netpass-devel Mailing List for NetPass (Page 15)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: jeff m. <jef...@us...> - 2005-05-06 03:10:16
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3466/www/htdocs/Admin Modified Files: autohandler gencfg.mhtml logout.mhtml mr.mhtml netgroups.mhtml network.mhtml Log Message: netgroup/network editor UI Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/autohandler,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- autohandler 4 May 2005 03:09:45 -0000 1.11 +++ autohandler 6 May 2005 03:09:33 -0000 1.12 @@ -14,8 +14,6 @@ if (hostname =~ /-d.cit.buffalo.edu$/) { $serverType = "DEVELOPMENT"; } - - if ($printable == 0) { print qq{<script src="/resources/js/xmlhttp.js" type="text/javascript"></script>}; $m->comp('/style/back/start_sidebar', %ARGS); @@ -25,7 +23,9 @@ <div class="sbHeader"><%$serverType%> SERVER</div> </center> <P> -% if (exists $m->session->{'logged_in'} && ($m->session->{'logged_in'} == 1)) { + +% if (exists $m->session->{'logged_in'} && ($m->session->{'logged_in'} == 1)) { + <center> <div class='sbHeader'>Logged in as <%$m->session->{'username'}%></div> <a class='sbLinks' title='' href="/Admin/logout.mhtml"><I>(Logout)</I></a><BR> @@ -62,13 +62,13 @@ </DIV> <P><P> <BR><H6><I><%join('.', (split(/\./, hostname))[0,1])%></I></H6> -% } + <%perl> + } } # if someone changes our group membership, pick it up right away instead of # requiring a logout/login - $m->session->{'my_groups'} = $np->db->getUserGroups($m->session->{'username'}) if ($m->session->{'logged_in'} && ($m->session->{'username'} ne "")); Index: mr.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/mr.mhtml,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- mr.mhtml 4 May 2005 20:22:17 -0000 1.9 +++ mr.mhtml 6 May 2005 03:09:33 -0000 1.10 @@ -171,7 +171,7 @@ $np->db->audit( -user => $user, -mac => $mac, -ip => $ip, - -msg => [ "manually registered by ".$m->session->{'logged_in'} ] + -msg => [ "manually registered by ".$m->session->{'username'} ] ); return ""; Index: logout.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/logout.mhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- logout.mhtml 3 May 2005 16:13:30 -0000 1.3 +++ logout.mhtml 6 May 2005 03:09:33 -0000 1.4 @@ -13,7 +13,12 @@ --></script> <%perl> if (exists $m->session->{'logged_in'}) { + _log("INFO", $m->session->{'username'}." is logging out of Admin tool\n"); + $m->audit(-severity => 'NOTICE', -ip => $ENV{'REMOTE_ADDR'}, + -user => $m->session->{'username'}, + -msg => [ "$username logged out of Admin tool" ]); $m->session->{'logged_in'} = 0; + tied(%{$m->session})->delete; print "Logging out. Please wait..<P>"; print qq{<META HTTP-EQUIV=REFRESH CONTENT="1; URL=/Admin">}; } Index: network.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/network.mhtml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- network.mhtml 4 May 2005 20:22:17 -0000 1.2 +++ network.mhtml 6 May 2005 03:09:33 -0000 1.3 @@ -21,10 +21,10 @@ RO none </%doc> <%args> - $submit => ''; + $submitButton => ''; + $network => ''; </%args> <%perl> -return unless $m->comp('/Admin/Login', %ARGS); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if (!$isRoot) { @@ -32,9 +32,8 @@ return; } -# these group names can not be used as 'netgroups' - -my $reservedGroups = { 'default' => 1, 'clientAccess' => 1 }; +my $ip = $ENV{'REMOTE_ADDR'}; +my $whoami = $m->session->{'username'}; # fetch all known networks and netgroups @@ -44,37 +43,103 @@ my $ng = $np->cfg->getNetgroup(-network => $nw); push @$allNetgroups, $ng if ($ng ne "") && (!grep(/^$ng$/, @$allNetgroups)); } +$m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'addNetwork', 'submitButton' ], 'init' => 0); +my $WH = "--Select a Network--"; </%perl> <h2> Network Configuration </h2> -% $m->comp('/Admin/LockConfig'); -% my $WH = "-" x 20; + +Notes: +<ul> +<li>Networks are in CIDR notation (A.B.C.D/M) +<li>To add a new network: +<ol> + <li> Click inside the "Add Network.." box. + <li> Type in a network name (CIDR notation only) + <li> Click 'Commit Changes' +</ol> +<LI>To edit a network (once it's been added): +<ol> + <li>Select the network from the drop-down menu. + <LI>Edit it's parameters. + <li>Click 'Commit Changes' +</ol> +</ul> <script language='JavaScript'><!-- -var pageDirty = false; setWhereAmI('Configuration > Network'); +DBG_init(); --></script> <form method="post"> <table border=0> <tr> - <th>Netgroups</th> - <th>Networks</th> -</tr> -<tr> - <td style='text-align:center;'> - <%$q->scrolling_list(-name => 'netgroups', -values => [ $WH, sort @$allNetgroups ], -size => 15, -multiple => 'false')%><BR> - <input id='addNetgroup' name='addNetgroup' size=20 value='Add Netgroup...' disabled> + <td> + <%$q->popup_menu(-id => 'network', -name => 'network', -values => [ $WH, sort @$allNetworks ], -onchange => 'network_onchange_network();')%> </td> - <td style='text-align:center;'> - <%$q->scrolling_list(-name => 'networks', -values => [ $WH, sort @$allNetworks ], -size => 15, -multiple => 'false')%><BR> - <input id='addNetwork' name='addNetwork' size=20 value='Add Network...' disabled> + <td> + <input id='addNetwork' name='addNetwork' size=20 value='Add Network...' disabled + onblur='network_onblur_addNetwork(this);' onfocus='network_onfocus_addNetwork(this);'> + </td> + <td> + <input type='submit' name='submitButton' id='submitButton' value='Commit Changes' disabled> </td> </tr> -</table> -<table id='networkPolicy'> +% if ($network) { +<tr><td colspan=3><PRE> + - comment + - ha enabled/disabled + settings + - primary-redirector + - secondary-redirector + - servers + - virtualip + - garp enabled/disabled + settings + - delay + - number + - netgroup membership (uneditable list + link) + - interface + - nonquar/quar vlan id + - switches (list + add new + link to switch config)</PRE> +</td></tr> +<tr><td colspan=3> +% my $ng = $np->cfg->getNetgroup(-network => $network); +% my $ngtxt = $ng ? qq{<BR>(Part of the "<a href='netgroups.mhtml?netgroups=$ng'>$ng</a>" netgroup)} : ""; +% $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Network General Settings for '.$network.$ngtxt, +% 'showDefault' => 1, 'formatFor' => 'network', +% 'network' => $network, 'suppressKeys' => { 'PID_DIR' => 1, 'BASE_DIR' => 1 } ); +% } +</td></tr> </table> </form> + + + +<script src="/resources/js/common.js" type="text/javascript"></script> +<script src="/resources/js/network.js" type="text/javascript"></script> + + +<%perl> +my $lstat = $np->db->isConfigLocked(); + +if (ref($lstat) eq "HASH") { + # the config is locked + if ($lstat->{'user'} eq $m->session->{'username'}) { + # by us, so show the unlock button + print qq{<script>lockConfig_results("OK lock");lockConfig_enableElements();</script>}; + } else { + # but not by us, show the force unlock button + print qq{<script>lockConfig_results("NOK lock $lstat->{'user'}");lockConfig_disableElements();</script>}; + } +} +elsif ($lstat) { + # there was a problem +} +else { + # the config is not locked, show the lock button + print qq{<script>lockConfig_results("OK unlock");lockConfig_disableElements();</script>}; +} + +</%perl> Index: gencfg.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/gencfg.mhtml,v retrieving revision 1.13 retrieving revision 1.14 diff -u -d -r1.13 -r1.14 --- gencfg.mhtml 4 May 2005 20:22:17 -0000 1.13 +++ gencfg.mhtml 6 May 2005 03:09:33 -0000 1.14 @@ -107,6 +107,43 @@ -size => 3, )%> </TD></TR> + +<TR> +<TD CLASS='left'>Disable Strikes For Manual Quarantine</TD> +<TD CLASS='right'> +<%$q->radio_group ( + -name => 'policy:NO_STRIKES_FOR_MANUAL', + -values => [ 'Yes', 'No' ], + -default => $np->cfg->policy(-key => 'NO_STRIKES_FOR_MANUAL' ) ? "Yes" : "No", + -size => 3, + )%> +</TD> +</TR> + +<TR> +<TD CLASS='left'>Disable Strikes For Snort Quarantine</TD> +<TD CLASS='right'> +<%$q->radio_group ( + -name => 'policy:NO_STRIKES_FOR_SNORT', + -values => [ 'Yes', 'No' ], + -default => $np->cfg->policy(-key => 'NO_STRIKES_FOR_SNORT' ) ? "Yes" : "No", + -size => 3, + )%> +</TD> +</TR> + +<TR> +<TD CLASS='left'>Disable Strikes For Nessus Quarantine</TD> +<TD CLASS='right'> +<%$q->radio_group ( + -name => 'policy:NO_STRIKES_FOR_NESSUS', + -values => [ 'Yes', 'No' ], + -default => $np->cfg->policy(-key => 'NO_STRIKES_FOR_NESSUS' ) ? "Yes" : "No", + -size => 3, + )%> +</TD> +</TR> + <TR> <TD CLASS='left'>RESULTS_DISPLAY</TD> <TD CLASS='right'> Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- netgroups.mhtml 5 May 2005 02:19:34 -0000 1.4 +++ netgroups.mhtml 6 May 2005 03:09:33 -0000 1.5 @@ -18,8 +18,6 @@ $networks => ''; </%args> <%perl> -return unless $m->comp('/Admin/Login', %ARGS); - my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if (!$isRoot) { print qq{<p class='error'>Sorry, you don't have access to this form.}; @@ -65,6 +63,8 @@ <h2> Netgroup Configuration </h2> +% $m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'addNetgroup', 'submitButton' ], 'init' => 0); + Notes: <ul> <li>Netgroups are not case-sensitive. @@ -88,7 +88,6 @@ </ul> <%perl> -$m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'addNetgroup', 'submitButton' ]); my $WH = "-" x 20; if ($submitButton eq 'Commit Changes') { @@ -171,14 +170,14 @@ my $var = $2; if ($section eq "policy") { - if ($ARGS{"usedefault:$var"}) { + if ($ARGS{"override:$var"}) { + $np->cfg->policy(-key => $var, -network => $netgroups, + -val => $ARGS{$ak}); + } else { my $rv2 = $np->cfg->removePolicy(-key => $var, -location => 'group', -network => $netgroups); $rv .= " $rv2" if ($rv2); - } else { - $np->cfg->policy(-key => $var, -network => $netgroups, - -val => $ARGS{$ak}); } } } @@ -222,7 +221,7 @@ </table> <P> % if ($netgroups) { -% $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Netgroup General Settings for '.$netgroups, 'network' => $netgroups, 'suppressKeys' => { 'PID_DIR' => 1, 'BASE_DIR' => 1 } ); +% $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Netgroup General Settings for '.$netgroups, 'network' => $netgroups, 'suppressKeys' => { 'PID_DIR' => 1, 'BASE_DIR' => 1 }, 'showDefault' => 1, 'formatFor' => 'group' ); % } </form> |
|
From: jeff m. <jef...@us...> - 2005-05-06 03:10:15
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3466/lib/NetPass Modified Files: Config.pm Log Message: netgroup/network editor UI Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.36 retrieving revision 1.37 diff -u -d -r1.36 -r1.37 --- Config.pm 4 May 2005 20:22:14 -0000 1.36 +++ Config.pm 6 May 2005 03:09:32 -0000 1.37 @@ -170,6 +170,8 @@ 0 on success "..." on failure (can be a variety of things) +=back + =cut sub save { @@ -934,17 +936,24 @@ } -=head2 policyLocation(-key => '', -network => '', -location => [''|global|group|network]) +=head2 policyLocation(-key => '', -network => '', -location => [''|first|global|group|network]) Check if a given policy variable is set in the specified location. If location is '', then we return an ARRAY ref that contains the locations the given variable was found in. Otherwise we return 0 or 1 based on whether or not we found the variable in the specified location. +If "first" is given as the location, then we'll start at the most specific scope possible +and work towards the most general scope. The first time we see the variable, we'll +return the scope that we are at. + RETURNS 0 not found in specified location 1 found in specified location + "network" found here "first" + "group" found here "first" + "global" found here "first" ARRAYREF found in the following locations (may be empty) "invalid parameters" routine called incorrectly @@ -965,44 +974,64 @@ return "invalid parameters ". Carp::longmess("invalid parameters ".Class::ParmList->error); } - my ($pvar, $nw, $location) = $parms->get('-key', '-network', '-location'); + my ($pvar, $nwOrig, $location) = $parms->get('-key', '-network', '-location'); - _log("DEBUG", "checking for policy $nw:$pvar in location:$location\n") if $self->debug; + _log("DEBUG", "checking for policy $nwOrig:$pvar in location:$location\n") if $self->debug; $pvar =~ tr [A-Z] [a-z]; # AutoLowerCase - $nw = "" if ($nw eq "default"); + $nwOrig = "" if ($nwOrig eq "default"); my $rv = []; - return 0 - if ($location eq "global" && !recur_exists($self->{'cfg'}, 'policy', $pvar)); + my $nw = $self->getMatchingNetwork(-ip => $nwOrig); - if (recur_exists($self->{'cfg'}, 'policy', $pvar)) { - return 1 if ($location eq "global"); - push @$rv, "global"; - } + if ($nw && ($nw ne "none")) { + return 0 + if ($location eq "network" && !recur_exists($self->{'cfg'}, 'network', + $nw, 'policy', $pvar)); + + if (recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)) { + return 1 if ($location eq "network"); + return "network" if ($location eq "first"); + push @$rv, "network"; + } - my $nw2 = $nw; - $nw2 =~ s/\s/%20/g; # Config::General bug - $nw2 =~ tr [A-Z] [a-z]; # Config::General bug + # if this network is part of a netgroup, check there too - if (($location eq "group") && !recur_exists($self->{'cfg'}, 'group', $nw2, 'policy', $pvar)) { - return 0; + my $ng = $self->getNetgroup(-network => $nw); + if ($ng) { + $ng =~ s/\s/%20/g; + $ng =~ tr [A-Z] [a-z]; + push @$rv, "group" + if (recur_exists($self->{'cfg'}, 'group', $ng, 'policy', $pvar)); + } } + else { + # perhaps this is a netgroup? + my $nw2 = $nwOrig; + $nw2 =~ s/\s/%20/g; # Config::General bug + $nw2 =~ tr [A-Z] [a-z]; # Config::General bug - if (recur_exists($self->{'cfg'}, 'group', $nw2, 'policy', $pvar)) { - return 1 if ($location eq "group"); - push @$rv, "group"; - } + if (($location eq "group") && !recur_exists($self->{'cfg'}, 'group', + $nw2, 'policy', $pvar)) { + return 0; + } + + if (recur_exists($self->{'cfg'}, 'group', $nw2, 'policy', $pvar)) { + return 1 if ($location eq "group"); + return "group" if ($location eq "first"); + push @$rv, "group"; + } + } - $nw = $self->getMatchingNetwork(-ip => $nw); return 0 - if ($location eq "network" && !recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)); + if ($location eq "global" && !recur_exists($self->{'cfg'}, 'policy', $pvar)); - if (recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)) { - return 1 if ($location eq "network"); - push @$rv, "network"; + if (recur_exists($self->{'cfg'}, 'policy', $pvar)) { + return 1 if ($location eq "global"); + return "global" if ($location eq "first"); + push @$rv, "global"; } return $rv; |
|
From: jeff m. <jef...@us...> - 2005-05-06 03:10:14
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/css In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3466/www/htdocs/OSSTemplate/css Modified Files: site.css Log Message: netgroup/network editor UI Index: site.css =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/css/site.css,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- site.css 1 May 2005 05:44:12 -0000 1.6 +++ site.css 6 May 2005 03:09:33 -0000 1.7 @@ -156,6 +156,11 @@ width: 80%; } +TABLE.expandable TD.center { + background: #EFEFEF; + text-align: center; +} + TABLE.expandable TBODY { /*display: none;*/ } |
|
From: jeff m. <jef...@us...> - 2005-05-06 03:10:12
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3466 Modified Files: MANIFEST Log Message: netgroup/network editor UI Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.38 retrieving revision 1.39 diff -u -d -r1.38 -r1.39 --- MANIFEST 4 May 2005 03:09:44 -0000 1.38 +++ MANIFEST 6 May 2005 03:09:31 -0000 1.39 @@ -210,6 +210,7 @@ www/htdocs/OSSTemplate/js/xmlhttp.js www/htdocs/OSSTemplate/js/lockcfg.js www/htdocs/OSSTemplate/js/common.js +www/htdocs/OSSTemplate/js/network.js www/htdocs/OSSTemplate/.htaccess www/htdocs/load-test.mhtml www/htdocs/autohandler |
