Location: PHPKode > projects > IPTables log analyzer > iptablelog/modules/TopPorts.php
<?php
/////////////////////////////////////////////////////////////////////////////////////
// IPTable log analyzer
// Copyright (C) 2002 Gerald GARCIA
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Plac<B2>e - Suite 330, Boston, MA  02111-1307, USA.
//
// Contact author : hide@address.com
/////////////////////////////////////////////////////////////////////////////////////

// $Id: TopPorts.php,v 1.4 2007/02/23 22:42:47 tarbuck Exp $

require_once("$file_base/utils/Cache.php");
require_once("$file_base/utils/Misc.php");

Class TopPorts {
    
  function TopPorts() {
  }

  function display() {
    global $cache_delay;

    $cache = new Cache($cache_delay);

    $str = $cache->get("TopPorts");
    if (strlen($str)==0) {
      print "<!-- The module is regenerated -->\n";
      $str = $this->generate();
      $cache->put("TopPorts",$str);
    }
    print $str;
  }

  function generate() {
    global $date;
    global $url_base;

    if ($date < 1000) {
        $date_where = "AND u.local_time > UNIX_TIMESTAMP(ADDDATE(CURDATE(),INTERVAL -$date DAY))";
    }

    $query = "SELECT IFNULL(u.tcp_dport,IFNULL(u.udp_dport,0)) AS port, count(local_time) as nb FROM ulog u WHERE ((u.tcp_dport IS NOT NULL)  OR (u.udp_dport IS NOT NULL)) $date_where GROUP BY port ORDER BY nb DESC limit 10";
    $result = db_query ($query);
    
    $out .= "<table width='100%'>\n";
    $out .= "<tr class='ModuleTabTitle'><td>Port</td><td>Number</td><td>Nb</td></tr>\n";
    while($line = db_nextobject($result)){

      $port_name=findPortNameFromNumber($line->port);

      $out .= "<tr class='TopDomainsEntry'>";
      $out .= "<td><a href='$url_base/to_port.php?port=$line->port'>";
      if (strlen($port_name)!=0) { $out .= "$port_name"; } else { $out .= "unknown"; }
      $out .= "</a></td>";
      $out .= "<td><a href='$url_base/to_port.php?port=$line->port'>$line->port</a></td>";
      $out .= "<td>$line->nb</td></tr>\n";
    }
    $out .= "</table>\n";

    return $out;
  }
}

?>
Return current item: IPTables log analyzer