netpass-devel Mailing List for NetPass (Page 16)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: jeff m. <jef...@us...> - 2005-05-02 17:06:35
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14910/lib/NetPass Modified Files: Config.pm Log Message: db changes Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.32 retrieving revision 1.33 diff -u -d -r1.32 -r1.33 --- Config.pm 1 May 2005 19:46:03 -0000 1.32 +++ Config.pm 2 May 2005 17:06:25 -0000 1.33 @@ -760,8 +760,6 @@ sub policy { my $self = shift; - _log("DEBUG", $self->debug."\n"); - my $parms = parse_parms({ -parms => \@_, -legal => [qw(-key -network -val)], |
|
From: jeff m. <jef...@us...> - 2005-05-02 17:06:35
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14910 Modified Files: MANIFEST Log Message: db changes Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.35 retrieving revision 1.36 diff -u -d -r1.35 -r1.36 --- MANIFEST 1 May 2005 17:39:08 -0000 1.35 +++ MANIFEST 2 May 2005 17:06:25 -0000 1.36 @@ -97,8 +97,11 @@ install.d/ldirectord.cf install.d/testpm install.d/snmptrapd +install.d/drop-tables.sql install.d/install-ipvs.sh +install.d/drop-indexes.sql install.d/sysconfig.snort +install.d/create-indexes.sql lib/Bundle/NetPass/API.pm lib/Bundle/NetPass1.pm lib/Bundle/NetPass2.pm |
|
From: jeff m. <jef...@us...> - 2005-05-01 19:46:13
|
Update of /cvsroot/netpass/NetPass/www/htdocs In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28167/www/htdocs Modified Files: netpass.mhtml Log Message: strike system feature Index: netpass.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/netpass.mhtml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- netpass.mhtml 24 Apr 2005 03:42:03 -0000 1.7 +++ netpass.mhtml 1 May 2005 19:46:04 -0000 1.8 @@ -96,12 +96,42 @@ print "<meta http-equiv=\"Refresh\" content=\"15;$url\">"; } + my $existingHost = $np->db->macIsRegistered($mac); + _log("DEBUG", "$mac $ip registerHost()\n"); $np->db->registerHost($m->session->{'remote_mac'}, $m->session->{'remote_addr'}, $m->session->{'remote_os'}, $m->session->{'username'}); + # if this wasn't a pre-existing (already registered) host, then any + # user-fixed results are converted to 'fixed'. the situation is: + # a new client arrives, and clicks 'fixed' a bunch of times. since they + # arent yet registered, they won't appear in quarctl, so an admin cant + # change the results to 'fixed'. because of that, we dont apply strikes to + # unregistered hosts. they can click 'fixed' as much as they like (but will + # never get out of quarantine until they register). but, since we disable + # strikes for unregistered hosts, but are still recording results for them, + # once they register, all of those 'user-fixed' results get attached to + # their registration and can exhaust their alotted strikes. so we change + # them to 'fixed' upon registration - this allows us to keep some history + # on the client, and give them a clean slate to start out with. + + if (!$existingHost) { + _log("DEBUG", "$mac $ip changing user-fixed to fixed\n"); + my $ufr = $np->db->getResults(-mac => $mac, -status => 'user-fixed'); + if (ref($ufr) eq "HASH") { + for (my $rn = 0 ; $rn <= $#{$ufr->{'rowid'}} ; $rn++) { + my $rv = $np->db->updateResult(-mac => $mac, -ip => $ip, + -rowid => $ufr->{'rowid'}->[0], + -status => 'fixed'); + if ($rv) { + _log("ERROR", "$mac $ip updateResult failed: $rv\n"); + } + } + } + } + my $sw = $m->session->{'switch'}; my $po = $m->session->{'port'}; |
|
From: jeff m. <jef...@us...> - 2005-05-01 19:46:13
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28167/www/htdocs/Admin Modified Files: qc.mhtml Log Message: strike system feature Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.19 retrieving revision 1.20 diff -u -d -r1.19 -r1.20 --- qc.mhtml 1 May 2005 05:44:12 -0000 1.19 +++ qc.mhtml 1 May 2005 19:46:04 -0000 1.20 @@ -85,7 +85,7 @@ // OK rowid // NOK rowid - if ( (ra.length > 2) && (ra[i] == "OK")) { + if ( (ra.length >= 2) && (ra[i] == "OK")) { var o = document.getElementById('results-row-'+ra[i+1]); if (o) { o.style.display = 'none'; @@ -338,14 +338,14 @@ </tr> % } % for(my $rn = 0 ; $rn <= $#{$myUFixedResults->{'type'}} ; $rn++) { - <tr id='results-row-<%$myPendingResults->{'rowid'}->[$rn]%>'> + <tr id='results-row-<%$myUFixedResults->{'rowid'}->[$rn]%>'> <td><%$myUFixedResults->{'type'}->[$rn]%></td> <td><%$myUFixedResults->{'id'}->[$rn]%></td> <td><%$myUFixedResults->{'dt'}->[$rn]%></td> <td><%$q->popup_menu(-name => 'result:'.$macAddress, -values => [ 'pending', 'fixed', 'user-fixed' ], -default => $myUFixedResults->{'status'}->[$rn], - -id => qq{results-status-$myPendingResults->{'rowid'}->[$rn]}, + -id => qq{results-status-$myUFixedResults->{'rowid'}->[$rn]}, -onchange => qq{quarctl_changeResult('$macAddress', '$myUFixedResults->{'rowid'}->[$rn]')})%></td> </tr> |