|
From: jeff m. <jef...@us...> - 2005-05-06 03:10:01
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3466/www/htdocs/OSSTemplate/js Modified Files: debug.js lockcfg.js Log Message: netgroup/network editor UI Index: debug.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/debug.js,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- debug.js 4 May 2005 20:22:18 -0000 1.5 +++ debug.js 6 May 2005 03:09:34 -0000 1.6 @@ -1,25 +1,8 @@ -var DBGLEVEL = 0; +var DBGLEVEL = 1; var dbgwin; var browserType_IE = 0; -function DBG_init() { - var UA = navigator.userAgent.toLowerCase (); - var is_ie = (UA.indexOf ("msie") != -1 && document.all); - var is_ie5 = (UA.indexOf ("msie 5") != -1 && document.all); - var is_nav = !is_ie && (UA.indexOf ("mozilla") != -1); - - if (is_ie) { - browserType_IE = 1; - //return; - } - - if (DBGLEVEL) - dbgwin = window.open("about:blank", "DEBUGOUTPUT", - "resizable,width=400,height=400,scrollbars"); -} - function dbg(l, msg) { - //if (browserType_IE) return; if ( (DBGLEVEL >= l) && dbgwin) { @@ -50,3 +33,19 @@ dbg(1, "objDump: " + b + "=" + o + " (no keys)"); } } + +function DBG_init() { + var UA = navigator.userAgent.toLowerCase (); + var is_ie = (UA.indexOf ("msie") != -1 && document.all); + var is_ie5 = (UA.indexOf ("msie 5") != -1 && document.all); + var is_nav = !is_ie && (UA.indexOf ("mozilla") != -1); + + if (is_ie) { + browserType_IE = 1; + //return; + } + + if (DBGLEVEL) + dbgwin = window.open("about:blank", "DEBUGOUTPUT", + "resizable,width=400,height=400,scrollbars"); +} Index: lockcfg.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/lockcfg.js,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- lockcfg.js 4 May 2005 03:09:45 -0000 1.1 +++ lockcfg.js 6 May 2005 03:09:50 -0000 1.2 @@ -1,5 +1,9 @@ function lockConfig_results(r) { + var RN = "lockConfig_results"; + + dbg(1, RN + ": r="+r); + var b = document.getElementById('lockButton'); if (b) { b.disabled = ''; @@ -63,7 +67,7 @@ } lockOpPending = true; - var url = "cmd/lockcfg.mhtml?printable=2&lock="+lock +"&force="+force; + var url = "/Admin/cmd/lockcfg.mhtml?printable=2&lock="+lock +"&force="+force; xmlhttp.open("GET", url , true); xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState == 4) { |
|
From: jeff m. <jef...@us...> - 2005-05-05 02:19:43
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv2050/www/htdocs/Admin Modified Files: netgroups.mhtml Log Message: netgroup auditing bugfix Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- netgroups.mhtml 4 May 2005 20:22:17 -0000 1.3 +++ netgroups.mhtml 5 May 2005 02:19:34 -0000 1.4 @@ -63,7 +63,7 @@ </%perl> </script> -<h2> Network Configuration </h2> +<h2> Netgroup Configuration </h2> Notes: <ul> @@ -97,7 +97,7 @@ _log("DEBUG", "$ip $whoami added netgroup $netgroups\n"); $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, - "added netgroup $netgroups"); + -msg => [ "added netgroup $netgroups" ]); $np->cfg->createNetgroup(-name => $netgroups); } @@ -121,7 +121,7 @@ # the user wants $nw to be a part of this netgroup _log("DEBUG", "$ip $whoami placed $nw into netgroup $netgroups\n"); $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, - "placed $nw into netgroup $netgroups"); + -msg => ["placed $nw into netgroup $netgroups"]); $np->cfg->setNetgroup(-network => $nw, -group => $netgroups); } else { @@ -133,7 +133,7 @@ if ($x eq $netgroups) { _log("DEBUG", "$ip $whoami removed $nw from netgroup $netgroups\n"); $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, - "removed $nw from netgroup $netgroups"); + -msg=>["removed $nw from netgroup $netgroups"]); $np->cfg->setNetgroup(-network => $nw); } } @@ -152,7 +152,7 @@ if (ref($members) eq "ARRAY" && ($#{$members} == -1)) { _log("DEBUG", "$ip $whoami $ngn has no members. deleting.\n"); $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, - "$ngn has no members. deleting."); + -msg=>["$ngn has no members. deleting."]); if ( $rv = $np->cfg->delNetgroup(-group => $ngn) ) { _log("DEBUG", "$ip $whoami failed to delete empty netgroup $ngn: $rv\n"); } |
|
From: jeff m. <jef...@us...> - 2005-05-04 20:22:27
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6469/www/htdocs/Admin Modified Files: gencfg.mhtml mr.mhtml netgroups.mhtml network.mhtml qc.mhtml user.mhtml Log Message: netgroup editor UI Index: network.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/network.mhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- network.mhtml 3 May 2005 16:13:30 -0000 1.1 +++ network.mhtml 4 May 2005 20:22:17 -0000 1.2 @@ -41,7 +41,7 @@ my $allNetworks = $np->cfg->getNetworks(); my $allNetgroups = (); foreach my $nw (@$allNetworks) { - my $ng = $np->cfg->getNetgroup($nw); + my $ng = $np->cfg->getNetgroup(-network => $nw); push @$allNetgroups, $ng if ($ng ne "") && (!grep(/^$ng$/, @$allNetgroups)); } Index: mr.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/mr.mhtml,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- mr.mhtml 27 Apr 2005 03:54:07 -0000 1.8 +++ mr.mhtml 4 May 2005 20:22:17 -0000 1.9 @@ -128,7 +128,7 @@ } if ( ! $isRoot ) { - my $netgroup = $np->cfg->getNetgroup($nw); + my $netgroup = $np->cfg->getNetgroup(-network => $nw); if ( !grep(/^$nw$/, @$rwGroups) && !grep(/^$netgroup$/, @$rwGroups) ) { $err = "You don't have permission to register an IP address on the $nw network."; } Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.20 retrieving revision 1.21 diff -u -d -r1.20 -r1.21 --- qc.mhtml 1 May 2005 19:46:04 -0000 1.20 +++ qc.mhtml 4 May 2005 20:22:17 -0000 1.21 @@ -601,7 +601,7 @@ # db based on mac my $nw = $np->cfg->getMatchingNetwork(-ip => $args->{"ipAddr:$mac"}); - my $netgroup = $np->cfg->getNetgroup($nw); + my $netgroup = $np->cfg->getNetgroup(-network => $nw); if ($nw eq "none") { print qq{<p class='error'>Update failed for $mac because it's network is unknown to NetPass.</P>}; Index: user.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/user.mhtml,v retrieving revision 1.22 retrieving revision 1.23 diff -u -d -r1.22 -r1.23 --- user.mhtml 4 May 2005 03:09:45 -0000 1.22 +++ user.mhtml 4 May 2005 20:22:17 -0000 1.23 @@ -61,7 +61,7 @@ my $allNetgroups = (); foreach my $nw (@$allNetworks) { - my $ng = $np->cfg->getNetgroup($nw); + my $ng = $np->cfg->getNetgroup(-network => $nw); push @$allNetgroups, $ng if ($ng ne ""); } Index: gencfg.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/gencfg.mhtml,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- gencfg.mhtml 1 May 2005 17:39:08 -0000 1.12 +++ gencfg.mhtml 4 May 2005 20:22:17 -0000 1.13 @@ -75,7 +75,7 @@ </%perl> -<h2>General Configuration</h2> +<h2>General (Global) Configuration</h2> <input disabled id='submitButton' type='submit' name='submit' value='Commit Changes'> <P> @@ -84,7 +84,7 @@ <TABLE WIDTH=800 ID="policyConfig" class="expandable" CELLSPACING=2 CELLPADDING=2> <THEAD> -<TR><TH onclick="showHideObj2(getElementById('policyConfig').tBodies[0]);" COLSPAN=2>General</TH></TR> +<TR><TH onclick="showHideObj2(getElementById('policyConfig').tBodies[0]);" COLSPAN=2>General (Global)</TH></TR> </THEAD> <TBODY> <TR> Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- netgroups.mhtml 4 May 2005 03:09:45 -0000 1.2 +++ netgroups.mhtml 4 May 2005 20:22:17 -0000 1.3 @@ -26,6 +26,9 @@ return; } +my $ip = $ENV{'REMOTE_ADDR'}; +my $whoami = $m->session->{'username'}; + # these group names can not be used as 'netgroups' my $reservedGroups = { 'default' => 1, 'clientAccess' => 1 }; @@ -33,24 +36,135 @@ # fetch all known networks and netgroups my $allNetworks = $np->cfg->getNetworks(); -my $allNetgroups = (); +my $allNetgroups = []; +my $groupMembers = {}; + +</%perl> +<script language="JavaScript"> +DBG_init(); +var netgroup_Map = new Object(); +<%perl> +my $beenthere = {}; foreach my $nw (@$allNetworks) { - my $ng = $np->cfg->getNetgroup($nw); + my $ng = $np->cfg->getNetgroup(-network => $nw); + + print qq{netgroup_Map['$ng'] = new Array(); //ng->nw\n} if ($ng ne "" && !exists $beenthere->{$ng}); + $beenthere->{$ng} = 1; + print qq{netgroup_Map['$nw'] = new Array(); //nw->ng\n} if ($nw ne "" && !exists $beenthere->{$nw}); + $beenthere->{$nw} = 1; + print qq{netgroup_Map['$ng'].push('$nw');\n} if ($ng ne ""); + print qq{netgroup_Map['$nw'].push('$ng');\n} if ($ng ne ""); + print qq{//$nw is not a part of any netgroup\n} if ($ng eq ""); + push @$allNetgroups, $ng if ($ng ne "") && (!grep(/^$ng$/, @$allNetgroups)); + $groupMembers->{$ng} = [] if (ref($groupMembers->{$ng}) ne "ARRAY"); + push @{$groupMembers->{$ng}}, $nw; } </%perl> +</script> <h2> Network Configuration </h2> +Notes: +<ul> +<li>Netgroups are not case-sensitive. +<li>Empty netgroups will be deleted. +<li>To add a new netgroup: +<ol> + <li> Click inside the "Add Netgroup.." box. + <li> Type in a netgroup name ("default", "clientAccess" and network-names are not permitted). + <li> Click a network (or networks) to add to the netgroup. + <li> Click 'Commit Changes' +</ol> +<LI>To specify group-specific parameters (and over-ride the Global settings): +<ol> + <li>Select the Netgroup you wish to edit. Currently only Admin/default can edit + these parameters. In the future, having Admin for the specific group will + allow you to edit the parameters. + <li>Uncheck the "Use Default" box for the parameter you wish to over-ride. + <li>Select or enter a new value. + <li>Click 'Commit Changes' +</ol> +</ul> + <%perl> $m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'addNetgroup', 'submitButton' ]); my $WH = "-" x 20; -my $restartnetpass = 0; -my $restartnessus = 0; -my $restarthttpd = 0; - if ($submitButton eq 'Commit Changes') { + if (! grep(/^$netgroups$/, @$allNetgroups) ) { + # add the netgroup because we don't already know about it + + _log("DEBUG", "$ip $whoami added netgroup $netgroups\n"); + $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, + "added netgroup $netgroups"); + $np->cfg->createNetgroup(-name => $netgroups); + } + + if ($netgroups ne "") { + # the netgroup should be in the config at this point. associate + # networks with it. + + # if $nw is present in $groupMembers, but not in $networks + # then removed it. else add it. + + + foreach my $nw (@$allNetworks) { + my $_networks; + if (ref($networks) eq "ARRAY") { + $_networks = $networks; + } else { + $_networks = [ $networks ]; + } + + if (grep(/^$nw$/, @$_networks)) { + # the user wants $nw to be a part of this netgroup + _log("DEBUG", "$ip $whoami placed $nw into netgroup $netgroups\n"); + $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, + "placed $nw into netgroup $netgroups"); + + $np->cfg->setNetgroup(-network => $nw, -group => $netgroups); + } else { + # the user does not want this network to be a part + # of this netgroup. if it is, remove it, else if + # it's part of another netgroup, leave it. + + my $x = $np->cfg->getNetgroup(-network => $nw); + if ($x eq $netgroups) { + _log("DEBUG", "$ip $whoami removed $nw from netgroup $netgroups\n"); + $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, + "removed $nw from netgroup $netgroups"); + $np->cfg->setNetgroup(-network => $nw); + } + } + } + } + + # if a netgroup has no members, delete it + + my $newANGs = []; + _log("DEBUG", "purge\n"); + my $rv = ''; + + foreach my $ngn (@{$np->cfg->getNetgroups()}) { + _log("DEBUG", "purge $ngn\n"); + my $members = $np->cfg->getNetgroupMembers(-group => $ngn); + if (ref($members) eq "ARRAY" && ($#{$members} == -1)) { + _log("DEBUG", "$ip $whoami $ngn has no members. deleting.\n"); + $np->db->audit(-severity => 'NOTICE', -ip => $ip, -user => $whoami, + "$ngn has no members. deleting."); + if ( $rv = $np->cfg->delNetgroup(-group => $ngn) ) { + _log("DEBUG", "$ip $whoami failed to delete empty netgroup $ngn: $rv\n"); + } + } else { + _log("DEBUG", "still OK $ngn\n"); + push @$newANGs, $ngn; + } + } + + $allNetgroups = $newANGs; + $rv = ''; + foreach my $ak ( keys %ARGS ) { if ($ak =~ /^(\S+):(\S+)$/) { my $section = $1; @@ -58,9 +172,10 @@ if ($section eq "policy") { if ($ARGS{"usedefault:$var"}) { - $np->cfg->removePolicy(-key => $var, - -location => 'group', - -network => $netgroups); + my $rv2 = $np->cfg->removePolicy(-key => $var, + -location => 'group', + -network => $netgroups); + $rv .= " $rv2" if ($rv2); } else { $np->cfg->policy(-key => $var, -network => $netgroups, -val => $ARGS{$ak}); @@ -69,7 +184,10 @@ } } - my $rv = $np->cfg->save(-user => $m->session->{'username'}); + if ($rv eq "") { + $rv = $np->cfg->save(-user => $m->session->{'username'}); + } + if ($rv) { print "<P class='error'>Failed to save configuration: $rv</P>"; } else { @@ -90,13 +208,14 @@ -default => $netgroups, -id => 'netgroups', -attributes => { $WH => { 'disabled' => 1 } }, -onchange => 'netgroup_onchange_netgroups();', - -size => 15, -multiple => 'false')%><P> - <input id='addNetgroup' name='addNetgroup' size=20 value='Add Netgroup...' disabled> + -size => 15)%><P> + <input id='addNetgroup' name='addNetgroup' size=20 value='Add Netgroup...' disabled + onblur='netgroup_onblur_addNetgroup(this);' onfocus='netgroup_onfocus_addNetgroup(this);'> </td> <td style='text-align:center; vertical-align: top;'> <%$q->scrolling_list(-name => 'networks', -id => 'networks', -values => [ $WH, sort @$allNetworks ], -attributes => { $WH => { 'disabled' => 1 } }, - -default => $networks, -size => 15, -multiple => 'false')%><P> + -default => $networks, -size => 15, -multiple => 'true')%><P> <input type='submit' name='submitButton' id='submitButton' value='Commit Changes' disabled> </td> </tr> @@ -110,10 +229,10 @@ <script language='JavaScript'> var pageDirty = false; setWhereAmI('Configuration > Netgroups'); -var reservedGroups = new Array; +var netgroup_reservedGroups = new Object; <%perl> foreach my $rg ($WH, keys %$reservedGroups) { - print qq{reservedGroups.push('$rg');\n}; + print qq{netgroup_reservedGroups['$rg'] = 1;\n}; } </%perl> </script> |
|
From: jeff m. <jef...@us...> - 2005-05-04 20:22:27
