink">$dbMatch7_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) from ANY PORT to DEST IP ($log_dst_ip) on ANY PORT.
</span>
</td>
<tr>
EOF

$dbMatch8="SELECT count(*) FROM traffic_log WHERE log_dst_ip LIKE \"$log_dst_ip\" and log_dst_pt LIKE  \"$log_dst_pt\"";
$dbMatch8_bis = $db_handle->prepare($dbMatch8);
$dbMatch8_bis->execute();
while ($dbMatch8_result = $dbMatch8_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?dst_ip=$log_dst_ip&dst_pt=$log_dst_pt" class="bodylink">$dbMatch8_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For ANY IP from ANY PORT to DEST IP ($log_dst_ip) on DEST PORT ($log_dst_pt).
</span>
</td>
<tr>
EOF

$dbMatch9="SELECT count(*) FROM traffic_log WHERE log_src_pt LIKE \"$log_src_pt\" and log_dst_ip LIKE \"$log_dst_ip\" and log_dst_pt LIKE  \"$log_dst_pt\"";
$dbMatch9_bis = $db_handle->prepare($dbMatch9);
$dbMatch9_bis->execute();
while ($dbMatch9_result = $dbMatch9_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_pt=$log_src_pt&dst_ip=$log_dst_ip&dst_pt=$log_dst_pt" class="bodylink">$dbMatch9_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For ANY IP from SOURCE PORT ($log_src_pt) to DEST IP ($log_dst_ip) on DEST PORT ($log_dst_pt).
</span>
</td>
<tr>
EOF

$dbMatch10="SELECT count(*) FROM traffic_log WHERE log_src_pt LIKE \"$log_src_pt\" and log_dst_pt LIKE  \"$log_dst_pt\"";
$dbMatch10_bis = $db_handle->prepare($dbMatch10);
$dbMatch10_bis->execute();
while ($dbMatch10_result = $dbMatch10_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_pt=$log_src_pt&dst_pt=$log_dst_pt" class="bodylink">$dbMatch10_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For ANY IP from SOURCE PORT ($log_src_pt) to ANY IP on DEST PORT ($log_dst_pt).
</span>
</td>
<tr>
EOF


$dbMatch11="SELECT count(*) FROM traffic_log WHERE log_src_pt LIKE \"$log_src_pt\"";
$dbMatch11_bis = $db_handle->prepare($dbMatch11);
$dbMatch11_bis->execute();
while ($dbMatch11_result = $dbMatch11_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b>
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_pt=$log_src_pt" class="bodylink">$dbMatch11_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For ANY IP from SOURCE PORT ($log_src_pt) to ANY IP on ANY PORT.
</span>
</td>
<tr>
EOF


$dbMatch12="SELECT count(*) FROM traffic_log WHERE log_dst_pt LIKE  \"$log_dst_pt\"";
$dbMatch12_bis = $db_handle->prepare($dbMatch12);
$dbMatch12_bis->execute();
while ($dbMatch12_result = $dbMatch12_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b>
<span class="main">
Matches: <a href="./pix_search_result_traffic?dst_pt=$log_dst_pt" class="bodylink">$dbMatch12_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For ANY IP from ANY PORT to ANY IP on DEST PORT ($log_dst_pt).
</span>
</td>
<tr>
EOF


}
if ($log_protocol eq "ICMP") {
$dbMatch1="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" and log_dst_ip LIKE  \"$log_dst_ip\" ";
$dbMatch1_bis = $db_handle->prepare($dbMatch1);
$dbMatch1_bis->execute();
while ($dbMatch1_result = $dbMatch1_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip&dst_ip=$log_dst_ip" class="bodylink">$dbMatch1_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) to DEST IP ($log_dst_ip).
</span>
</td>
<tr>
EOF
$dbMatch2="SELECT count(*) FROM traffic_log WHERE log_src_ip LIKE \"$log_src_ip\" ";
$dbMatch2_bis = $db_handle->prepare($dbMatch2);
$dbMatch2_bis->execute();
while ($dbMatch2_result = $dbMatch2_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?src_ip=$log_src_ip" class="bodylink">$dbMatch2_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For SOURCE IP ($log_src_ip) to ANY IP.
</span>
</td>
<tr>
EOF
$dbMatch3="SELECT count(*) FROM traffic_log WHERE log_dst_ip LIKE \"$log_dst_ip\" ";
$dbMatch3_bis = $db_handle->prepare($dbMatch3);
$dbMatch3_bis->execute();
while ($dbMatch3_result = $dbMatch3_bis->fetchrow) {
print <<EOF;
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <b>>></b> 
<span class="main">
Matches: <a href="./pix_search_result_traffic?dst_ip=$log_dst_ip" class="bodylink">$dbMatch3_result</span></a>
</span>
</td>
EOF
}
print <<EOF;
<td>
<span class="main">
For ANY IP to DEST IP ($log_dst_ip).
</span>
</td>
<tr>
EOF

}

print <<EOF;
<tr>
<td><td></td>
<td><br></td>
<tr>
<tr>
<td width="150">
<span class="main">
<br>
</span>
</td>
<td>
<span class="main">
<br>
</span>
</td>
<tr>
EOF

}


if ($showoptions ne "1") {
print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$matchdatabase&showoptions=1&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_plus.gif" border="0"></a> <span class="button">Options</span>
</td>
EOF
}
                                                                                                                                                                        
if ($showoptions eq "1") {
                                                                                                                                                                        
print <<EOF;
<td width="150" bgcolor="#5479d8">
&nbsp;<a href="$pix_traffic_id?id=$id&date=$datetime&showmatches=$matchdatabase&showoptions=0&showgeneral=$showgeneral&showxlate=$showxlate&showspecific=$showspecific&showdescription=$showdescription"><img src="images/pla_minus.gif" border="0"></a> <span class="button">Options</span>
</td>
<tr>
<td height="2" bgcolor="#000000"></td>
<td height="2" bgcolor="#000000"></td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <img src="images/config_incident.gif" align="top"></img> <a href="./pix_event_id_add?id=$id&type=traffic" class="bodylink">Incidents</a>
</td>
<td>
<span class="main">
Link PIX Log ID to a predefined incident.
</td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <img src="images/config_filter.gif" align="top"></img> <a href="pix_config_filter_createfromid?id=$id&type=traffic&createfromid=1" class="bodylink">Display Filters</a>
</td>
<td>
<span class="main">
Create a display filter from PIX Log ID.
</td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <img src="images/config_parsing.gif" align="top"></img> <a href="pix_config_parse_filter_createfromid?id=$id&type=traffic&createfromid=1" class="bodylink">Parse Filters</a>
</td>
<td>
<span class="main">
Create a parse filter from PIX Log ID.
</td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <img src="images/config_description.gif" align="top"></img> <a href="pix_config_description_createfromid?id=$id&type=traffic&createfromid=1" class="bodylink">Descriptions</a>
</td>
<td>
<span class="main">
Create a description from PIX Log ID.
</td>
<tr>
<td height="2"></td>
<td height="2"></td>
<tr>
<td width="150">
<img src="images/pla_blank.gif" align="middle"> <img src="images/config_query.gif" align="top"></img> <a href="pix_config_query_createfromid?id=$id&type=traffic&createfromid=1" class="bodylink">Queries</a>
</td>
<td>
<span class="main">
Create a query from PIX Log ID.
</td>
</table>
EOF
}

}
$db_handle->disconnect();

