#!/bin/sh

. ../common/ajax_common


load_alert_stat()
{
    ${FLOWEYE} nevt stat | awk -F"=" \
    'BEGIN{
        dot = "";
        printf "{";
    }{
        printf "%s\"%s\":\"%s\"", dot, $1, $2;
        if(dot == "") dot = ",";  
    }END{
        printf "}";
    }'
}


set_alert_stat()
{
    cmdargs="nevttl=${CGI_nevttl} cpu_scan_inter=${CGI_cpu_scan_inter} auth_scan_inter=${CGI_auth_scan_inter} ifbps_scan_inter=${CGI_ifbps_scan_inter}"
    cmdargs="${cmdargs} synackpps_scan_inter=${CGI_synackpps_scan_inter}"
    errmsg=`${FLOWEYE} nevt config ${cmdargs}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "nevt config ${cmdargs}"
        WEB_LOGGER "ø澯ģ" "${cmdargs}"
        retjson 0 "ɹ"
    fi
}


set_msgsend_inter()
{
    cmdargs="notify2user=${CGI_notify2user} notifyperiod_week=${CGI_notifyperiod_week}"
    cmdargs="${cmdargs} notifyperiod_hourstart=${CGI_notifyperiod_hourstart} notifyperiod_hourend=${CGI_notifyperiod_hourend}"

    errmsg=`${FLOWEYE} nevt config ${cmdargs}`
    [ $? -ne 0 ] &&  retjson 1 "ʧܣ${errmsg}"

    sendto_webui_pipe start_warring

    sync_floweye "nevt config ${cmdargs}"
    WEB_LOGGER "ø澯ͼ" "${cmdargs}"
    retjson 0 "ɹ"
}


load_policy_list()
{
    ${FLOWEYE} nevt_rule list
}


load_alert_event()
{
    cmdargs=""

    [ "${CGI_today}" != "" ] && cmdargs="${cmdargs} today=${CGI_today}"
    [ "${CGI_evtype}" != "" ] && cmdargs="${cmdargs} evtype=${CGI_evtype}"
    [ "${CGI_alarm_level}" != "" ] && cmdargs="${cmdargs} level=${CGI_alarm_level}"
    [ "${CGI_rdstat}" != "" ] && cmdargs="${cmdargs} rdstat=${CGI_rdstat}"
    [ "${CGI_keyword}" != "" ] && cmdargs="${cmdargs} keywd=${CGI_keyword}"

    isNTM=${FLOWEYE}
    if [ "${NTM}" = "1" ]; then
        if [ "${OEM}" = "pa" -o "${OEM}" = "pro" ]; then
            isNTM=${NTMEYE}
        fi
    fi
    
    if [ "${CGI_type}" = "history" ]; then
        ${isNTM} nevtlog list json=1 ${cmdargs} page=${CGI_page} limit=${CGI_limit}
    else
        ${isNTM} nevt list json=1 page=${CGI_page} limit=${CGI_limit}
    fi
}


get_alert_policy()
{
    [ "${CGI_mtime}" != "" ] && cmdargs="mtime=${CGI_mtime}"

    errmsg=`${FLOWEYE} nevt_rule get id=${CGI_id} show_rawdata=1 "${cmdargs}"`

    if [ $? -ne 0 ]; then
        printf "\"none\""
    else
        printf "{${errmsg}}"
    fi
}


load_addpolicy_env()
{
    . ../common/ajax_object_lib

    printf "{"
    printf "\"wan_list\":`lib_proxy_list wan`"
    printf ",\"interface_list\":`lib_interface_list`"
    printf ",\"iptab_list\":`lib_iptable_list`"
    printf ",\"ippool_list\":`lib_ippool_list`"
    printf ",\"qtde_list\":`lib_qtde_list`"
    printf ",\"statobj_list\":[`${FLOWEYE} ntmso list`]"

    if [ "${NTM}" = "1" ]; then
        printf ",\"threat_list\":`lib_threat_list`"
        printf ",\"ntmlink\":`${FLOWEYE} ntmnetbrch list json=1  gid=-1`"
    fi

    if [ "${CGI_id}" != "" ]; then
        printf ",\"policy\":`get_alert_policy`"
    fi

    printf "}"
}


add_alert_policy()
{
    [ "${CGI_action}" = "add_alert_policy" ] && action="add" || action="set"
    [ "${CGI_nontrig}" = "1" ] && dura=0