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6469/www/htdocs/OSSTemplate/js Modified Files: common.js debug.js netgroups.js userform.js Log Message: netgroup editor UI Index: netgroups.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/netgroups.js,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- netgroups.js 4 May 2005 03:09:45 -0000 1.1 +++ netgroups.js 4 May 2005 20:22:18 -0000 1.2 @@ -1,10 +1,73 @@ function netgroup_onchange_netgroups() { + var RN = "netgroup_onchange_netgroups"; + var o = document.getElementById("netgroups"); if (!o) return; if (o.options[0].selected == true) { //IE o.options[0].selected == false; return; } + + var ngn = o.options[o.selectedIndex].value; + var nw = document.getElementById("networks"); + unHighLightList("networks"); + + dbg(1, RN + ": populate networks.."); + for (var i = 1 ; i < nw.options.length ; i++) { + dbg (1, RN + ": (" + nw.options[i].value + ") " + netgroup_Map[nw.options[i].value][0] + " =? " + ngn); + if (netgroup_Map[nw.options[i].value][0] == ngn) { + nw.options[i].selected = true; + } else { + nw.options[i].selected = false; + } + } document.forms[0].submit(); } +function netgroup_onchange_networks() { + var RN = "netgroup_onchange_networks"; +} + + +function netgroup_onfocus_addNetgroup(o) { + var RN = "netgroup_onfocus_addNetgroup"; + dbg(1, RN); + if (o && o.value == "Add Netgroup...") o.value = ""; +} + +function netgroup_onblur_addNetgroup(o) { + var RN = "netgroup_onblur_addNetgroup"; + dbg(1, RN); + + var ng = document.getElementById("netgroups"); + var nw = document.getElementById("networks"); + + if (ng && nw && o.value != "") { + if (netgroup_reservedGroups[o.value] == undefined) { + var exists = 0; + for(var i = 1 ; i < ng.options.length ; i++) { + if (ng.options[i].value == o.value) { + exists = 1; + } + } + // you can't name a netgroup the same as a network. + for(var i = 1 ; i < nw.options.length ; i++) { + if (nw.options[i].value == o.value) { + exists = 1; + } + } + if (!exists) { + var no = new Option(o.value, o.value, false, false); + ng.options[ng.options.length] = no; + unHighLightList("netgroups"); + ng.options[ng.options.length-1].selected = true; + sortList("netgroups"); + } else { + dbg (1, RN + ": group already exists: " + o.value); + } + } else { + dbg (1, RN + ": group name is reserved: " + o.value); + } + } + o.value = "Add Netgroup..."; +} Index: debug.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/debug.js,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- debug.js 20 Apr 2005 20:57:20 -0000 1.4 +++ debug.js 4 May 2005 20:22:18 -0000 1.5 @@ -16,7 +16,6 @@ if (DBGLEVEL) dbgwin = window.open("about:blank", "DEBUGOUTPUT", "resizable,width=400,height=400,scrollbars"); - } function dbg(l, msg) { Index: userform.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/userform.js,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- userform.js 4 May 2005 03:09:45 -0000 1.9 +++ userform.js 4 May 2005 20:22:18 -0000 1.10 @@ -12,9 +12,9 @@ var selectedUser = undefined; - userform_unHighLight("AvailableGroupList"); - userform_unHighLight("AccessControlList"); - userform_disableList("AccessControlList"); + unHighLightList("AvailableGroupList"); + unHighLightList("AccessControlList"); + disableList("AccessControlList"); // IE doesnt support <option disabled> //http://msdn.microsoft.com/workshop/author/dhtml/reference/properties/disabled_3.asp @@ -58,7 +58,7 @@ dbg(1, RN + ": unhighlight ACL"); - userform_unHighLight("AccessControlList"); + unHighLightList("AccessControlList"); // populate the grouplist with the currently // selected user's groups, removing them from the @@ -238,77 +238,10 @@ return undefined; } -function userform_unHighLight(oname, item) { - var RN = "userform_unHighLightACL"; - if (oname == undefined) oname = "AccessControlList"; - - var acl = document.getElementById(oname); - if (acl) { - for(var i = 0 ; i < acl.options.length ; i++) { - if (i && item) { - if (item == acl.options[i].value) - acl.options[i].selected = false; - } else { - acl.options[i].selected = false; - } - } - } else { - dbg (1, RN + ": error cant find " + oname + " object"); - } -} - -function userform_highLight(oname, item) { - var RN = "userform_highLightACL"; - if (oname == undefined) oname = "AccessControlList"; - var acl = document.getElementById(oname); - if (acl) { - for(var i = 1 ; i < acl.options.length ; i++) { - //dbg (1, RN + ": " + acl.options[i].value + " == " + item + "?"); - if (item) { - if (acl.options[i].value == item) - acl.options[i].selected = true; - } - else { - acl.options[i].selected = true; - } - } - } else { - dbg (1, RN + ": error cant find " + oname + " object"); - } -} - - -function userform_disableList(oname) { - var RN = "userform_disableList"; - - var l = document.getElementById(oname); - if (l) { - for(var i = 1 ; i < l.options.length ; i++) { - l.options[i].selected = false; - l.options[i].disabled = true; - } - } else { - dbg (1, RN + ": error cant find " + oname + " object"); - } -} - -function userform_enableList(oname) { - var RN = "userform_enableList"; - - var l = document.getElementById(oname); - if (l) { - for(var i = 1 ; i < l.options.length ; i++) { - l.options[i].disabled = false; - } - } else { - dbg (1, RN + ": error cant find " + oname + " object"); - } -} - function userform_onchange_availableGroups() { - userform_unHighLight("GroupList"); - userform_unHighLight("AccessControlList"); - userform_disableList("AccessControlList"); + unHighLightList("GroupList"); + unHighLightList("AccessControlList"); + disableList("AccessControlList"); } function userform_enableModAll() { @@ -347,9 +280,9 @@ var RN = "userform_showACLforGroup"; var su = userform_lookupSelectedUser(); - userform_unHighLight("AccessControlList"); - userform_unHighLight("AvailableGroupList"); - userform_enableList("AccessControlList"); + unHighLightList("AccessControlList"); + unHighLightList("AvailableGroupList"); + enableList("AccessControlList"); var o = document.getElementById("GroupList"); @@ -360,7 +293,7 @@ if (o.options[0].selected) { o.options[0].selected = false; //IE - userform_unHighLight("GroupList"); + unHighLightList("GroupList"); return; } @@ -382,14 +315,14 @@ if (selected > 1) { // clear the ACL and enable the modify all // buttons - userform_unHighLight("AccessControlList"); + unHighLightList("AccessControlList"); userform_enableModAll(); } else { for(var acl in userhash[su][o.value]) { userform_disableModAll(); dbg(1, RN + ": acl/"+su+"/"+o.value+"="+acl); - userform_highLight("AccessControlList", acl); + highLightList("AccessControlList", acl); } } } @@ -407,8 +340,8 @@ var agl = document.getElementById('AvailableGroupList'); var gl = document.getElementById('GroupList'); if (agl && gl) { - userform_unHighLight("GroupList"); - userform_unHighLight("AccessControlList"); + unHighLightList("GroupList"); + unHighLightList("AccessControlList"); for (var i = agl.options.length-1 ; i > 0 ; i--) { dbg (1, RN + ": move agl/" + i + " to gl"); if (agl.options[i].selected) { @@ -418,7 +351,7 @@ userhash[su][opt.value] = new Object; } } - userform_enableList("AccessControlList"); + enableList("AccessControlList"); DBG_objDump(userhash, "userhash"); userform_setAclHash(); sortList("GroupList"); @@ -444,8 +377,8 @@ delete userhash[su][opt.value]; } } - userform_unHighLight("AccessControlList"); - userform_disableList("AccessControlList"); + unHighLightList("AccessControlList"); + disableList("AccessControlList"); DBG_objDump(userhash, "userhash"); userform_setAclHash(); sortList("GroupList"); @@ -493,7 +426,7 @@ var no = new Option(o.value, o.value, false, false); ul.options[ul.options.length] = no; - userform_unHighLight("UserList"); + unHighLightList("UserList"); ul.options[ul.options.length-1].selected = true; if(o) o.value = "Add user..."; Index: common.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/common.js,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- common.js 4 May 2005 03:09:45 -0000 1.1 +++ common.js 4 May 2005 20:22:18 -0000 1.2 @@ -61,3 +61,69 @@ } } } + +function unHighLightList(oname, item) { + var RN = "unHighLightList"; + + var acl = document.getElementById(oname); + if (acl) { + for(var i = 0 ; i < acl.options.length ; i++) { + if (i && item) { + if (item == acl.options[i].value) + acl.options[i].selected = false; + } else { + acl.options[i].selected = false; + } + } + } else { + dbg (1, RN + ": error cant find " + oname + " object"); + } +} + + +function highLightList(oname, item) { + var RN = "highLightList"; + + var acl = document.getElementById(oname); + if (acl) { + for(var i = 1 ; i < acl.options.length ; i++) { + if (item) { + if (acl.options[i].value == item) + acl.options[i].selected = true; + } + else { + acl.options[i].selected = true; + } + } + } else { + dbg (1, RN + ": error cant find " + oname + " object"); + } +} + + +function disableList(oname) { + var RN = "disableList"; + + var l = document.getElementById(oname); + if (l) { + for(var i = 1 ; i < l.options.length ; i++) { + l.options[i].selected = false; + l.options[i].disabled = true; + } + } else { + dbg (1, RN + ": error cant find " + oname + " object"); + } +} + +function enableList(oname) { + var RN = "enableList"; + + var l = document.getElementById(oname); + if (l) { + for(var i = 1 ; i < l.options.length ; i++) { + l.options[i].disabled = false; + } + } else { + dbg (1, RN + ": error cant find " + oname + " object"); + } +} |
|
From: jeff m. <jef...@us...> - 2005-05-04 20:22:26
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6469/www/htdocs/Admin/cmd Modified Files: setresult.mhtml Log Message: netgroup editor UI Index: setresult.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd/setresult.mhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- setresult.mhtml 1 May 2005 05:44:12 -0000 1.1 +++ setresult.mhtml 4 May 2005 20:22:17 -0000 1.2 @@ -22,7 +22,7 @@ print "NOK $rid client's IP is not a part of NetPass\n"; } else { - my $ng = $np->cfg->getNetgroup($nw); + my $ng = $np->cfg->getNetgroup(-network => $nw); my ($isOK, $groups) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin', 'QuarAdmin' ]); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if ($isRoot || ($isOK && (grep (/^$nw$/, @$groups) || grep (/^$ng$/, @$groups)))) { |
|
From: jeff m. <jef...@us...> - 2005-05-04 20:22:25
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6469/www/components/Admin Modified Files: TableEditPolicy Log Message: netgroup editor UI Index: TableEditPolicy =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/TableEditPolicy,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- TableEditPolicy 4 May 2005 03:09:45 -0000 1.2 +++ TableEditPolicy 4 May 2005 20:22:17 -0000 1.3 @@ -8,10 +8,10 @@ <TABLE WIDTH=800 ID="policyConfig" class="expandable" CELLSPACING=2 CELLPADDING=2> <THEAD> -<TR><TH onclick="showHideObj2(getElementById('policyConfig').tBodies[0]);" COLSPAN=2><%$tableName%></TH></TR> +<TR><TH onclick="showHideObj2(getElementById('policyConfig').tBodies[0]);" COLSPAN=4><%$tableName%></TH></TR> </THEAD> <TBODY> -<tr><th>Option</th><th>Value</th><th>Use Default</th><th>Default Value</th></tr> +<tr><th>Option</th><th>Value</th><th>Use Default</th><th><a href="gencfg.mhtml">Default (Global) Value</a></th></tr> <TR> <TD CLASS='left'>MULTI_MAC</TD> <TD CLASS='right' > @@ -235,11 +235,11 @@ <%$q->popup_menu ( -name => 'policy:nessus', -values => ['on', 'off'], - -default => ($np->cfg->policy(-key => 'resetport', -network => $network)) ? 'on': 'off', + -default => ($np->cfg->policy(-key => 'nessus', -network => $network)) ? 'on': 'off', )%> </TD> -<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'resetport', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:resetport"></td> -<td class='left'><%$np->cfg->policy(-key => 'resetport')?"on":"off"%></td> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'nessus', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:nessus"></td> +<td class='left'><%$np->cfg->policy(-key => 'nessus')?"on":"off"%></td> </TR> <TR> <TD CLASS='left'>LDAP Query URL</TD> |
|
From: jeff m. <jef...@us...> - 2005-05-04 20:22:25
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6469/lib/NetPass Modified Files: Config.pm DB.pm Log Message: netgroup editor UI Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.35 retrieving revision 1.36 diff -u -d -r1.35 -r1.36 --- Config.pm 4 May 2005 03:27:17 -0000 1.35 +++ Config.pm 4 May 2005 20:22:14 -0000 1.36 @@ -995,7 +995,7 @@ push @$rv, "group"; } - $nw = $self->{'cfg'}->getMatchingNetwork(-ip => $nw); + $nw = $self->getMatchingNetwork(-ip => $nw); return 0 if ($location eq "network" && !recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)); @@ -1055,7 +1055,9 @@ return 0; } - $nw = $self->{'cfg'}->getMatchingNetwork(-ip => $nw); + $nw = $self->getMatchingNetwork(-ip => $nw); + + return 0 if $nw eq "none"; if ( ($location eq "network") && recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)) { @@ -1093,6 +1095,7 @@ return Carp::longmess("invalid parameters ".Class::ParmList->error) if (!defined($parms)); my ($name) = $parms->get('-name'); + my $oname = $name; return "invalid parameters" if (!defined($name) || ($name eq "")); @@ -1102,7 +1105,7 @@ if (recur_exists($self->{'cfg'}, "group", $name)) { return "group exists"; } - $self->{'cfg'}->obj("group")->$name({}); + $self->{'cfg'}->obj("group")->$name({'name' => $oname}); # damn C::G return 0; } @@ -1155,7 +1158,7 @@ if ($ip ne "") { _log("DEBUG", qq{ip="$ip"\n}) if $self->debug; - if ($ip =~ /\//) { # looks like a network already + if ($ip =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/[0-9]{1,2}$/) { # looks like a network already if (recur_exists($self->{'cfg'}, "network", $ip)) { return $ip; } else { @@ -1163,6 +1166,12 @@ } } + # doesnt look like an IP. + + if ($ip !~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/) { + return "none"; + } + my $ip_ = ip2int(host2addr($ip)); foreach my $n ($self->{'cfg'}->keys('network')) { @@ -1194,11 +1203,38 @@ return "none"; } + +=head2 getNetgroup(-network => '') + +Return the netgroup that the given network is a member of. If -network is an +IP address, we'll resolve it first to a network. + +RETURNS + + groupname on success + '' if not a member of anygroup + +=cut + sub getNetgroup { my $self = shift; - my $network = shift; - return '' if (!defined($network) || ($network eq "none")); + $self->reloadIfChanged(); + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-network)], + -required => [qw(-network)], + -defaults => { -network => '' } + } + ); + + if (!defined($parms)) { + warn Carp::longmess("invalid parameters ".Class::ParmList->error); + return undef; + } + + my ($network) = $parms->get('-network'); my $nw = $self->getMatchingNetwork(-ip => $network); my $netgroup = ''; @@ -1210,6 +1246,178 @@ return $netgroup; } +=head2 getNetgroupMembers(-group => '') + +Return an arrayref of all members of the given netgroup. + +RETURNS + + ARRAYREF on success + 'invalid parameters' improperly called + +=cut + +sub getNetgroupMembers { + my $self = shift; + + $self->reloadIfChanged(); + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-group)], + -required => [qw(-group)], + -defaults => { -group => '' } + } + ); + + if (!defined($parms)) { + return Carp::longmess("invalid parameters ".Class::ParmList->error); + } + + my ($group) = $parms->get('-group'); + + my $allnw = $self->getNetworks(); + my @members = (); + if (ref($allnw) eq "ARRAY") { + foreach my $nw (@$allnw) { + if (recur_exists ($self->{'cfg'}, "network", $nw, "group")) { + my $netgroup = $self->{'cfg'}->obj('network')->obj($nw)->value('group'); + if ($netgroup eq $group) { + push @members, $nw; + } + } + } + } + + return \@members; +} + +=head2 getNetgroups() + +Return an arrayref of all netgroups. + +RETURNS + + ARRAYREF on success + 'invalid parameters' improperly called + +=cut + +sub getNetgroups { + my $self = shift; + + $self->reloadIfChanged(); + + my @ngs = (); + + foreach my $ng ($self->{'cfg'}->keys('group')) { + push @ngs, $self->{'cfg'}->obj('group')->obj($ng)->value('name') + if recur_exists($self->{'cfg'}, 'group', $ng, 'name'); + } + return \@ngs; +} + +=head2 delNetgroup(-group => '') + +Delete the given netgroup. Any networks in the netgroup will have their +membership removed but will otherwise be unchanged. + +RETURNS + + 0 on success + 'invalid parameters' improperly called + +=cut + +sub delNetgroup { + my $self = shift; + + $self->reloadIfChanged(); + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-group)], + -required => [qw(-group)], + -defaults => { -group => '' } + } + ); + + if (!defined($parms)) { + return Carp::longmess("invalid parameters ".Class::ParmList->error); + } + + my ($group) = $parms->get('-group'); + + my $g2 = $group; + $g2 =~ s/\s/%20/g; + $g2 =~ tr [A-Z] [a-z]; + + if (recur_exists($self->{'cfg'}, 'group', $g2)) { + _log("DEBUG", "remove $g2\n"); + $self->{'cfg'}->obj('group')->delete($g2); + } + + my $allnw = $self->getNetworks(); + if (ref($allnw) eq "ARRAY") { + foreach my $nw (@$allnw) { + if (recur_exists ($self->{'cfg'}, "network", $nw, "group")) { + my $netgroup = $self->{'cfg'}->obj('network')->obj($nw)->value('group'); + if ($netgroup eq $group) { + $self->{'cfg'}->obj('network')->obj($nw)->delete('group'); + } + } + } + } + + return 0; +} + +=head2 setNetgroup(-network => '', -group => '') + +Placed the specified network into the specified group. A network can only be +a member of one group. If -group is not specified, the network is removed +from any group it is it. If -group is specified and the network is already +part of a group, it is removed from that group and placed into the one you +specified. + +RETURNS + + 0 on success + "no such network" given network doesnt exist + "invalid parameters" routine called incorrectly + +=cut + +sub setNetgroup { + my $self = shift; + $self->reloadIfChanged(); + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-network -group)], + -required => [qw(-network)], + -defaults => { -network => '', -group => '' } + } + ); + + return Carp::longmess("invalid parameters ".Class::ParmList->error) if (!defined($parms)); + + my ($network, $netgroup) = $parms->get('-network', '-group'); + + if (!recur_exists($self->{'cfg'}, 'network', $network)) { + return "no such network"; + } + + if ($netgroup eq "") { + # delete from group + $self->{'cfg'}->obj('network')->obj($network)->delete('group'); + } else { + # set the group + $self->{'cfg'}->obj('network')->obj($network)->group($netgroup); + } + return 0; +} + =head2 my ($r, $w) = $cfg-E<gt>getCommunities(hostname) Given a hostname (or IP address) lookup return the Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.38 retrieving revision 1.39 diff -u -d -r1.38 -r1.39 --- DB.pm 1 May 2005 05:55:45 -0000 1.38 +++ DB.pm 4 May 2005 20:22:17 -0000 1.39 @@ -601,7 +601,7 @@ my $network = $npcfg->getMatchingNetwork(-ip => $ip); my $netgroup; if ($network =~ /\//) { - $netgroup = $npcfg->getNetgroup($network); + $netgroup = $npcfg->getNetgroup(-network => $network); if ($netgroup ne "") { $page = $self->getPage2($sql. " AND network = ".$self->dbh->quote($netgroup)); goto done if defined($page); |
