-
Notifications
You must be signed in to change notification settings - Fork 0
5.2 Filters Example Network
Gurdeep Singh (Guru) edited this page Aug 11, 2024
·
1 revision
Filter Type: Network
admin@phpterminal:firewall(config)# filter add block network 10.10.10.0/24
Filter added successfully
FILTER ADD BLOCK NETWORK 10.10.10.0/24 OUTPUT
NEWFILTER > FILTER_TYPE : block
NEWFILTER > ADDRESS_TYPE : network
NEWFILTER > ADDRESS : 10.10.10.0/24
NEWFILTER > IP2LOCATION_PROXY : -
NEWFILTER > UPDATED_BY : 1
NEWFILTER > UPDATED_AT : 1723376165
NEWFILTER > HIT_COUNT : 0
NEWFILTER > PARENT_ID : null
NEWFILTER > ID : 3
admin@phpterminal:firewall(config)#$newFilter = $firewall->addFilter(
[
'filter_type' => 'block',
'address_type' => 'network',
'address' => '10.100.100.0/24'
]
);
var_dump($newFilter);
// OUTPUT
// /var/www/html/projects/phpfw/index.php:16:
array (size=9)
'filter_type' => string 'block' (length=5)
'address_type' => string 'network' (length=7)
'address' => string '10.100.100.0/24' (length=15)
'ip2location_proxy' => string '-' (length=1)
'updated_by' => int 0
'updated_at' => int 1723376240
'parent_id' => null
'hit_count' => int 0
'id' => int 4- Verify the above entries
admin@phpterminal:firewall# show filters
+-------+-----------------+-----------------+-----------------------+------------+------------+----------------------------+----------------------------+-------------------------------+
| ID | FILTER_TYPE | ADDRESS_TYPE | ADDRESS | IP_HITS | HIT_COUNT | UPDATED_BY | UPDATED_AT | IP2LOCATION_PROXY |
+-------+-----------------+-----------------+-----------------------+------------+------------+----------------------------+----------------------------+-------------------------------+
| 1 | block | host | 8.8.8.8 | - | 2 | Administrator | 2024-08-11 10:05:01 | - |
| 2 | block | host | 8.8.8.9 | - | 0 | 0 | 2024-08-11 10:09:17 | - |
| 3 | block | network | 10.10.10.0/24 | 0 | 0 | Administrator | 2024-08-11 11:36:05 | - |
| 4 | block | network | 10.100.100.0/24 | 0 | 0 | 0 | 2024-08-11 11:37:20 | - |
+-------+-----------------+-----------------+-----------------------+------------+------------+----------------------------+----------------------------+-------------------------------+
Showing record : 4/4. Page : 1/1.
admin@phpterminal:firewall# - Once the above entries are created, we can check if they are being hit and indexed.
NOTE: Look at the time difference of searching the entry in database and in indexes.
admin@phpterminal:firewall# check ip 10.10.10.1
10.10.10.1 address found in network database. It took 0.035647869110107(s) and 42.07 kb of memory.
Blocked
CHECK IP 10.10.10.1 OUTPUT
DEFAULT_FILTER : No
FILTER > FILTER_TYPE : block
FILTER > ADDRESS_TYPE : host
FILTER > ADDRESS : 10.10.10.1
FILTER > IP2LOCATION_PROXY : -
FILTER > UPDATED_BY : 1
FILTER > UPDATED_AT : 1723376428
FILTER > HIT_COUNT : 0
FILTER > PARENT_ID : 3
FILTER > ID : 7
FILTER > PARENT_FILTER > FILTER_TYPE : block
FILTER > PARENT_FILTER > ADDRESS_TYPE : network
FILTER > PARENT_FILTER > ADDRESS : 10.10.10.0/24
FILTER > PARENT_FILTER > IP2LOCATION_PROXY : -
FILTER > PARENT_FILTER > UPDATED_BY : 1
FILTER > PARENT_FILTER > UPDATED_AT : 1723376165
FILTER > PARENT_FILTER > HIT_COUNT : 0
FILTER > PARENT_FILTER > PARENT_ID : null
FILTER > PARENT_FILTER > ID : 3
admin@phpterminal:firewall# check ip 10.10.10.1
10.10.10.1 address found in indexes. It took 0.0010631084442139(s) and 4.34 kb of memory.
Blocked
CHECK IP 10.10.10.1 OUTPUT
DEFAULT_FILTER : No
FILTER > FILTER_TYPE : block
FILTER > ADDRESS_TYPE : host
FILTER > ADDRESS : 10.10.10.1
FILTER > IP2LOCATION_PROXY : -
FILTER > UPDATED_BY : 1
FILTER > UPDATED_AT : 1723376428
FILTER > HIT_COUNT : 1
FILTER > PARENT_ID : 3
FILTER > ID : 7
FILTER > PARENT_FILTER > FILTER_TYPE : block
FILTER > PARENT_FILTER > ADDRESS_TYPE : network
FILTER > PARENT_FILTER > ADDRESS : 10.10.10.0/24
FILTER > PARENT_FILTER > IP2LOCATION_PROXY : -
FILTER > PARENT_FILTER > UPDATED_BY : 1
FILTER > PARENT_FILTER > UPDATED_AT : 1723376165
FILTER > PARENT_FILTER > HIT_COUNT : 1
FILTER > PARENT_FILTER > PARENT_ID : null
FILTER > PARENT_FILTER > ID : 3
admin@phpterminal:firewall# check ip 10.100.100.10
10.100.100.10 address found in network database. It took 0.031961917877197(s) and 5.31 kb of memory.