    cmdargs="id=${CGI_id} evtype=${CGI_evtype} evattr=${CGI_evattr} obj_threshold=${CGI_obj_threshold} opcode=${CGI_evopcode} objname=${CGI_objname}"
    cmdargs="${cmdargs} limit1=${CGI_evlimit1} limit2=${CGI_evlimit2} nontrig=${CGI_nontrig} dura=${CGI_dura} notifyinter=${CGI_notifyinter}"
    cmdargs="${cmdargs} monitor_hour=${CGI_start_hour}-${CGI_end_hour} alarm_level=${CGI_alarm_level}"

    errmsg=`${FLOWEYE} nevt_rule ${action} ${cmdargs}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "nevt_rule ${action} ${cmdargs}"
        WEB_LOGGER "ø澯" "${action} ${cmdargs}"
        retjson 0 "ɹ"
    fi
}


rmv_alert_policy()
{
    errmsg=`${FLOWEYE} nevt_rule remove id=${CGI_id}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "nevt_rule remove id=${CGI_id}"
        WEB_LOGGER "ɾ澯" "id=${CGI_id} evtype=${CGI_evtype}"
        retjson 0 "ɹ"
    fi
}


enable_alert_policy()
{
    errmsg=`${FLOWEYE} nevt_rule set id=${CGI_id} enable=1`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "nevt_rule set id=${CGI_id} enable=1"
        WEB_LOGGER "ø澯" "id=${CGI_id} evtype=${CGI_evtype}"
        retjson 0 "ɹ"
    fi
}


disable_alert_policy()
{
    errmsg=`${FLOWEYE} nevt_rule set id=${CGI_id} enable=0`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "nevt_rule set id=${CGI_id} enable=0"
        WEB_LOGGER "ø澯" "id=${CGI_id} evtype=${CGI_evtype}"
        retjson 0 "ɹ"
    fi
}


btnrmv_alert_policy()
{
    num=0

    for id in `echo "${CGI_items}" | tr ";" " "`
    do
        errmsg=`${FLOWEYE} nevt_rule remove id=${id}`
        [ $? -ne 0 ] && retjson 1 "ʧܣ${errmsg} [${id}]"
        sync_floweye "nevt_rule remove id=${id}"
        num=$((${num} + 1))
    done

    WEB_LOGGER "ɾ澯" "num=${num}"
    retjson 0 "ɹ"
}


btnenable_alert_policy()
{
    num=0

    for id in `echo "${CGI_items}" | tr ";" " "`
    do
        errmsg=`${FLOWEYE} nevt_rule set id=${id} enable=1`
        [ $? -ne 0 ] && retjson 1 "ʧܣ${errmsg}"
        sync_floweye "nevt_rule set id=${id} enable=1"
        num=$((${num} + 1))
    done

    WEB_LOGGER "ø澯" "num=${num}"
    retjson 0 "ɹ"
}


btndisable_alert_policy()
{
    num=0

    for id in `echo "${CGI_items}" | tr ";" " "`
    do
        errmsg=`${FLOWEYE} nevt_rule set id=${id} enable=0`
        [ $? -ne 0 ] && retjson 1 "ʧܣ${errmsg}"
        sync_floweye "nevt_rule set id=${id} enable=0"
        num=$((${num} + 1))
    done

    WEB_LOGGER "ø澯" "num=${num}"
    retjson 0 "ɹ"
}


export_alert_policy()
{
	file_name="system_alert_rule.conf"

	mkdir -p ${WEB_DOWNLOAD}

	awk '{
		if($1 == "nevtrule")
            print $0;
	}' ${PGETC}/panabit.conf >> ${WEB_DOWNLOAD}/${file_name}

	retjson 0 "OK" "\"${file_name}\""
}


import_alert_policy()
{
    [ ! -f "${CGI_file}" ] && retjson 1 "INV_FILE"

    ok=0
    err=0

    while read types conf
    do
        [ "${types}" != "nevtrule" ] && continue

        ${FLOWEYE} nevt_rule add ${conf}

        if [ $? -ne 0 -a "${CGI_type}" = "cover" ]; then
            ${FLOWEYE} nevt_rule set ${conf}
            if [ $? -ne 0 ]; then
                err=$((${err} + 1))
            else
                ok=$((${ok} + 1))
            fi
        else
            ok=$((${ok} + 1))
        fi
    done <<EOF
`cat ${CGI_file}`
EOF