|
From: jeff m. <jef...@us...> - 2005-05-04 03:27:26
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14964/www/htdocs/Admin/Scan Modified Files: index.mhtml Log Message: minor tweaks Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan/index.mhtml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- index.mhtml 19 Apr 2005 01:40:35 -0000 1.4 +++ index.mhtml 4 May 2005 03:27:17 -0000 1.5 @@ -35,17 +35,10 @@ if (! $isAdmin ) { print $q->p({-class=>'error'}, - "Sorry, permission denied.<BR>You must be in one of these groups: ", - join(',', @reqGroups)); - print "<PRE>MemberOf says you are a member of: ", join(',', @$aclRWGroups), "</PRE>"; - use Data::Dumper; - print "<PRE>", Dumper($m->session->{'my_groups'}), "</PRE>"; + "Sorry, you don't have access to this form."); return; } -print "aclRO: ",join(',', @$aclROGroups), "<BR>"; -print "aclRW: ",join(',', @$aclRWGroups), "<BR>"; - $service = "Nessus" unless ($service eq "Snort") || ($service eq "Nessus"); my $msgs = getMsgs($dbh, $service); |
|
From: jeff m. <jef...@us...> - 2005-05-04 03:27:26
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14964/lib/NetPass Modified Files: Config.pm Log Message: minor tweaks Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.34 retrieving revision 1.35 diff -u -d -r1.34 -r1.35 --- Config.pm 4 May 2005 03:09:44 -0000 1.34 +++ Config.pm 4 May 2005 03:27:17 -0000 1.35 @@ -1011,7 +1011,7 @@ =head2 removePolicy(-key => '', -network => '', -location => [global|group|network]) Remove the policy variable from the specified location. You can't remove -policy variables from the "global" location, depite being listed. +policy variables from the "global" location, despite being listed. RETURNS @@ -1043,7 +1043,7 @@ if ( ($location eq "global") && recur_exists($self->{'cfg'}, 'policy', $pvar)) { # global policy settings cant be deleted. - return "cant delete global policy variable"; + return "cant remove global policy variable"; } my $nw2 = $nw; |
|
From: jeff m. <jef...@us...> - 2005-05-04 03:09:57
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11419/www/components/Admin Modified Files: LockConfig Login TableEditPolicy Log Message: netgroup UI Index: TableEditPolicy =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/TableEditPolicy,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- TableEditPolicy 3 May 2005 16:13:29 -0000 1.1 +++ TableEditPolicy 4 May 2005 03:09:45 -0000 1.2 @@ -2,8 +2,8 @@ </%doc> <%args> $tableName => 'General'; - $netgroup => ''; $network => ''; + $suppressKeys => {}; </%args> <TABLE WIDTH=800 ID="policyConfig" class="expandable" CELLSPACING=2 CELLPADDING=2> @@ -11,6 +11,7 @@ <TR><TH onclick="showHideObj2(getElementById('policyConfig').tBodies[0]);" COLSPAN=2><%$tableName%></TH></TR> </THEAD> <TBODY> +<tr><th>Option</th><th>Value</th><th>Use Default</th><th>Default Value</th></tr> <TR> <TD CLASS='left'>MULTI_MAC</TD> <TD CLASS='right' > @@ -20,8 +21,10 @@ -values => ['ALL_OK', 'ONE_OK', 'DISALLOWED'], -default => $np->cfg->policy(-key => 'MULTI_MAC', -network => $network), )%> -<!--<a href="help.mhtml?printable=1&topic=MULTI_MAC" target='new' style='align:right;'>?</a>--> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'MULTI_MAC', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:MULTI_MAC"></td> +<td class='left'><%$np->cfg->policy(-key => 'MULTI_MAC')%></td> +</TR> <TR> <TD CLASS='left'>Strikes</TD> <TD CLASS='right'> @@ -30,7 +33,10 @@ -value => $np->cfg->policy(-key => 'STRIKES', -network => $network), -size => 3, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'STRIKES', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:STRIKES"></td> +<td class='left'><%$np->cfg->policy(-key => 'STRIKES')%></td> +</TR> <TR> <TD CLASS='left'>RESULTS_DISPLAY</TD> <TD CLASS='right'> @@ -39,7 +45,10 @@ -values => ['INLINE', 'POPUP'], -default => $np->cfg->policy(-key => 'RESULTS_DISPLAY', -network => $network), )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'RESULTS_DISPLAY', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:RESULTS_DISPLAY"></td> +<td class='left'><%$np->cfg->policy(-key => 'RESULTS_DISPLAY')%></td> +</TR> <TR> <TD CLASS='left'>RESULTS_EXPAND</TD> <TD CLASS='right'> @@ -48,7 +57,10 @@ -value => $np->cfg->policy(-key => 'RESULTS_EXPAND', -network => $network), -size => 3, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'RESULTS_EXPAND', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:RESULTS_EXPAND"></td> +<td class='left'><%$np->cfg->policy(-key => 'RESULTS_EXPAND')%></td> +</TR> <TR> <TD CLASS='left'>AUTO_REDIRECT</TD> <TD CLASS='right'> @@ -57,7 +69,10 @@ -values => ['Yes', 'No'], -default => ($np->cfg->policy(-key => 'AUTO_REDIRECT', -network => $network)) ? 'Yes' : 'No' )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'AUTO_REDIRECT', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:AUTO_REDIRECT"></td> +<td class='left'><%$np->cfg->policy(-key => 'AUTO_REDIRECT')?"Yes":"No"%></td> +</TR> <TR> <TD CLASS='left'>COOKIE_DETECT</TD> <TD CLASS='right'> @@ -66,7 +81,10 @@ -values => ['Yes', 'No'], -default => ($np->cfg->policy(-key => 'COOKIE_DETECT', -network => $network)) ? 'Yes' : 'No' )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'COOKIE_DETECT', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:COOKIE_DETECT"></td> +<td class='left'><%$np->cfg->policy(-key => 'COOKIE_DETECT')?"Yes":"No"%></td> +</TR> <TR> <TD CLASS='left'>COOKIE_NAME</TD> <TD CLASS='right'> @@ -75,7 +93,10 @@ -value => $np->cfg->policy(-key => 'COOKIE_NAME', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'COOKIE_NAME', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:COOKIE_NAME"></td> +<td class='left'><%$np->cfg->policy(-key => 'COOKIE_NAME')%></td> +</TR> <TR> <TD CLASS='left'>REDIR_URL_DEFAULT</TD> <TD CLASS='right'> @@ -84,7 +105,10 @@ -value => $np->cfg->policy(-key => 'REDIR_URL_DEFAULT', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'REDIR_URL_DEFAULT', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:REDIR_URL_DEFAULT"></td> +<td class='left'><%$np->cfg->policy(-key => 'REDIR_URL_DEFAULT')%></td> +</TR> <TR> <TD CLASS='left'>SURVEY_ENABLED</TD> <TD CLASS='right'> @@ -93,7 +117,10 @@ -values => ['Yes', 'No'], -default => ($np->cfg->policy(-key => 'SURVEY_ENABLED', -network => $network)) ? 'Yes' : 'No' )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'SURVEY_ENABLED', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:SURVEY_ENABLED"></td> +<td class='left'><%$np->cfg->policy(-key => 'SURVEY_ENABLED')?"Yes":"No"%></td> +</TR> <TR> <TD CLASS='left'>SURVEY_EMAIL</TD> <TD CLASS='right'> @@ -102,7 +129,12 @@ -value => $np->cfg->policy(-key => 'SURVEY_EMAIL', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'SURVEY_EMAIL', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:SURVEY_EMAIL"></td> +<td class='left'><%$np->cfg->policy(-key => 'SURVEY_EMAIL')%></td> +</TR> + +% if (!exists $suppressKeys->{'PID_DIR'}) { <TR> <TD CLASS='left'>PID_DIR</TD> <TD CLASS='right'> @@ -111,7 +143,13 @@ -value => $np->cfg->policy(-key => 'PID_DIR', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'PID_DIR', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:PID_DIR"></td> +<td class='left'><%$np->cfg->policy(-key => 'PID_DIR')%></td> +</TR> +%} + +% if (!exists $suppressKeys->{'BASE_DIR'}) { <TR> <TD CLASS='left'>BASE_DIR</TD> <TD CLASS='right'> @@ -120,7 +158,12 @@ -value => $np->cfg->policy(-key => 'BASE_DIR', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'BASE_DIR', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:BASE_DIR"></td> +<td class='left'><%$np->cfg->policy(-key => 'BASE_DIR')%></td> +</TR> +%} + <TR> <TD CLASS='left'>PORT_SEARCH_ALGO</TD> <TD CLASS='right'> @@ -129,7 +172,10 @@ -values => ['LINEAR', 'TREE'], -default => $np->cfg->policy(-key => 'PORT_SEARCH_ALGO', -network => $network), )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'PORT_SEARCH_ALGO', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:PORT_SEARCH_ALGO"></td> +<td class='left'><%$np->cfg->policy(-key => 'PORT_SEARCH_ALGO')%></td> +</TR> <TR> <TD CLASS='left'>PORT_CACHE</TD> <TD CLASS='right'> @@ -138,7 +184,10 @@ -values => ['ON', 'OFF'], -default => ($np->cfg->policy(-key => 'PORT_CACHE', -network => $network)) ? 'ON' : 'OFF', )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'PORT_CACHE', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:PORT_CACHE"></td> +<td class='left'><%$np->cfg->policy(-key => 'PORT_CACHE')?"on":"off"%></td> +</TR> <TR> <TD CLASS='left'>UNQUAR_ON_LINKUP</TD> <TD CLASS='right'> @@ -150,7 +199,12 @@ ($np->cfg->policy(-key => 'UNQUAR_ON_LINKUP', -network => $network)) ? 'ON' : 'OFF', )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'UNQUAR_ON_LINKUP', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:UNQUAR_ON_LINKUP"></td> +% my $uqlu = $np->cfg->policy(-key => 'UNQUAR_ON_LINKUP'); +% $uqlu = ($uqlu =~ /itdepends/i)?$uqlu : ($uqlu ? "on" : "off"); +<td class='left'><%$uqlu%></td> +</TR> <TR> <TD CLASS='left'>Enable ResetPort?</TD> <TD CLASS='right'> @@ -159,7 +213,10 @@ -values => ['on', 'off'], -default => ($np->cfg->policy(-key => 'resetport', -network => $network)) ? 'on': 'off', )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'resetport', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:resetport"></td> +<td class='left'><%$np->cfg->policy(-key => 'resetport')?"on":"off"%></td> +</TR> <TR> <TD CLASS='left'>Enable MacScan?</TD> <TD CLASS='right'> @@ -168,7 +225,10 @@ -values => ['on', 'off'], -default => ($np->cfg->policy(-key => 'macscan', -network => $network)) ? 'on': 'off', )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'macscan', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:macscan"></td> +<td class='left'><%$np->cfg->policy(-key => 'macscan')?"on":"off"%></td> +</TR> <TR> <TD CLASS='left'>Require Nessus to register?</TD> <TD CLASS='right'> @@ -177,7 +237,10 @@ -values => ['on', 'off'], -default => ($np->cfg->policy(-key => 'resetport', -network => $network)) ? 'on': 'off', )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'resetport', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:resetport"></td> +<td class='left'><%$np->cfg->policy(-key => 'resetport')?"on":"off"%></td> +</TR> <TR> <TD CLASS='left'>LDAP Query URL</TD> <TD CLASS='right'> @@ -186,7 +249,10 @@ -value => $np->cfg->policy(-key => 'LDAP_USER_QUERY', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'LDAP_USER_QUERY', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:LDAP_USER_QUERY"></td> +<td class='left'><%$np->cfg->policy(-key => 'LDAP_USER_QUERY')%></td> +</TR> <TR> <TD CLASS='left'>LDAP Popup Width</TD> <TD CLASS='right'> @@ -195,7 +261,10 @@ -value => $np->cfg->policy(-key => 'LDAP_POPUP_WIDTH', -network => $network), -size => 5, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'LDAP_POPUP_WIDTH', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:LDAP_POPUP_WIDTH"></td> +<td class='left'><%$np->cfg->policy(-key => 'LDAP_POPUP_WIDTH')%></td> +</TR> <TR> <TD CLASS='left'>LDAP Popup Height</TD> <TD CLASS='right'> @@ -204,7 +273,10 @@ -value => $np->cfg->policy(-key => 'LDAP_POPUP_HEIGHT', -network => $network), -size => 5, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'LDAP_POPUP_HEIGHT', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:LDAP_POPUP_HEIGHT"></td> +<td class='left'><%$np->cfg->policy(-key => 'LDAP_POPUP_HEIGHT')%></td> +</TR> <TR> <TD CLASS='left'>Username Prompt</TD> <TD CLASS='right'> @@ -213,7 +285,10 @@ -value => $np->cfg->policy(-key => 'USERNAME_PROMPT', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'USERNAME_PROMPT', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:USERNAME_PROMPT"></td> +<td class='left'><%$np->cfg->policy(-key => 'USERNAME_PROMPT')%></td> +</TR> <TR> <TD CLASS='left'>Password Prompt</TD> <TD CLASS='right'> @@ -222,7 +297,10 @@ -value => $np->cfg->policy(-key => 'PASSWORD_PROMPT', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'PASSWORD_PROMPT', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:PASSWORD_PROMPT"></td> +<td class='left'><%$np->cfg->policy(-key => 'PASSWORD_PROMPT')%></td> +</TR> <TR> <TD CLASS='left'>Company Name</TD> <TD CLASS='right'> @@ -231,7 +309,10 @@ -value => $np->cfg->policy(-key => 'COMPANY_NAME', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'COMPANY_NAME', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:COMPANY_NAME"></td> +<td class='left'><%$np->cfg->policy(-key => 'COMPANY_NAME')%></td> +</TR> <TR> <TD CLASS='left'>Company Abbreviation</TD> <TD CLASS='right'> @@ -240,7 +321,10 @@ -value => $np->cfg->policy(-key => 'COMPANY_SHORT_NAME', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'COMPANY_SHORT_NAME', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:COMPANY_SHORT_NAME"></td> +<td class='left'><%$np->cfg->policy(-key => 'COMPANY_SHORT_NAME')%></td> +</TR> <TR> <TD CLASS='left'>Organization Name</TD> <TD CLASS='right'> @@ -249,7 +333,10 @@ -value => $np->cfg->policy(-key => 'COMPANY_UNIT_NAME', -network => $network), -size => 25, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'COMPANY_UNIT_NAME', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:COMPANY_UNIT_NAME"></td> +<td class='left'><%$np->cfg->policy(-key => 'COMPANY_UNIT_NAME')%></td> +</TR> <TR> <TD CLASS='left'>Example IP Address</TD> <TD CLASS='right'> @@ -258,6 +345,9 @@ -value => $np->cfg->policy(-key => 'EXAMPLE_IPADDR', -network => $network), -size => 16, )%> -</TD></TR> +</TD> +<td class='left'><input type='checkbox' <%$np->cfg->policyLocation(-key => 'EXAMPLE_IPADDR', -network => $network, -location => 'group')?"":"checked"%> name="usedefault:EXAMPLE_IPADDR"></td> +<td class='left'><%$np->cfg->policy(-key => 'EXAMPLE_IPADDR')%></td> +</TR> </TBODY></TABLE> Index: Login =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/Login,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- Login 29 Apr 2005 00:30:07 -0000 1.9 +++ Login 4 May 2005 03:09:45 -0000 1.10 @@ -5,7 +5,9 @@ # Available under the "Artistic License" # http://www.gnu.org/licenses/license-list.html#ArtisticLicense -This component outputs a login prompt form. +This component outputs a login prompt form. It returns 1 if the user has successfully +logged in, otherwise it returns 0. + </%doc> @@ -29,10 +31,11 @@ $m->session->{'logged_in'} = 1; # FIX/Client/Login $m->session->{'username'} = $username; $m->session->{'my_groups'} = $np->db->getUserGroups($username); - if ($m->caller(-1)->path =~ /^\/Admin/) { - $m->redirect($m->caller(-1)->path); + my $uri = $r->uri; + if ($uri =~ /^\/Admin/) { + $m->redirect($uri); } else { - $m->redirect('/Admin'); + $m->redirect('/Admin/index.mhtml'); } return 1; Index: LockConfig =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/LockConfig,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- LockConfig 3 May 2005 16:13:22 -0000 1.7 +++ LockConfig 4 May 2005 03:09:45 -0000 1.8 @@ -5,128 +5,23 @@ </%args> <script language="JavaScript"> -<!