Blocked
CHECK IP 10.100.100.10 OUTPUT
DEFAULT_FILTER : No
FILTER > FILTER_TYPE : block
FILTER > ADDRESS_TYPE : host
FILTER > ADDRESS : 10.100.100.10
FILTER > IP2LOCATION_PROXY : -
FILTER > UPDATED_BY : 0
FILTER > UPDATED_AT : 1723376447
FILTER > PARENT_ID : 4
FILTER > HIT_COUNT : 0
FILTER > ID : 8
FILTER > PARENT_FILTER > FILTER_TYPE : block
FILTER > PARENT_FILTER > ADDRESS_TYPE : network
FILTER > PARENT_FILTER > ADDRESS : 10.100.100.0/24
FILTER > PARENT_FILTER > IP2LOCATION_PROXY : -
FILTER > PARENT_FILTER > UPDATED_BY : 0
FILTER > PARENT_FILTER > UPDATED_AT : 1723376240
FILTER > PARENT_FILTER > PARENT_ID : null
FILTER > PARENT_FILTER > HIT_COUNT : 0
FILTER > PARENT_FILTER > ID : 4
admin@phpterminal:firewall# check ip 10.100.100.10
10.100.100.10 address found in indexes. It took 0.0010170936584473(s) and 4.34 kb of memory.
Blocked
CHECK IP 10.100.100.10 OUTPUT
DEFAULT_FILTER : No
FILTER > FILTER_TYPE : block
FILTER > ADDRESS_TYPE : host
FILTER > ADDRESS : 10.100.100.10
FILTER > IP2LOCATION_PROXY : -
FILTER > UPDATED_BY : 0
FILTER > UPDATED_AT : 1723376447
FILTER > PARENT_ID : 4
FILTER > HIT_COUNT : 1
FILTER > ID : 8
FILTER > PARENT_FILTER > FILTER_TYPE : block
FILTER > PARENT_FILTER > ADDRESS_TYPE : network
FILTER > PARENT_FILTER > ADDRESS : 10.100.100.0/24
FILTER > PARENT_FILTER > IP2LOCATION_PROXY : -
FILTER > PARENT_FILTER > UPDATED_BY : 0
FILTER > PARENT_FILTER > UPDATED_AT : 1723376240
FILTER > PARENT_FILTER > PARENT_ID : null
FILTER > PARENT_FILTER > HIT_COUNT : 1
FILTER > PARENT_FILTER > ID : 4
admin@phpterminal:firewall# show filters
+-------+-----------------+-----------------+-----------------------+------------+------------+----------------------------+----------------------------+-------------------------------+
| ID | FILTER_TYPE | ADDRESS_TYPE | ADDRESS | IP_HITS | HIT_COUNT | UPDATED_BY | UPDATED_AT | IP2LOCATION_PROXY |
+-------+-----------------+-----------------+-----------------------+------------+------------+----------------------------+----------------------------+-------------------------------+
| 1 | block | host | 8.8.8.8 | - | 2 | Administrator | 2024-08-11 10:05:01 | - |
| 2 | block | host | 8.8.8.9 | - | 0 | 0 | 2024-08-11 10:09:17 | - |
| 3 | block | network | 10.10.10.0/24 | 1 | 2 | Administrator | 2024-08-11 11:36:05 | - |
| 4 | block | network | 10.100.100.0/24 | 1 | 2 | 0 | 2024-08-11 11:37:20 | - |
+-------+-----------------+-----------------+-----------------------+------------+------------+----------------------------+----------------------------+-------------------------------+
Showing record : 4/4. Page : 1/1.
admin@phpterminal:firewall# show filter 3
SHOW FILTER 3 OUTPUT
+-------+-----------------+-----------------+----------------------------------------------------+------------+---------------------------+---------------------------+
| ID | FILTER_TYPE | ADDRESS_TYPE | ADDRESS (PARENT) | HIT_COUNT | UPDATED_BY | UPDATED_AT |
+-------+-----------------+-----------------+----------------------------------------------------+------------+---------------------------+---------------------------+
| 3 | block | network | 10.10.10.0/24 | 2 | Administrator | 2024-08-11 11:36:05 |
| 7 | block | host | 10.10.10.1 (10.10.10.0/24) | 2 | Administrator | 2024-08-11 11:40:28 |
+-------+-----------------+-----------------+----------------------------------------------------+------------+---------------------------+---------------------------+
admin@phpterminal:firewall# show filter 4
SHOW FILTER 4 OUTPUT
+-------+-----------------+-----------------+----------------------------------------------------+------------+---------------------------+---------------------------+
| ID | FILTER_TYPE | ADDRESS_TYPE | ADDRESS (PARENT) | HIT_COUNT | UPDATED_BY | UPDATED_AT |
+-------+-----------------+-----------------+----------------------------------------------------+------------+---------------------------+---------------------------+
| 4 | block | network | 10.100.100.0/24 | 2 | 0 | 2024-08-11 11:37:20 |
| 8 | block | host | 10.100.100.10 (10.100.100.0/24) | 2 | 0 | 2024-08-11 11:40:47 |
+-------+-----------------+-----------------+----------------------------------------------------+------------+---------------------------+---------------------------+
admin@phpterminal:firewall#