    WEB_LOGGER "澯"
    retjson 0 "ɣɹ:${ok}ʧ:${err}"
}


rmv_history_event()
{
    errmsg=`${FLOWEYE} nevt_log remove logidstr=${CGI_id}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        WEB_LOGGER "ɾʷ澯¼" "id=${CGI_id}"
        retjson 0 "ɹ"
    fi
}


delete_all_event()
{   
    if [ ${NTM} = 1 ]; then
        errmsg=`${NTMEYE} nevtlog remove rmvall=1`

        if [ $? -ne 0 ]; then
            retjson 1 "ʧܣ${errmsg}"
        else
            WEB_LOGGER "ʷ澯¼"
            retjson 0 "ɹ"
        fi
    else
        logidstr=""

        for id in `${FLOWEYE} nevtlog list | cut -d" " -f1`
        do
            logidstr="${logidstr},${id}"
        done
        
        ${FLOWEYE} nevt_log remove logidstr=${logidstr}

        WEB_LOGGER "ʷ澯¼"
        retjson 0 "ɹ"
    fi


}


restore_default_policy()
{
    cmdargs=""
    RULE_MAKE="/usr/ramdisk/bin/netev_sysrule_birth.sh"

    if [ "${CGI_id}" != "" ]; then
        cmdargs="id=${CGI_id} evtype=${CGI_evtype} evattr=${CGI_evattr} objname=${CGI_objname} opcode=${CGI_above}"
    fi
    
    ${RULE_MAKE} restore ${cmdargs} > /dev/null 2>&1

    WEB_LOGGER "ָĬϸ澯"
    retjson 0 "ɹ"
}


netev_session(){
    [ "${CGI_page}"  = "" ] && CGI_page=1
    [ "${CGI_limit}" = "" ] && CGI_limit=100

    cmdargs="${cmdargs} page=${CGI_page} limit=${CGI_limit}"

    [ "${CGI_rule_id}"  != "" ] && cmdargs="${cmdargs} rule_id=${CGI_rule_id}"
    [ "${CGI_src}" != "" ] && cmdargs="${cmdargs} src=${CGI_src}"
    [ "${CGI_sport}" != "" ] && cmdargs="${cmdargs} sport=${CGI_sport}"
    [ "${CGI_dst}" != "" ] && cmdargs="${cmdargs} dst=${CGI_dst}"
    [ "${CGI_dport}" != "" ] && cmdargs="${cmdargs} dport=${CGI_dport}"
    [ "${CGI_proto}" != "" ] && cmdargs="${cmdargs} proto=${CGI_proto}"
    [ "${CGI_username}" != "" ] && cmdargs="${cmdargs} username=${CGI_username}"
    [ "${CGI_type}" != "" ] && cmdargs="${cmdargs} type=${CGI_type}"
    
    ${NTMEYE} netev_session list ${cmdargs}
}


nevtlog_rdstat()
{
    ${NTMEYE} nevtlog config id=${CGI_id} rdstat=${CGI_rdstat}
}


case "${CGI_action}" in
    "load_alert_stat")
        retjson 0 "OK" "`load_alert_stat`"
        ;;

    "set_alert_stat")
        action_check
        set_alert_stat
        ;;

    "set_msgsend_inter")
        action_check
        set_msgsend_inter
        ;;

    "load_policy_list")
        retjson 0 "OK" "`load_policy_list`"
        ;;
    
    "load_alert_event")
        retjson 0 "OK" "`load_alert_event`"
        ;;

    "load_addpolicy_env")
        retjson 0 "OK" "`load_addpolicy_env`"
        ;;

    "add_alert_policy"|"edit_alert_policy")
        action_check
        add_alert_policy
        ;;

    "rmv_alert_policy")
        action_check
        rmv_alert_policy
        ;;

    "enable_alert_policy")
        action_check
        enable_alert_policy
        ;;
    
    "disable_alert_policy")
        action_check
        disable_alert_policy
        ;;

    "btnrmv_alert_policy")
        action_check
        btnrmv_alert_policy
        ;;

    "btnenable_alert_policy")
        action_check
        btnenable_alert_policy
        ;;

    "btndisable_alert_policy")
        action_check
        btndisable_alert_policy
        ;;

    "export_alert_policy")
        action_check
        export_alert_policy
        ;;

    "import_alert_policy")
        action_check
        import_alert_policy
        ;;

    "rmv_history_event")
        action_check
        rmv_history_event
        ;;

    "delete_all_event")
        action_check
        delete_all_event
        ;;

    "restore_default_policy")
        action_check
        restore_default_policy
        ;;

    "netev_session")
        retjson 0 "OK" "`netev_session`"
        ;;

    "nevtlog_rdstat")
        retjson 0 "OK" "`nevtlog_rdstat`"
        ;;

    
    *)
        retjson 1 "UNKNOW_ACTION"
        ;;
esac