-- var lockOpPending = false; +var lockConfig_EE = new Array; -function lockConfig_results(r) { - var b = document.getElementById('lockButton'); - if (b) { - b.disabled = ''; - b.innerHTML = "Lock Config"; - } - lockOpPending = false; - var ra = r.split(/\s+/); - var i = 0; - while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } - - if (ra[i] == "OK") { - // something succeeded - if (ra[i+1] == "lock") { - // we got the lock, change button to - // green and text to 'unlock' - b.style.backgroundColor = '#77FF77'; - b.innerHTML = 'Config is Locked (by you)<BR>Unlock Config'; - adjust_onClick(b, "return lockConfig(0, 0);"); - enable_element('submitButton'); - } else { - // we got the unlock, button -> yellow - // text -> 'lock' - b.style.backgroundColor = '#FFFF77'; - b.innerHTML = 'Config is Unlocked<BR>Lock Config'; - adjust_onClick(b, "return lockConfig(1, 0);"); - disable_element('submitButton'); - } - } else { - // something failed - - if (ra[i+1] == "lock") { - // we didnt get the lock, change button to - // red and text to 'force lock' - b.style.backgroundColor = '#FF7777'; - b.innerHTML = 'Config is Locked by '+ra[i+2]+'<BR>Force Lock Config'; - adjust_onClick(b, "return lockConfig(1, 1);"); - disable_element('submitButton'); - } else { - // we didnt get the unlock, - // button -> red - // text -> 'force unlock' - b.style.backgroundColor = '#FF7777'; - b.innerHTML = 'Config is Locked by '+ra[i+2]+'<BR>Force Unlock Config'; - adjust_onClick(b, "return lockConfig(0, 1);"); - disable_element('submitButton'); - } - } -} - -function lockConfig(lock, force) { - // lock: 0 = unlock, 1 = lock - // force: 0 = no, 1 = yes - - if (lockOpPending) return; - - var b = document.getElementById('lockButton'); - if (b) { - b.innerHTML = "Wait ..."; - adjust_onClick(b, "return false;"); - b.disabled = true; - } - - lockOpPending = true; - var url = "cmd/lockcfg.mhtml?printable=2&lock="+lock +"&force="+force; - xmlhttp.open("GET", url , true); - xmlhttp.onreadystatechange=function() { - if (xmlhttp.readyState == 4) { - lockConfig_results(xmlhttp.responseText); +<%perl> + if (ref($enableWhenLocked) eq "ARRAY") { + foreach my $x (@$enableWhenLocked) { + print qq{lockConfig_EE.push('$x');\n}; } - }; - xmlhttp.send(null); - return false; -} - -function lockConfig_show_unlock() { - var b = document.getElementById('lockButton'); -} - -function adjust_onClick(obj, fn) { - if (browserType_IE) { - obj.onclick = eval("x=function(e){"+fn+"}"); - } else { - obj.setAttribute('ONCLICK', fn); - } -} - -function enable_element(o) { - if (!o) return; - var o2; - if (typeof o == "string") { - o2 = document.getElementById(o); - if (!o2) return; - } else { - o2 = o; - } - - o2.disabled = false; -} - -function disable_element(o) { - if (!o) return; - - var o2; - - if (typeof o == "string") { - o2 = document.getElementById(o); - if (!o2) return; } else { - o2 = o; + print qq{lockConfig_EE.push('$enableWhenLocked');\n}; } - - o2.disabled = true; -} - - ---> +</%perl> </script> +<script src="/resources/js/lockcfg.js" type="text/javascript"></script> +<script src="/resources/js/common.js" type="text/javascript"></script> + <style> DIV.lockButton { text-align: center; @@ -150,10 +45,10 @@ # the config is locked if ($lstat->{'user'} eq $m->session->{'username'}) { # by us, so show the unlock button - print qq{<script>lockConfig_results("OK lock");enable_element('$enableWhenLocked');</script>}; + print qq{<script>lockConfig_results("OK lock");lockConfig_enableElements();</script>}; } else { # but not by us, show the force unlock button - print qq{<script>lockConfig_results("NOK lock $lstat->{'user'}");disable_element('$enableWhenLocked');</script>}; + print qq{<script>lockConfig_results("NOK lock $lstat->{'user'}");lockConfig_disableElements();</script>}; } } elsif ($lstat) { @@ -161,6 +56,6 @@ } else { # the config is not locked, show the lock button - print qq{<script>lockConfig_results("OK unlock");disable_element('$enableWhenLocked');</script>}; + print qq{<script>lockConfig_results("OK unlock");lockConfig_disableElements();</script>}; } </%perl> |
|
From: jeff m. <jef...@us...> - 2005-05-04 03:09:56
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11419/www/htdocs/OSSTemplate/js Modified Files: userform.js Added Files: common.js lockcfg.js netgroups.js Log Message: netgroup UI --- NEW FILE: netgroups.js --- function netgroup_onchange_netgroups() { var o = document.getElementById("netgroups"); if (!o) return; if (o.options[0].selected == true) { //IE o.options[0].selected == false; return; } document.forms[0].submit(); } Index: userform.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/userform.js,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- userform.js 23 Apr 2005 15:32:06 -0000 1.8 +++ userform.js 4 May 2005 03:09:45 -0000 1.9 @@ -80,8 +80,8 @@ } } } - userform_sortList("GroupList"); - userform_sortList("AvailableGroupList"); + sortList("GroupList"); + sortList("AvailableGroupList"); if (usingAuthDB) { var pwd = document.getElementById('passwdDialog'); @@ -421,8 +421,8 @@ userform_enableList("AccessControlList"); DBG_objDump(userhash, "userhash"); userform_setAclHash(); - userform_sortList("GroupList"); - userform_sortList("AvailableGroupList"); + sortList("GroupList"); + sortList("AvailableGroupList"); } else { dbg (1, RN + ": cant find AvailableGroupList and/or GroupList object"); } @@ -448,8 +448,8 @@ userform_disableList("AccessControlList"); DBG_objDump(userhash, "userhash"); userform_setAclHash(); - userform_sortList("GroupList"); - userform_sortList("AvailableGroupList"); + sortList("GroupList"); + sortList("AvailableGroupList"); } else { dbg (1, RN + ": cant find AvailableGroupList and/or GroupList object"); } @@ -470,33 +470,6 @@ } -function userform_sortList(ln) { - - if (ln) { - var l = document.getElementById(ln); - if (l && l.options.length) { - var oa = new Array(); - for (var i = 1 ; i < l.options.length ; i++) { - oa[oa.length] = new Option( l.options[i].text, - l.options[i].value, - l.options[i].defaultSelected, - l.options[i].selected); - oa = oa.sort( function(a,b) { - if ((a.value+"") < (b.value+"")) { return -1; } - if ((a.value+"") > (b.value+"")) { return 1; } - return 0; } - ); - for ( i = 0 ; i < oa.length ; i++) { - l.options[i+1] = new Option(oa[i].text, - oa[i].value, - oa[i].defaultSelected, - oa[i].selected) - ; - } - } - } - } -} function userform_onblur_addUser(o) { var RN = "userform_onblur_addUser"; @@ -524,5 +497,5 @@ ul.options[ul.options.length-1].selected = true; if(o) o.value = "Add user..."; - userform_sortList("UserList"); + sortList("UserList"); } --- NEW FILE: lockcfg.js --- function lockConfig_results(r) { var b = document.getElementById('lockButton'); if (b) { b.disabled = ''; b.innerHTML = "Lock Config"; } lockOpPending = false; var ra = r.split(/\s+/); var i = 0; while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } if (ra[i] == "OK") { // something succeeded if (ra[i+1] == "lock") { // we got the lock, change button to // green and text to 'unlock' b.style.backgroundColor = '#77FF77'; b.innerHTML = 'Config is Locked (by you)<BR>Unlock Config'; adjust_onClick(b, "return lockConfig(0, 0);"); lockConfig_enableElements(); } else { // we got the unlock, button -> yellow // text -> 'lock' b.style.backgroundColor = '#FFFF77'; b.innerHTML = 'Config is Unlocked<BR>Lock Config'; adjust_onClick(b, "return lockConfig(1, 0);"); lockConfig_disableElements(); } } else { // something failed if (ra[i+1] == "lock") { // we didnt get the lock, change button to // red and text to 'force lock' b.style.backgroundColor = '#FF7777'; b.innerHTML = 'Config is Locked by '+ra[i+2]+'<BR>Force Lock Config'; adjust_onClick(b, "return lockConfig(1, 1);"); lockConfig_disableElements(); } else { // we didnt get the unlock, // button -> red // text -> 'force unlock' b.style.backgroundColor = '#FF7777'; b.innerHTML = 'Config is Locked by '+ra[i+2]+'<BR>Force Unlock Config'; adjust_onClick(b, "return lockConfig(0, 1);"); lockConfig_disableElements(); } } } function lockConfig(lock, force) { // lock: 0 = unlock, 1 = lock // force: 0 = no, 1 = yes if (lockOpPending) return; var b = document.getElementById('lockButton'); if (b) { b.innerHTML = "Wait ..."; adjust_onClick(b, "return false;"); b.disabled = true; } lockOpPending = true; var url = "cmd/lockcfg.mhtml?printable=2&lock="+lock +"&force="+force; xmlhttp.open("GET", url , true); xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState == 4) { lockConfig_results(xmlhttp.responseText); } }; xmlhttp.send(null); return false; } function lockConfig_enableElements() { if (lockConfig_EE.length) { for (var i = 0 ; i < lockConfig_EE.length ; i++) { enable_element(lockConfig_EE[i]); } } } function lockConfig_disableElements() { if (lockConfig_EE.length) { for (var i = 0 ; i < lockConfig_EE.length ; i++) { disable_element(lockConfig_EE[i]); } } } function lockConfig_show_unlock() { var b = document.getElementById('lockButton'); } --- NEW FILE: common.js --- function adjust_onClick(obj, fn) { if (browserType_IE) { obj.onclick = eval("x=function(e){"+fn+"}"); } else { obj.setAttribute('ONCLICK', fn); } } function enable_element(o) { if (!o) return; var o2; if (typeof o == "string") { o2 = document.getElementById(o); if (!o2) return; } else { o2 = o; } o2.disabled = false; } function disable_element(o) { if (!o) return; var o2; if (typeof o == "string") { o2 = document.getElementById(o); if (!o2) return; } else { o2 = o; } o2.disabled = true; } function sortList(ln) { if (ln) { var l = document.getElementById(ln); if (l && l.options.length) { var oa = new Array(); for (var i = 1 ; i < l.options.length ; i++) { oa[oa.length] = new Option( l.options[i].text, l.options[i].value, l.options[i].defaultSelected, l.options[i].selected); oa = oa.sort( function(a,b) { if ((a.value+"") < (b.value+"")) { return -1; } if ((a.value+"") > (b.value+"")) { return 1; } return 0; } ); for ( i = 0 ; i < oa.length ; i++) { l.options[i+1] = new Option(oa[i].text, oa[i].value, oa[i].defaultSelected, oa[i].selected) ; } } } } } |
|
From: jeff m. <jef...@us...> - 2005-05-04 03:09:56
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11419/lib/NetPass Modified Files: Config.pm LOG.pm Log Message: netgroup UI Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.33 retrieving revision 1.34 diff -u -d -r1.33 -r1.34 --- Config.pm 2 May 2005 17:06:25 -0000 1.33 +++ Config.pm 4 May 2005 03:09:44 -0000 1.34 @@ -736,7 +736,7 @@ =back -SETTING POLICY SEETINGS +SETTING POLICY SETTINGS =over 4 @@ -775,8 +775,6 @@ my ($pvar, $nw, $val) = $parms->get('-key', '-network', '-val'); - - $nw = "" if ($nw eq "default"); $nw ||= ""; @@ -817,12 +815,30 @@ if (recur_exists ($self->{'cfg'}, "network", $nw, "group")) { $netgroup = $self->{'cfg'}->obj('network')->obj($nw)->value('group'); _log("DEBUG", "policy($pvar): nw=$nw is member of group $netgroup\n") if $self->debug; + $netgroup =~ s/\s/\%20/g; # Config::General bug workaround + # reported 3-may-2005 (see once more below!) + $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug + # reported 3-may-2005 + if (recur_exists ($self->{'cfg'}, "group", $netgroup, "policy", $pvar)) { _log("DEBUG", "policy($pvar): (nw=$nw) group=$netgroup has policy section. returning that.\n") if $self->debug; return $self->{'cfg'}->obj('group')->obj($netgroup)->obj('policy')->value($pvar); } } + # if the above didnt work, perhaps we were given a group name + + $netgroup = $nw; + $netgroup =~ s/\s/\%20/g; # Config::General bug workaround + $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug + if (recur_exists($self->{'cfg'}, "group", $netgroup)) { + _log ("DEBUG", "policy($pvar): (nw=$nw) looks like a netgroup.\n") if $self->debug; + if (recur_exists($self->{'cfg'}, 'group', $netgroup, 'policy', $pvar)) { + _log ("DEBUG", "policy($pvar): (nw=$nw) found it in netgroup policy\n") if $self->debug; + return $self->{'cfg'}->obj('group')->obj($netgroup)->obj('policy')->value($pvar); + } + } + # finally, look in the global policy _log("DEBUG", "policy($pvar): looking in global policy.