#!/usr/local/bin/perl
# A simple cgi-script to generate the X last events 
# from a snort database on postgresql. I make this script because 
# I got an old HTTP server where PHP can't run. 
# 
# Author : Alexandre Dulaunoy <alex@foo.be>
# Date   : 3/3/2001
# under the terms of the GNU General Public License.
# Version: 0.0.1
#
# PS : Don't forget to setup the correct access for uid to postgres

use Pg;
my $dbname='snort';
my $howmanyevent=200;
my $x;
my $date = `date`;
$conn = Pg::connectdb("dbname=$dbname");
$result = $conn->exec("select * from event ORDER BY event.timestamp
DESC LIMIT $howmanyevent");
print "Content-type: text/html\n\n";
print "<html>";
print "<title> Last $howmanyevent events from snort db.</title>";
print "<h3>Last $howmanyevent events from snort db. generated on $date
</h3>";
print "<table COLS=2 WIDTH=\"100%\" BGCOLOR=\"#FFFFCC\" NOSAVE>";
print "<tr> <td><b>ID<b/></td><td><b>Signature</b></td><td><b>Source
IP<b></td><td><b>TCPSPORT</b></td><td><b>Destination
IP</b></td><td><b>TCPDPORT</b></td></tr> \n";	

while (@row = $result->fetchrow)
{
	$x++;
	$result2 = $conn->exec("select  ip_src0,ip_src1,ip_src2,ip_src3,ip_dst0,ip_dst1,ip_dst2,ip_dst3
from iphdr where cid=$row[1]");
	@ip = $result2->fetchrow;
	$src_ip = $ip[0].".".$ip[1].".".$ip[2].".".$ip[3];	
	$dst_ip = $ip[4].".".$ip[5].".".$ip[6].".".$ip[7];
	$result3 = $conn->exec("select tcp_sport,tcp_dport from tcphdr  where cid=$row[1]");
	@tcp = $result3->fetchrow;
print "<tr> <td>$row[1]</td>
<td>$row[2]</td><td>$src_ip</td><td>$tcp[0]</td><td>$dst_ip</td><td>$tcp[1]</td></tr>
\n";	 #	print "\n";
#	print $row[1]."***".$row[2]."*** SIP:".$src_ip."***DIP:".$dst_ip."\n";

}
print "</table>";
print "<small> <i>by <a href=\"http://www.foo.be/\"> adulau</a></i></small>";

print "</html>";