DAProgs/portspoof_concentrator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
29f20eb15c554cade8fdabfef6dc7b2717091108
portspoof_concentrator/api/frequent_ips.php
DAProgs 29f20eb15c 2603.9 frequesnt IPs added
2026-03-13 16:13:56 -04:00

71 lines
2.4 KiB
PHP
Raw Blame History

<?php
/**
* GET /api/frequent_ips.php
*
* Returns all source IPs with a total connection count >= the configured
* threshold (frequent_ip_threshold setting, default 5), sorted highest first.
*
* Authentication (any one of):
* - Active web session (logged-in browser)
* - Authorization: Bearer <TRIGGER_TOKEN>
* - ?token=<TRIGGER_TOKEN>
*
* Optional query parameters:
* threshold int Override the configured minimum connection count
*/
require_once __DIR__ . '/../includes/auth.php';
require_once __DIR__ . '/../includes/functions.php';
header('Content-Type: application/json');
// ── Auth ──────────────────────────────────────────────────────────────────────
$session_ok = false;
if (auth_enabled()) {
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
$session_ok = !empty($_SESSION['authenticated']);
}
$token_ok = false;
if (TRIGGER_TOKEN !== '') {
$provided = '';
$auth_header = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
if (str_starts_with($auth_header, 'Bearer ')) {
$provided = substr($auth_header, 7);
}
if ($provided === '' && isset($_REQUEST['token'])) {
$provided = $_REQUEST['token'];
}
$token_ok = $provided !== '' && hash_equals(TRIGGER_TOKEN, $provided);
}
if (!$session_ok && !$token_ok) {
http_response_code(401);
echo json_encode(['error' => 'Unauthorized']);
exit;
}
// ── Query ─────────────────────────────────────────────────────────────────────
$configured_threshold = max(1, (int)get_setting('frequent_ip_threshold', '5'));
$threshold = isset($_GET['threshold'])
? max(1, (int)$_GET['threshold'])
: $configured_threshold;
$rows = frequent_ips($threshold);
echo json_encode([
'threshold' => $threshold,
'configured_threshold' => $configured_threshold,
'count' => count($rows),
'ips' => array_map(fn($r) => [
'src_ip' => $r['src_ip'],
'total_connections' => (int)$r['total_connections'],
'first_seen' => $r['first_seen'],
'last_seen' => $r['last_seen'],
], $rows),
], JSON_PRETTY_PRINT);
Reference in New Issue View Git Blame Copy Permalink