\n") if $self->debug; @@ -869,6 +885,10 @@ _log("DEBUG", "group=$nw set group policy for $pvar\n") if $self->debug; + $nw =~ s/\s/\%20/g; # Config::General bug workaround + # reported 3-may-2005 + $nw =~ tr [A-Z] [a-z]; # another Config::General bug + if (! recur_exists ($self->{'cfg'}, "group", $nw)) { return undef; #"nosuch group"; } @@ -876,18 +896,18 @@ if (! recur_exists ($self->{'cfg'}, "group", $nw, 'policy')) { # create one _log("DEBUG", "group=$nw create a group policy \n") if $self->debug; - $self->{'cfg'}->obj('network')->obj($nw)->policy({}); + $self->{'cfg'}->obj('group')->obj($nw)->policy({}); } if ( recur_exists ($self->{'cfg'}, "network", $nw, "policy", $pvar) ) { _log("DEBUG", "group=$nw set group policy for $pvar (has oldval)\n") if $self->debug; - $oldvalue = $self->{'cfg'}->obj('network')->obj($nw)->obj('policy')->value($pvar); - $self->{'cfg'}->obj('network')->obj($nw)->obj('policy')->$pvar($val); + $oldvalue = $self->{'cfg'}->obj('group')->obj($nw)->obj('policy')->value($pvar); + $self->{'cfg'}->obj('group')->obj($nw)->obj('policy')->$pvar($val); return $oldvalue; } _log("DEBUG", "group=$nw set group policy for $pvar (no oldval)\n") if $self->debug; - $self->{'cfg'}->obj('network')->obj($nw)->obj('policy')->$pvar($val); + $self->{'cfg'}->obj('group')->obj($nw)->obj('policy')->$pvar($val); return undef; } @@ -913,6 +933,180 @@ return undef; } + +=head2 policyLocation(-key => '', -network => '', -location => [''|global|group|network]) + +Check if a given policy variable is set in the specified location. If location +is '', then we return an ARRAY ref that contains the locations the given +variable was found in. Otherwise we return 0 or 1 based on whether or not +we found the variable in the specified location. + +RETURNS + + 0 not found in specified location + 1 found in specified location + ARRAYREF found in the following locations (may be empty) + "invalid parameters" routine called incorrectly + +=cut + +sub policyLocation { + my $self = shift; + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-key -network -location)], + -required => [qw(-key)], + -defaults => { -network => '', -location => '' } + } + ); + + if (!defined($parms)) { + return "invalid parameters ". Carp::longmess("invalid parameters ".Class::ParmList->error); + } + + my ($pvar, $nw, $location) = $parms->get('-key', '-network', '-location'); + + _log("DEBUG", "checking for policy $nw:$pvar in location:$location\n") if $self->debug; + + $pvar =~ tr [A-Z] [a-z]; # AutoLowerCase + $nw = "" if ($nw eq "default"); + + my $rv = []; + + return 0 + if ($location eq "global" && !recur_exists($self->{'cfg'}, 'policy', $pvar)); + + if (recur_exists($self->{'cfg'}, 'policy', $pvar)) { + return 1 if ($location eq "global"); + push @$rv, "global"; + } + + my $nw2 = $nw; + $nw2 =~ s/\s/%20/g; # Config::General bug + $nw2 =~ tr [A-Z] [a-z]; # Config::General bug + + if (($location eq "group") && !recur_exists($self->{'cfg'}, 'group', $nw2, 'policy', $pvar)) { + return 0; + } + + if (recur_exists($self->{'cfg'}, 'group', $nw2, 'policy', $pvar)) { + return 1 if ($location eq "group"); + push @$rv, "group"; + } + + $nw = $self->{'cfg'}->getMatchingNetwork(-ip => $nw); + + return 0 + if ($location eq "network" && !recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)); + + if (recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)) { + return 1 if ($location eq "network"); + push @$rv, "network"; + } + + return $rv; +} + +=head2 removePolicy(-key => '', -network => '', -location => [global|group|network]) + +Remove the policy variable from the specified location. You can't remove +policy variables from the "global" location, depite being listed. + +RETURNS + + 0 success + "invalid parameters" routine called incorrectly + "cant remove" cant remove the variable + +=cut + +sub removePolicy { + my $self = shift; + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-key -network -location)], + -required => [qw(-key)], + -defaults => { -network => '', -location => '' } + } + ); + + if (!defined($parms)) { + return "invalid parameters ".Carp::longmess("invalid parameters ".Class::ParmList->error); + } + + my ($pvar, $nw, $location) = $parms->get('-key', '-network', '-location'); + + $pvar =~ tr [A-Z] [a-z]; # AutoLowerCase + $nw = "" if ($nw eq "default"); + + if ( ($location eq "global") && recur_exists($self->{'cfg'}, 'policy', $pvar)) { + # global policy settings cant be deleted. + return "cant delete global policy variable"; + } + + my $nw2 = $nw; + $nw2 =~ s/\s/%20/g; # Config::General bug + $nw2 =~ tr [A-Z] [a-z]; # Config::General bug + + if (($location eq "group") && recur_exists($self->{'cfg'}, 'group', $nw2, 'policy', $pvar)) { + $self->{'cfg'}->obj('group')->obj($nw2)->obj('policy')->delete($pvar); + return 0; + } + + $nw = $self->{'cfg'}->getMatchingNetwork(-ip => $nw); + + if ( ($location eq "network") && + recur_exists($self->{'cfg'}, 'network', $nw, 'policy', $pvar)) { + $self->{'cfg'}->obj('network')->obj($nw)->obj('policy')->delete($pvar); + return 0; + } + + return 0; +} + +=head2 0|1 = $cfg-E<gt>createNetgroup(-name => $name) + +Create a new netgroup. + +RETURNS + 0 on success + "group exists" on failure (group already exists) + "invalid parameters" routine called improperly + +=cut + +sub createNetgroup { + my $self = shift; + + $self->reloadIfChanged(); + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-name)], + -required => [qw(-name)], + -defaults => { -name => '' } + } + ); + + return Carp::longmess("invalid parameters ".Class::ParmList->error) if (!defined($parms)); + + my ($name) = $parms->get('-name'); + + return "invalid parameters" if (!defined($name) || ($name eq "")); + + $name =~ s/\s/%20/g; # Config::General bug + $name =~ tr [A-Z] [a-z]; # another Config::General bug + + if (recur_exists($self->{'cfg'}, "group", $name)) { + return "group exists"; + } + $self->{'cfg'}->obj("group")->$name({}); + return 0; +} + + =head2 my $network = $cfg-E<gt>getMatchingNetwork(-ip => $ip, -switch => $ip, -port => $port) Return the network that the specified IP is a part of. If IP is Index: LOG.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/LOG.pm,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -d -r1.1.1.1 -r1.2 --- LOG.pm 24 Sep 2004 01:05:20 -0000 1.1.1.1 +++ LOG.pm 4 May 2005 03:09:44 -0000 1.2 @@ -131,6 +131,7 @@ $_SL =~ tr [A-Z] [a-z]; $_SL = ($_SL eq "error") ? "err" : $_SL; #print STDERR "level: $_SL\n"; + $s =~ s/%/%%/g; syslog($_SL, $s); } } |
|
From: jeff m. <jef...@us...> - 2005-05-04 03:09:54
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11419 Modified Files: MANIFEST Makefile Log Message: netgroup UI Index: Makefile =================================================================== RCS file: /cvsroot/netpass/NetPass/Makefile,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- Makefile 21 Apr 2005 16:33:00 -0000 1.4 +++ Makefile 4 May 2005 03:09:44 -0000 1.5 @@ -10,3 +10,14 @@ find . -type f -print | egrep -v '(CVS|.nfs|.#)' | \ sed -e 's/\.\///' > MANIFEST +.PHONY: install + +# e.g. +# sudo make install EXCLUDE="--exclude='BeginScan' --exclude='.*\.mhtml'" + +install: + ./install -c $(EXCLUDE) /opt/netpass + /etc/init.d/apache stop + sleep 5 + /etc/init.d/apache start + Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.37 retrieving revision 1.38 diff -u -d -r1.37 -r1.38 --- MANIFEST 3 May 2005 16:13:20 -0000 1.37 +++ MANIFEST 4 May 2005 03:09:44 -0000 1.38 @@ -206,7 +206,10 @@ www/htdocs/OSSTemplate/js/OSSTemplate.js www/htdocs/OSSTemplate/js/userform.js www/htdocs/OSSTemplate/js/debug.js +www/htdocs/OSSTemplate/js/netgroups.js www/htdocs/OSSTemplate/js/xmlhttp.js +www/htdocs/OSSTemplate/js/lockcfg.js +www/htdocs/OSSTemplate/js/common.js www/htdocs/OSSTemplate/.htaccess www/htdocs/load-test.mhtml www/htdocs/autohandler |
|
From: jeff m. <jef...@us...> - 2005-05-04 03:09:54
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11419/www/htdocs/Admin Modified Files: autohandler netgroups.mhtml user.mhtml Log Message: netgroup UI Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/autohandler,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- autohandler 3 May 2005 16:13:30 -0000 1.10 +++ autohandler 4 May 2005 03:09:45 -0000 1.11 @@ -39,7 +39,7 @@ <a class="sbLinks" href="/Admin/gencfg.mhtml" title="">General</a><br> <a class="sbLinks" href="/Admin/network.mhtml" title="">Network</a><br> <a class="sbLinks" href="/Admin/netgroups.mhtml" title="">Netgroup</a><br> -<a class="sbLinks" href="/Admin/urlfilter.mhtml" title="">URL Filter</a><br> +<!--<a class="sbLinks" href="/Admin/urlfilter.mhtml" title="">URL Filter</a><br>--> <a class="sbLinks" href="/Admin/greset.mhtml" title="">Global Reset</a><br> <a class="sbLinks" href="/Admin/Scan/ids.mhtml" title="">IDS Config</a><br> </DIV> @@ -73,7 +73,8 @@ if ($m->session->{'logged_in'} && ($m->session->{'username'} ne "")); $m->comp('/style/back/end_sidebar', %ARGS) unless $printable; -$m->call_next; +my $LI = $m->comp('/Admin/Login', %ARGS); +$m->call_next if $LI; $m->comp('/style/back/end_content', %ARGS) unless $printable; </%perl> Index: user.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/user.mhtml,v retrieving revision 1.21 retrieving revision 1.22 diff -u -d -r1.21 -r1.22 --- user.mhtml 1 May 2005 05:44:12 -0000 1.21 +++ user.mhtml 4 May 2005 03:09:45 -0000 1.22 @@ -23,7 +23,6 @@ --></script> <%perl> - use Data::Dumper; my $D = 0; # DEBUG ON/OFF @@ -243,6 +242,7 @@ </%perl> <script src="/resources/js/userform.js" type="text/javascript"></script> +<script src="/resources/js/common.js" type="text/javascript"></script> <script language="JavaScript"> DBG_init(); var whoami = "<%$whoami%>"; Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- netgroups.mhtml 3 May 2005 16:13:30 -0000 1.1 +++ netgroups.mhtml 4 May 2005 03:09:45 -0000 1.2 @@ -13,9 +13,9 @@ RO none </%doc> <%args> - $submit => ''; - $netgroups => ''; - $networks => ''; + $submitButton => ''; + $netgroups => ''; + $networks => ''; </%args> <%perl> return unless $m->comp('/Admin/Login', %ARGS); @@ -38,35 +38,45 @@ my $ng = $np->cfg->getNetgroup($nw); push @$allNetgroups, $ng if ($ng ne "") && (!grep(/^$ng$/, @$allNetgroups)); } - </%perl> <h2> Network Configuration </h2> -% $m->comp('/Admin/LockConfig', 'enableWhenLocked' => 'addNetgroup'); -% my $WH = "-" x 20; +<%perl> +$m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'addNetgroup', 'submitButton' ]); +my $WH = "-" x 20; -<script language='JavaScript'>//<!-- -var pageDirty = false; -setWhereAmI('Configuration > Netgroups'); +my $restartnetpass = 0; +my $restartnessus = 0; +my $restarthttpd = 0; -function netgroup_onchange_netgroups() { - var o = document.getElementById("netgroups"); - if (!o) return; - if (o.options[0].selected == true) { //IE - o.options[0].selected == false; - return; +if ($submitButton eq 'Commit Changes') { + foreach my $ak ( keys %ARGS ) { + if ($ak =~ /^(\S+):(\S+)$/) { + my $section = $1; + my $var = $2; + + if ($section eq "policy") { + if ($ARGS{"usedefault:$var"}) { + $np->cfg->removePolicy(-key => $var, + -location => 'group', + -network => $netgroups); + } else { + $np->cfg->policy(-key => $var, -network => $netgroups, + -val => $ARGS{$ak}); + } + } + } } - document.forms[0].submit(); -} -var reservedGroups = new Array; -<%perl> -foreach my $rg ($WH, keys %$reservedGroups) { - print qq{reservedGroups.push('$rg');\n}; + my $rv = $np->cfg->save(-user => $m->session->{'username'}); + if ($rv) { + print "<P class='error'>Failed to save configuration: $rv</P>"; + } else { + print "<P class='error'>Netgroup Configuration Saved.</P>"; + } } </%perl> -//--></script> <form method="post"> <table border=0> @@ -86,13 +96,50 @@ <td style='text-align:center; vertical-align: top;'> <%$q->scrolling_list(-name => 'networks', -id => 'networks', -values => [ $WH, sort @$allNetworks ], -attributes => { $WH => { 'disabled' => 1 } }, - -default => $networks, -size => 15, -multiple => 'false')%><BR> + -default => $networks, -size => 15, -multiple => 'false')%><P> + <input type='submit' name='submitButton' id='submitButton' value='Commit Changes' disabled> </td> </tr> </table> <P> % if ($netgroups) { -% $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Netgroup General Settings for '.$netgroups, 'network' => $netgroups); +% $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Netgroup General Settings for '.$netgroups, 'network' => $netgroups, 'suppressKeys' => { 'PID_DIR' => 1, 'BASE_DIR' => 1 } ); % } - </form> + +<script language='JavaScript'> +var pageDirty = false; +setWhereAmI('Configuration > Netgroups'); +var reservedGroups = new Array; +<%perl> +foreach my $rg ($WH, keys %$reservedGroups) { + print qq{reservedGroups.push('$rg');\n}; +} +</%perl> +</script> +<script src="/resources/js/common.js" type="text/javascript"></script> +<script src="/resources/js/netgroups.js" type="text/javascript"></script> + + +<%perl> +my $lstat = $np->db->isConfigLocked(); + +if (ref($lstat) eq "HASH") { + # the config is locked + if ($lstat->{'user'} eq $m->session->{'username'}) { + # by us, so show the unlock button + print qq{<script>lockConfig_results("OK lock");lockConfig_enableElements();</script>}; + } else { + # but not by us, show the force unlock button + print qq{<script>lockConfig_results("NOK lock $lstat->{'user'}");lockConfig_disableElements();</script>}; + } +} +elsif ($lstat) { + # there was a problem +} +else { + # the config is not locked, show the lock button + print qq{<script>lockConfig_results("OK unlock");lockConfig_disableElements();</script>}; +} + +</%perl> |
|
From: Matt <mt...@us...> - 2005-05-03 19:06:55
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21943 Modified Files: netpass-install.sxw Log Message: Index: netpass-install.sxw =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/netpass-install.sxw,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 Binary files /tmp/cvs2DTKxj and /tmp/cvslbzCgu differ |
|
From: jeff m. <jef...@us...> - 2005-05-03 16:14:08
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12903 Modified Files: MANIFEST Log Message: netgroup/network web UI Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.36 retrieving revision 1.37 diff -u -d -r1.36 -r1.37 --- MANIFEST 2 May 2005 17:06:25 -0000 1.36 +++ MANIFEST 3 May 2005 16:13:20 -0000 1.37 @@ -140,6 +140,7 @@ www/components/Admin/Login www/components/Admin/MemberOf www/components/Admin/LockConfig +www/components/Admin/TableEditPolicy www/components/Client/BeginScan www/components/Client/GetInfo www/components/Client/Login @@ -179,12 +180,14 @@ www/htdocs/Admin/qc.mhtml www/htdocs/Admin/user.mhtml www/htdocs/Admin/urlfilter.mhtml +www/htdocs/Admin/network.mhtml www/htdocs/Admin/clienthistory.mhtml www/htdocs/Admin/help.mhtml www/htdocs/Admin/chpwd.mhtml www/htdocs/Admin/auth.mhtml -www/htdocs/Admin/lockcfg.mhtml +www/htdocs/Admin/cmd/lockcfg.mhtml www/htdocs/Admin/cmd/setresult.mhtml +www/htdocs/Admin/netgroups.mhtml www/htdocs/OSSTemplate/css/OSSTemplate.css.cgi www/htdocs/OSSTemplate/css/.htaccess www/htdocs/OSSTemplate/css/calendar.css |
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12903/www/htdocs/Admin Modified Files: auth.mhtml autohandler chpwd.mhtml clienthistory.mhtml logout.mhtml reports.mhtml Added Files: netgroups.mhtml network.mhtml Removed Files: lockcfg.mhtml Log Message: netgroup/network web UI Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/autohandler,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- autohandler 25 Apr 2005 19:15:03 -0000 1.9 +++ autohandler 3 May 2005 16:13:30 -0000 1.10 @@ -38,9 +38,10 @@ <DIV class='indent'> <a class="sbLinks" href="/Admin/gencfg.mhtml" title="">General</a><br> <a class="sbLinks" href="/Admin/network.mhtml" title="">Network</a><br> +<a class="sbLinks" href="/Admin/netgroups.mhtml" title="">Netgroup</a><br> <a class="sbLinks" href="/Admin/urlfilter.mhtml" title="">URL Filter</a><br> -<a class="sbLinks" href="/Admin/Editor/" title="">Message Editor</a><br> <a class="sbLinks" href="/Admin/greset.mhtml" title="">Global Reset</a><br> +<a class="sbLinks" href="/Admin/Scan/ids.mhtml" title="">IDS Config</a><br> </DIV> <DIV class='sbText'>Authentication</DIV> <DIV class='indent'> @@ -52,10 +53,10 @@ <a class="sbLinks" href="/Admin/mr.mhtml" title="">Manual Register</a><br> <a class="sbLinks" href="/Admin/qc.mhtml" title="">QuarControl</a><br> <a class="sbLinks" href="/Admin/Scan/" title="">Scan Config</a><br> -<a class="sbLinks" href="/Admin/Scan/ids.mhtml" title="">IDS Config</a><br> +<a class="sbLinks" href="/Admin/Editor/" title="">Message Editor</a><br> </DIV> <DIV class='sbText'>Logs and Reports</DIV> -<DIV class='indent'> +<DIV class='indent' style='border-bottom: solid 1px white;'> <a class="sbLinks" href="/Admin/audit.mhtml" title="">Audit Logs</a><br> <a class="sbLinks" href="/Admin/reports.mhtml" title="">Reports</a><br> </DIV> Index: chpwd.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/chpwd.mhtml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- chpwd.mhtml 24 Apr 2005 03:42:03 -0000 1.2 +++ chpwd.mhtml 3 May 2005 16:13:30 -0000 1.3 @@ -8,6 +8,11 @@ $new2 => ''; </%args> +<script language='JavaScript'><!-- +var pageDirty = false; +setWhereAmI('Change Password'); +--></script> + <%perl> # if we are root admin or root usereditor, # then "old" password isnt prompted for Index: reports.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/reports.mhtml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- reports.mhtml 15 Oct 2004 15:49:35 -0000 1.2 +++ reports.mhtml 3 May 2005 16:13:30 -0000 1.3 @@ -9,6 +9,10 @@ <%args> </%args> +<script language='JavaScript'><!-- +var pageDirty = false; +setWhereAmI('Logs and Reports'); +--></script> <a href="reports/bynet.mhtml">By Network</a><BR> <a href="reports/byclient.mhtml">By Client</a><BR> Index: clienthistory.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/clienthistory.mhtml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- clienthistory.mhtml 1 May 2005 05:44:12 -0000 1.2 +++ clienthistory.mhtml 3 May 2005 16:13:30 -0000 1.3 @@ -6,13 +6,17 @@ # Available under the "Artistic License" # http://www.gnu.org/licenses/license-list.html#ArtisticLicense </%doc> - <%args> $mac => ''; $notes => ''; $action => ''; </%args> +<script language='JavaScript'><!-- +var pageDirty = false; +setWhereAmI('Client Configuration > Quarantine Control > Client History'); +--></script> + <%perl> my $readOnly = "disabled"; Index: auth.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/auth.mhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- auth.mhtml 24 Apr 2005 03:57:26 -0000 1.1 +++ auth.mhtml 3 May 2005 16:13:29 -0000 1.2 @@ -3,6 +3,11 @@ <%args> </%args> +<script language='JavaScript'><!-- +var pageDirty = false; +setWhereAmI('Authentication > Methods'); +--></script> + <TABLE WIDTH=800 ID="authMethods" CELLSPACING=2 CELLPADDING=2> <THEAD> <TR><TH COLSPAN=2>Authentication Methods</TH></TR> --- lockcfg.mhtml DELETED --- Index: logout.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/logout.mhtml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- logout.mhtml 28 Sep 2004 16:03:00 -0000 1.2 +++ logout.mhtml 3 May 2005 16:13:30 -0000 1.3 @@ -7,7 +7,10 @@ This component deletes the session.. </%doc> - +<script language='JavaScript'><!-- +var pageDirty = false; +setWhereAmI('Logout'); +--></script> <%perl> if (exists $m->session->{'logged_in'}) { $m->session->{'logged_in'} = 0; --- NEW FILE: network.mhtml --- <%doc> DESCRIPTION This form allows you to: - add/remove networks - configure per-network settings - comment - ha enabled/disabled + settings - garp enabled/disabled + settings - netgroup membership - interface - nonquar/quar vlan id - switches - configure perl-network policy - any of the policy settings PERMISSIONS RW default/Admin RO none </%doc> <%args> $submit => ''; </%args> <%perl> return unless $m->comp('/Admin/Login', %ARGS); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if (!$isRoot) { print qq{<p class='error'>Sorry, you don't have access to this form.}; return; } # these group names can not be used as 'netgroups' my $reservedGroups = { 'default' => 1, 'clientAccess' => 1 }; # fetch all known networks and netgroups my $allNetworks = $np->cfg->getNetworks(); my $allNetgroups = (); foreach my $nw (@$allNetworks) { my $ng = $np->cfg->getNetgroup($nw); push @$allNetgroups, $ng if ($ng ne "") && (!grep(/^$ng$/, @$allNetgroups)); } </%perl> <h2> Network Configuration </h2> % $m->comp('/Admin/LockConfig'); % my $WH = "-" x 20; <script language='JavaScript'><!-- var pageDirty = false; setWhereAmI('Configuration > Network'); --></script> <form method="post"> <table border=0> <tr> <th>Netgroups</th> <th>Networks</th> </tr> <tr> <td style='text-align:center;'> <%$q->scrolling_list(-name => 'netgroups', -values => [ $WH, sort @$allNetgroups ], -size => 15, -multiple => 'false')%><BR> <input id='addNetgroup' name='addNetgroup' size=20 value='Add Netgroup...' disabled> </td> <td style='text-align:center;'> <%$q->scrolling_list(-name => 'networks', -values => [ $WH, sort @$allNetworks ], -size => 15, -multiple => 'false')%><BR> <input id='addNetwork' name='addNetwork' size=20 value='Add Network...' disabled> </td> </tr> </table> <table id='networkPolicy'> </table> </form> --- NEW FILE: netgroups.mhtml --- <%doc> DESCRIPTION This form allows you to: - add/remove netgroups - configure per-netgroup policy - any of the policy settings PERMISSIONS RW default/Admin RO none </%doc> <%args> $submit => ''; $netgroups => ''; $networks => ''; </%args> <%perl> return unless $m->comp('/Admin/Login', %ARGS); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if (!$isRoot) { print qq{<p class='error'>Sorry, you don't have access to this form.}; return; } # these group names can not be used as 'netgroups' my $reservedGroups = { 'default' => 1, 'clientAccess' => 1 }; # fetch all known networks and netgroups my $allNetworks = $np->cfg->getNetworks(); my $allNetgroups = (); foreach my $nw (@$allNetworks) { my $ng = $np->cfg->getNetgroup($nw); push @$allNetgroups, $ng if ($ng ne "") && (!grep(/^$ng$/, @$allNetgroups)); } </%perl> <h2> Network Configuration </h2> % $m->comp('/Admin/LockConfig', 'enableWhenLocked' => 'addNetgroup'); % my $WH = "-" x 20; <script language='JavaScript'>//<!-- var pageDirty = false; setWhereAmI('Configuration > Netgroups'); function netgroup_onchange_netgroups() { var o = document.getElementById("netgroups"); if (!o) return; if (o.options[0].selected == true) { //IE o.options[0].selected == false; return; } document.forms[0].submit(); } var reservedGroups = new Array; <%perl> foreach my $rg ($WH, keys %$reservedGroups) { print qq{reservedGroups.push('$rg');\n}; } </%perl> //--></script> <form method="post"> <table border=0> <tr> <th>Netgroups</th> <th>Networks</th> </tr> <tr> <td style='text-align:center; vertical-align: top;'> <%$q->scrolling_list(-name => 'netgroups', -values => [ $WH, sort @$allNetgroups ], -default => $netgroups, -id => 'netgroups', -attributes => { $WH => { 'disabled' => 1 } }, -onchange => 'netgroup_onchange_netgroups();', -size => 15, -multiple => 'false')%><P> <input id='addNetgroup' name='addNetgroup' size=20 value='Add Netgroup...' disabled> </td> <td style='text-align:center; vertical-align: top;'> <%$q->scrolling_list(-name => 'networks', -id => 'networks', -values => [ $WH, sort @$allNetworks ], -attributes => { $WH => { 'disabled' => 1 } }, -default => $networks, -size => 15, -multiple => 'false')%><BR> </td> </tr> </table> <P> % if ($netgroups) { % $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Netgroup General Settings for '.$netgroups, 'network' => $netgroups); % } </form> |
|
From: jeff m. <jef...@us...> - 2005-05-03 16:13:39
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12903/www/htdocs/Admin/cmd Added Files: lockcfg.mhtml Log Message: netgroup/network web UI --- NEW FILE: lockcfg.mhtml --- <%doc> </%doc> <%args> $lock => 0; $force => 0; </%args> <%perl> my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if (! $isRoot ) { if ($lock) { print "NOK lock permission denied\n"; } else { print "NOK unlock permission denied\n"; } return; } my $lstat = $np->db->isConfigLocked(); my $rv; if ($lock) { # we want to lock the config if (ref($lstat) eq "HASH") { # config is already locked if ($lstat->{'user'} ne $m->session->{'username'}) { # and not by us if ($force) { # we're willing to force the issue $rv = $np->db->unlockConfig(-rev => $lstat->{'rev'}, -user => $m->session->{'username'}); if ($rv) { # fail print "NOK lock unlockfailed $rv\n"; } else { $rv = $np->db->lockConfig(-rev => $lstat->{'rev'}, -user => $m->session->{'username'}); if ($rv) { # fail print "NOK lock force err=$rv\n"; } else { # success print "OK lock\n"; } } } else { # we're not willing to break the lock print "NOK lock lockedby=".$lstat->{'user'}."\n"; } } else { # config is already locked by us print "OK lock alreadylocked\n"; } } elsif ($lstat) { # an error occurred print "NOK lock isConfigLockedErr $lstat\n"; } else { # config is not locked, lock it $rv = $np->db->getConfig(); $rv = $np->db->lockConfig(-rev => $rv->{'rev'}, -user => $m->session->{'username'}); if ($rv) { # fail print "NOK lock err=$rv\n"; } else { # success print "OK lock\n"; } } } else { # we want to unlock the config if (ref($lstat) eq "HASH") { # config is locked if ($lstat->{'user'} ne $m->session->{'username'}) { # and not by us if ($force) { # we're willing to force the issue $rv = $np->db->unlockConfig(-rev => $lstat->{'rev'}, -user => $m->session->{'username'}); if ($rv) { # error print "NOK unlock $rv\n"; } else { print "OK unlock\n"; } } else { # we're not willing to break the lock print "NOK unlock lockedby=".$lstat->{'user'}."\n"; } } else { # config is locked by us: unlock it $rv = $np->db->unlockConfig(-rev => $lstat->{'rev'}, -user => $m->session->{'username'}); if ($rv) { # fail print "NOK unlock $rv\n"; } else { print "OK unlock\n"; } } } elsif ($lstat) { # an error occurred print "NOK unlock $lstat\n"; } else { # config is not locked: NOP print "OK unlock\n"; } } </%perl> |
|
From: jeff m. <jef...@us...> - 2005-05-03 16:13:38
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12903/www/components/Admin Modified Files: LockConfig Added Files: TableEditPolicy Log Message: netgroup/network web UI --- NEW FILE: TableEditPolicy --- <%doc> </%doc> <%args> $tableName => 'General'; $netgroup => ''; $network => ''; </%args> <TABLE WIDTH=800 ID="policyConfig" class="expandable" CELLSPACING=2 CELLPADDING=2> <THEAD> <TR><TH onclick="showHideObj2(getElementById('policyConfig').tBodies[0]);" COLSPAN=2><%$tableName%></TH></TR> </THEAD> <TBODY> <TR> <TD CLASS='left'>MULTI_MAC</TD> <TD CLASS='right' > <%$q->popup_menu ( -name => 'policy:MULTI_MAC', -values => ['ALL_OK', 'ONE_OK', 'DISALLOWED'], -default => $np->cfg->policy(-key => 'MULTI_MAC', -network => $network), )%> <!--<a href="help.mhtml?printable=1&topic=MULTI_MAC" target='new' style='align:right;'>?</a>--> </TD></TR> <TR> <TD CLASS='left'>Strikes</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:STRIKES', -value => $np->cfg->policy(-key => 'STRIKES', -network => $network), -size => 3, )%> </TD></TR> <TR> <TD CLASS='left'>RESULTS_DISPLAY</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'policy:RESULTS_DISPLAY', -values => ['INLINE', 'POPUP'], -default => $np->cfg->policy(-key => 'RESULTS_DISPLAY', -network => $network), )%> </TD></TR> <TR> <TD CLASS='left'>RESULTS_EXPAND</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:RESULTS_EXPAND', -value => $np->cfg->policy(-key => 'RESULTS_EXPAND', -network => $network), -size => 3, )%> </TD></TR> <TR> <TD CLASS='left'>AUTO_REDIRECT</TD> <TD CLASS='right'> <%$q->radio_group ( -name => 'policy:AUTO_REDIRECT', -values => ['Yes', 'No'], -default => ($np->cfg->policy(-key => 'AUTO_REDIRECT', -network => $network)) ? 'Yes' : 'No' )%> </TD></TR> <TR> <TD CLASS='left'>COOKIE_DETECT</TD> <TD CLASS='right'> <%$q->radio_group ( -name => 'policy:COOKIE_DETECT', -values => ['Yes', 'No'], -default => ($np->cfg->policy(-key => 'COOKIE_DETECT', -network => $network)) ? 'Yes' : 'No' )%> </TD></TR> <TR> <TD CLASS='left'>COOKIE_NAME</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:COOKIE_NAME', -value => $np->cfg->policy(-key => 'COOKIE_NAME', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>REDIR_URL_DEFAULT</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:REDIR_URL_DEFAULT', -value => $np->cfg->policy(-key => 'REDIR_URL_DEFAULT', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>SURVEY_ENABLED</TD> <TD CLASS='right'> <%$q->radio_group ( -name => 'policy:SURVEY_ENABLED', -values => ['Yes', 'No'], -default => ($np->cfg->policy(-key => 'SURVEY_ENABLED', -network => $network)) ? 'Yes' : 'No' )%> </TD></TR> <TR> <TD CLASS='left'>SURVEY_EMAIL</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:SURVEY_EMAIL', -value => $np->cfg->policy(-key => 'SURVEY_EMAIL', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>PID_DIR</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:PID_DIR', -value => $np->cfg->policy(-key => 'PID_DIR', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>BASE_DIR</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:BASE_DIR', -value => $np->cfg->policy(-key => 'BASE_DIR', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>PORT_SEARCH_ALGO</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'policy:PORT_SEARCH_ALGO', -values => ['LINEAR', 'TREE'], -default => $np->cfg->policy(-key => 'PORT_SEARCH_ALGO', -network => $network), )%> </TD></TR> <TR> <TD CLASS='left'>PORT_CACHE</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'policy:PORT_CACHE', -values => ['ON', 'OFF'], -default => ($np->cfg->policy(-key => 'PORT_CACHE', -network => $network)) ? 'ON' : 'OFF', )%> </TD></TR> <TR> <TD CLASS='left'>UNQUAR_ON_LINKUP</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'policy:UNQUAR_ON_LINKUP', -values => ['ON', 'OFF', 'ITDEPENDS'], -default => ($np->cfg->policy(-key => 'UNQUAR_ON_LINKUP', -network => $network) eq 'ITDEPENDS') ? 'ITDEPENDS' : ($np->cfg->policy(-key => 'UNQUAR_ON_LINKUP', -network => $network)) ? 'ON' : 'OFF', )%> </TD></TR> <TR> <TD CLASS='left'>Enable ResetPort?</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'policy:resetport', -values => ['on', 'off'], -default => ($np->cfg->policy(-key => 'resetport', -network => $network)) ? 'on': 'off', )%> </TD></TR> <TR> <TD CLASS='left'>Enable MacScan?</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'policy:macscan', -values => ['on', 'off'], -default => ($np->cfg->policy(-key => 'macscan', -network => $network)) ? 'on': 'off', )%> </TD></TR> <TR> <TD CLASS='left'>Require Nessus to register?</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'policy:nessus', -values => ['on', 'off'], -default => ($np->cfg->policy(-key => 'resetport', -network => $network)) ? 'on': 'off', )%> </TD></TR> <TR> <TD CLASS='left'>LDAP Query URL</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:LDAP_USER_QUERY', -value => $np->cfg->policy(-key => 'LDAP_USER_QUERY', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>LDAP Popup Width</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:LDAP_POPUP_WIDTH', -value => $np->cfg->policy(-key => 'LDAP_POPUP_WIDTH', -network => $network), -size => 5, )%> </TD></TR> <TR> <TD CLASS='left'>LDAP Popup Height</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:LDAP_POPUP_HEIGHT', -value => $np->cfg->policy(-key => 'LDAP_POPUP_HEIGHT', -network => $network), -size => 5, )%> </TD></TR> <TR> <TD CLASS='left'>Username Prompt</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:USERNAME_PROMPT', -value => $np->cfg->policy(-key => 'USERNAME_PROMPT', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>Password Prompt</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:PASSWORD_PROMPT', -value => $np->cfg->policy(-key => 'PASSWORD_PROMPT', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>Company Name</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:COMPANY_NAME', -value => $np->cfg->policy(-key => 'COMPANY_NAME', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>Company Abbreviation</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:COMPANY_SHORT_NAME', -value => $np->cfg->policy(-key => 'COMPANY_SHORT_NAME', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>Organization Name</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:COMPANY_UNIT_NAME', -value => $np->cfg->policy(-key => 'COMPANY_UNIT_NAME', -network => $network), -size => 25, )%> </TD></TR> <TR> <TD CLASS='left'>Example IP Address</TD> <TD CLASS='right'> <%$q->textfield ( -name => 'policy:EXAMPLE_IPADDR', -value => $np->cfg->policy(-key => 'EXAMPLE_IPADDR', -network => $network), -size => 16, )%> </TD></TR> </TBODY></TABLE> Index: LockConfig =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/LockConfig,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- LockConfig 1 May 2005 17:39:08 -0000 1.6 +++ LockConfig 3 May 2005 16:13:22 -0000 1.7 @@ -72,7 +72,7 @@ } lockOpPending = true; - var url = "lockcfg.mhtml?printable=2&lock="+lock +"&force="+force; + var url = "cmd/lockcfg.mhtml?printable=2&lock="+lock +"&force="+force; xmlhttp.open("GET", url , true); xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState == 4) { |
|
From: jeff m. <jef...@us...> - 2005-05-02 18:43:12
|
Update of /cvsroot/netpass/NetPass/install.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4980/install.d Modified Files: convertdb Log Message: db changes Index: convertdb =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/convertdb,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- convertdb 2 May 2005 17:06:25 -0000 1.3 +++ convertdb 2 May 2005 18:43:02 -0000 1.4 @@ -36,7 +36,7 @@ #Error 1296: Got error 241 'Invalid schema object version' from ndbcluster when dumping table `users` at row: 0 # on the first attempt (when you run this on another server) -for i in users config ; do +for i in users config pages nessusScans snortRules ; do myecho "Backing up $i table to /tmp/$i.sql .." $MD -ce -u root netpass $i 2> /dev/null > /tmp/${i}.sql $MD -ce -u root netpass $i 2> /dev/null > /tmp/${i}.sql @@ -69,7 +69,7 @@ myecho "Re-importing config data ..." -for i in users config ; do +for i in users config pages nessusScans snortRules ; do myecho " from /tmp/$i.sql to table $i ..." $M -fu root netpass < /tmp/${i}.sql done |
|
From: jeff m. <jef...@us...> - 2005-05-02 17:06:38
|
Update of /cvsroot/netpass/NetPass/install.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14910/install.d Modified Files: convertdb tables.sql Added Files: create-indexes.sql drop-indexes.sql drop-tables.sql Log Message: db changes --- NEW FILE: drop-indexes.sql --- USE netpass; DROP INDEX results_idx1 ON results; DROP INDEX results_idx2 ON results; DROP INDEX results_idx3 ON results; DROP INDEX config_idx1 ON config; DROP INDEX pages_idx1 ON pages; DROP INDEX clientHistory_idx1 ON clientHistory; DROP INDEX clientHistory_idx2 ON clientHistory; DROP INDEX nessusScans_idx1 ON nessusScans; DROP INDEX snortRules_idx1 ON snortRules; DROP INDEX appStarter_idx1 ON appStarter; DROP INDEX stats_procs_idx1 ON stats_procs; DROP INDEX stats_procs_idx2 ON stats_procs; DROP INDEX urlFilters_idx1 ON urlFilters; DROP INDEX testConfig_idx1 ON testConfig; Index: tables.sql =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/tables.sql,v retrieving revision 1.15 retrieving revision 1.16 diff -u -d -r1.15 -r1.16 --- tables.sql 1 May 2005 05:44:10 -0000 1.15 +++ tables.sql 2 May 2005 17:06:25 -0000 1.16 @@ -13,7 +13,6 @@ registeredOn DATETIME, status ENUM('QUAR', 'PQUAR', 'UNQUAR', 'PUNQUAR') NOT NULL, uqlinkup ENUM('yes', 'no') NOT NULL DEFAULT 'no', - message TEXT, username VARCHAR(16) NOT NULL, OS VARCHAR(255), switchIP VARCHAR(128), @@ -114,12 +113,12 @@ ) ENGINE=MyISAM; CREATE TABLE clientHistory ( - chid INTEGER UNSIGNED AUTO_INCREMENT NOT NULL, + rowid INTEGER UNSIGNED AUTO_INCREMENT NOT NULL, macAddress VARCHAR(32) NOT NULL, username VARCHAR(32) NOT NULL, dt DATETIME NOT NULL, notes TEXT NOT NULL, - PRIMARY KEY (chid) + PRIMARY KEY (rowid) ) ENGINE=NDBCLUSTER; CREATE INDEX clientHistory_idx1 ON clientHistory (macAddress); @@ -170,6 +169,17 @@ CREATE INDEX snortRules_idx1 ON snortRules (status); +CREATE TABLE testConfig ( + rowid INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, + testType VARCHAR(32) NOT NULL, + ID VARCHAR(128) NOT NULL, + status enum('enabled', 'disabled') NOT NULL default 'disabled', + network VARCHAR(128) NOT NULL default 'default', + PRIMARY KEY (rowid) +) ENGINE=NDBCLUSTER; + +CREATE INDEX testConfig_idx1 ON testConfig (testType, ID, status, network); + CREATE TABLE appStarter ( rowid INTEGER UNSIGNED AUTO_INCREMENT, requested DATETIME, @@ -192,7 +202,7 @@ ) ENGINE=NDBCLUSTER; CREATE INDEX stats_procs_idx1 ON stats_procs (dt); -CREATE INDEX stats_procs_idx1 ON stats_procs (proc); +CREATE INDEX stats_procs_idx2 ON stats_procs (proc); CREATE TABLE urlFilters ( rowid INTEGER UNSIGNED AUTO_INCREMENT, @@ -203,45 +213,45 @@ PRIMARY KEY (rowid) ); -CREATE UNIQUE INDEX on urlFilters (url, network); +CREATE UNIQUE INDEX urlFilters_idx1 ON urlFilters (url, network); -insert into urlFilters values ('itpolicies\.buffalo\.edu', NULL, 'default', 'permit'); -insert into urlFilters values ('netpass\.buffalo\.edu', NULL, 'default', 'permit'); -insert into urlFilters values ('cert\.org', NULL, 'default', 'permit'); -insert into urlFilters values ('download\.microsoft\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('lavasoftusa\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('microsoft\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('protect\.microsoft\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('redhat\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('securityresponse\.symantec\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('service1\.symantec\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('support\.microsoft\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('swquery\.apple\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('swscan\.apple\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('symantecliveupdate\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('us\.mcafee\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('vil\.nai\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('windows\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('windowsupdate\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('windowsupdate\.microsoft\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('wings\.buffalo\.edu', NULL, 'default', 'permit'); -insert into urlFilters values ('www\.microsoft\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('www\.sans\.org', NULL, 'default', 'permit'); -insert into urlFilters values ('www\.sophos\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'itpolicies\.buffalo\.edu', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'netpass\.buffalo\.edu', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'cert\.org', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'download\.microsoft\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'lavasoftusa\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'microsoft\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'protect\.microsoft\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'redhat\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'securityresponse\.symantec\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'service1\.symantec\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'support\.microsoft\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'swquery\.apple\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'swscan\.apple\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'symantecliveupdate\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'us\.mcafee\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'vil\.nai\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'windows\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'windowsupdate\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'windowsupdate\.microsoft\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'wings\.buffalo\.edu', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'www\.microsoft\.com', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'www\.sans\.org', NULL, 'default', 'permit'); +insert into urlFilters values (NULL,'www\.sophos\.com', NULL, 'default', 'permit'); -insert into urlFilters values ('command\.weatherbug\.com', NULL, 'default', 'block'); -insert into urlFilters values ('isapi60\.weatherbug\.com', NULL, 'default', 'block'); -insert into urlFilters values ('wisapidata\.weatherbug\.com', NULL, 'default', 'block'); -insert into urlFilters values ('config\.180solutions\.com', NULL, 'default', 'block'); -insert into urlFilters values ('ping\.180solutions\.com', NULL, 'default', 'block'); -insert into urlFilters values ('desktop3\.weather\.com', NULL, 'default', 'block'); -insert into urlFilters values ('image\.weather\.com', NULL, 'default', 'block'); -insert into urlFilters values ('www\.statblaster\.com/updatestats', NULL, 'default', 'block'); -insert into urlFilters values ('www\.mydailyhoroscope\.net/mdh/AdResponse\.aspx', NULL, 'default','block'); -insert into urlFilters values ('204\.177\.92\.204/w/getclientid', NULL, 'default', 'block'); -insert into urlFilters values ('client\.warez\.com/data/gcache\.php', NULL, 'default', 'block'); -insert into urlFilters values ('http://sports\.espn\.go\.com/espn/espnmotion/ESPNMotionXMLv4', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'command\.weatherbug\.com', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'isapi60\.weatherbug\.com', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'wisapidata\.weatherbug\.com', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'config\.180solutions\.com', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'ping\.180solutions\.com', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'desktop3\.weather\.com', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'image\.weather\.com', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'www\.statblaster\.com/updatestats', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'www\.mydailyhoroscope\.net/mdh/AdResponse\.aspx', NULL, 'default','block'); +insert into urlFilters values (NULL,'204\.177\.92\.204/w/getclientid', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'client\.warez\.com/data/gcache\.php', NULL, 'default', 'block'); +insert into urlFilters values (NULL,'http://sports\.espn\.go\.com/espn/espnmotion/ESPNMotionXMLv4', NULL, 'default', 'block'); -insert into urlFilters values ('DEFAULT', 'http://npvip-d.cit.buffalo.edu/?url=%u', 'default', 'hard-redirect'); +insert into urlFilters values (NULL,'DEFAULT', 'http://npvip-d.cit.buffalo.edu/?url=%u', 'default', 'hard-redirect'); --- NEW FILE: create-indexes.sql --- USE netpass; CREATE INDEX results_idx1 ON results (macAddress); CREATE INDEX results_idx2 ON results (macAddress, testType); CREATE INDEX results_idx3 ON results (macAddress, status); CREATE INDEX config_idx1 ON config (dt); CREATE UNIQUE INDEX pages_idx1 ON pages (name, network); CREATE INDEX clientHistory_idx1 ON clientHistory (macAddress); CREATE INDEX clientHistory_idx2 ON clientHistory (dt); CREATE INDEX nessusScans_idx1 ON nessusScans (status); CREATE INDEX snortRules_idx1 ON snortRules (status); CREATE INDEX appStarter_idx1 ON appStarter (status); CREATE INDEX stats_procs_idx1 ON stats_procs (dt); CREATE INDEX stats_procs_idx2 ON stats_procs (proc); CREATE UNIQUE INDEX urlFilters_idx1 ON urlFilters (url, network); Index: convertdb =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/convertdb,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- convertdb 15 Oct 2004 19:02:57 -0000 1.2 +++ convertdb 2 May 2005 17:06:25 -0000 1.3 @@ -4,145 +4,76 @@ echo `date` $* } +B="install.d" -# 0.9x to 0.96 - -for i in portMoves register audit ; do - myecho "Backing up $i table to /tmp/$i.sql .." - mysqldump -ce -u root netpass $i > /tmp/${i}.sql -done - -########################################################## - -myecho "Upgrading portMoves table.." - - -mysql -u root netpass <<EOF - -ALTER TABLE portMoves ADD requestedBy VARCHAR(128) DEFAULT ''; -CREATE INDEX portMoves_idx1 ON portMoves (requested); -CREATE INDEX portMoves_idx2 ON portMoves (switchIP, switchPort); +[ ! -d $B ] && { + echo "run this script from the root of the netpass source tree" + echo "for example: cd /tmp/NetPass && install.d/convertdb" + exit 255 +} -EOF +MD=`which mysqldump 2>/dev/null ` +M=`which mysql 2>/dev/null` +[ x"$MD" = "x" ] && { + echo "can't find mysqldump command. update your PATH." + exit 255; +} -########################################################## +[ x"$M" = "x" ] && { + echo "can't find mysql command. update your PATH." + exit 255; +} -myecho "Upgrading register table.." +echo "using mysqldump = $MD" +echo " mysql = $M" -mysql -s -f -u root netpass > /dev/null 2>&1 <<EOF -DROP TABLE register2; +# 2.00beta to 2.00beta (mysql cluster patch) -EOF +# we do the dump twice. cluster will sometimes report +#Error 1296: Got error 241 'Invalid schema object version' from ndbcluster when dumping table `users` at row: 0 +# on the first attempt (when you run this on another server) +for i in users config ; do + myecho "Backing up $i table to /tmp/$i.sql .." + $MD -ce -u root netpass $i 2> /dev/null > /tmp/${i}.sql + $MD -ce -u root netpass $i 2> /dev/null > /tmp/${i}.sql +done ########################################################## +myecho "Dropping indexes ..." - -mysql -u root netpass <<EOF - -CREATE TABLE register2 ( - macAddress TINYTEXT NOT NULL, - ipAddress VARCHAR(64) NOT NULL, - firstSeen DATETIME NOT NULL, - registeredOn DATETIME, - status ENUM('QUAR', 'PQUAR', 'UNQUAR', 'PUNQUAR') NOT NULL, - uqlinkup ENUM('yes', 'no') NOT NULL DEFAULT 'no', - message TEXT, - username VARCHAR(16) NOT NULL, - OS VARCHAR(255), - switchIP VARCHAR(128), - switchPort SMALLINT, - - PRIMARY KEY(macAddress(12)) -) TYPE=MyISAM; - - -INSERT INTO register2 (macAddress, - ipAddress, firstSeen, registeredOn, status, - uqlinkup, message, username, OS, switchIP, switchPort) - SELECT RIGHT(CONCAT('000000000000', LOWER(HEX(register.macAddress))), 12), - register.ipAddress, register.firstSeen, register.registeredOn, - register.status, - register.uqlinkup, register.message, register.username, - register.OS, register.switchIP, register.switchPort - FROM register; - -DROP TABLE register; - -ALTER TABLE register2 RENAME register; - -EOF +$M -fu root netpass > /dev/null 2>&1 < $B/drop-indexes.sql ########################################################## +myecho "Dropping tables ..." -myecho "Upgrading audit table.." - -mysql -s -f -u root netpass > /dev/null 2>&1 <<EOF - -DROP TABLE audit2; - -EOF - - -# because the audit table is fairly large, we apply the indices -# after the copy. this should speed the copy up quite a bit. - - -mysql -u root netpass <<EOF - -CREATE TABLE audit2 ( - ts DATETIME NOT NULL, - server VARCHAR(128), - username VARCHAR(32), - ipAddress VARCHAR(64), - macAddress TINYTEXT, - severity ENUM('DEBUG', 'ALERT', 'CRITICAL', 'ERROR', - 'WARNING', 'NOTICE', 'INFO') - NOT NULL, - location VARCHAR(255), - message text NOT NULL - -) TYPE=MyISAM; - - -INSERT INTO audit2 (macAddress, - ts, server, username, ipAddress, severity, location, - message) - SELECT RIGHT(CONCAT('000000000000', LOWER(HEX(audit.macAddress))), 12), - audit.ts, audit.server, audit.username, - audit.ipAddress, audit.severity, audit.location, - audit.message - FROM audit; - -DROP TABLE audit; +$M -s -f -u root netpass > /dev/null 2>&1 < $B/drop-tables.sql -ALTER TABLE audit2 RENAME audit; -EOF +########################################################## -myecho "Indexing audit table.." +myecho "Creating tables ..." +$M -fu root netpass < $B/tables.sql -mysql -u root netpass <<EOF -CREATE INDEX audit_idx1 ON audit (username(8)); -CREATE INDEX audit_idx2 ON audit (ipAddress); -CREATE INDEX audit_idx3 ON audit (macAddress(12)); -CREATE INDEX audit_idx4 ON audit (ts); -CREATE FULLTEXT INDEX audit_idx5 ON audit (message); +########################################################## -EOF +myecho "Re-importing config data ..." +for i in users config ; do + myecho " from /tmp/$i.sql to table $i ..." + $M -fu root netpass < /tmp/${i}.sql +done -myecho "Done indexing audit table.." -myecho "Upgrade complete." +myecho "Upgrade complete. Run this script on all netpass servers." exit 0 --- NEW FILE: drop-tables.sql --- use netpass; DROP TABLE register; DROP TABLE results; DROP TABLE policy; DROP TABLE users; DROP TABLE config; DROP TABLE passwd; DROP TABLE pages; DROP TABLE portMoves; DROP TABLE audit; DROP TABLE clientHistory; DROP TABLE nessusScans; DROP TABLE snortRules; DROP TABLE appStarter; DROP TABLE stats_procs; DROP TABLE urlFilters; DROP TABLE testConfig; |