|
From: jeff m. <jef...@us...> - 2005-05-01 19:46:12
|
Update of /cvsroot/netpass/NetPass/www/components/Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28167/www/components/Client Modified Files: ShowResults Log Message: strike system feature Index: ShowResults =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/ShowResults,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- ShowResults 1 May 2005 05:44:11 -0000 1.4 +++ ShowResults 1 May 2005 19:46:04 -0000 1.5 @@ -1,4 +1,26 @@ <%doc> +MODULE + ShowResults (Mason) + +DESCRIPTION + This module fetches the results from the database for + the client specified in the session (mac address) and + displays those results. + + If there is only one result, the javascript expand/collapse + thing is suppressed. If there is more than one result, + the JS E/C thing is used if JS is available. + + RESULTS_EXPAND determines the threshold at which point results + are shown collapsed by default. + + We also examine each result. If the user has previous results + that match in all respects and whose status is "user-fixed" then + we apply the 'strike' system. This means that if the sum + of previous 'user-fixed' results and the current result is + greater than the strikes setting, the user can no longer + simply click 'Fixed'. They must contact an Admin to have their + previous results changed to a status of "fixed". </%doc> <%args> $mac => ''; @@ -11,8 +33,37 @@ <%perl> my $results = $np->db->getResults(-mac => $mac); -my $nres = $#{$results->{'type'}}; +my $nres = -1; +if (ref($results) eq "HASH") { + $nres = $#{$results->{'type'}}; +} else { + _log("ERROR", "$mac $ip getResults failed: $results\n"); +} + +# determine which results are no longer fixable because the user +# has exhausted their strikes. if strikes is zero, then strike system +# is disabled for this IP. if the MAC is not yet registered, then +# the strike system is also disabled. Once they register, all 'user-fixed' +# results are converted to 'fixed' (netpass.mhtml) +my $struckOut = {}; +my $maxStrikes = $np->cfg->policy(-key => 'STRIKES', -network => $ip); + +if ($np->db->macIsRegistered($mac) && $maxStrikes) { + + for(my $rn = 0 ; $rn <= $nres ; $rn++) { + my $uf = $np->db->getResults(-mac => $mac, + -status => 'user-fixed', + -type => $results->{'type'}->[$rn], + -id => $results->{'id'}->[$rn]); + _log("DEBUG", "$mac $ip history on ".$results->{'type'}->[$rn].":". + $results->{'id'}->[$rn]. " is ". $#{$uf->{'type'}}); + # +1 bc $# is zero relative, +1 again because it's prev result + cur result + if ( (ref($uf) eq "HASH") && ($#{$uf->{'type'}}+2 > $maxStrikes) ) { + $struckOut->{$uf->{'type'}->[0]} -> {$uf->{'id'}->[0]} = 1; + } + } +} if ($nres > -1) { @@ -39,11 +90,12 @@ $type = "manual"; $shortName = "Database failure."; $info = "msg:dbfailure"; - $description = "Sorry, something didn't work out quite right when I was looking at my database."; + $description = "Sorry, something didn't work out quite right while I was looking at my database."; } print qq{<tr><td colspan=3 align="right"> }; - print $q->submit(-name=>"fixed:$type:$sid:$rid", -value=>'Fixed') unless $pquar; + print $q->submit(-name=>"fixed:$type:$sid:$rid", -value=>'Fixed') + unless ($pquar || ($struckOut->{$type}->{$sid} == 1)); print qq{</td>}; print qq{</tr><tr><td colspan=3>}; @@ -55,6 +107,7 @@ # is supplied by nessus or snort. if($info =~ /^(nessus:|snort:)$/) { + $description =~ s/\\n/\n/g; print $q->pre($description); } elsif($info =~ /^msg:/) { @@ -97,7 +150,8 @@ } print qq{</td><td>$shortName</td>}; print qq{<td width="1%" align="right"> }; - print $q->submit(-name=>"fixed:$type:$sid:$rid", -value=>'Fixed') unless $pquar; + print $q->submit(-name=>"fixed:$type:$sid:$rid", -value=>'Fixed') + unless ($pquar || ($struckOut->{$type}->{$sid} == 1)); print qq{</td>}; print qq{</tr><tr><td colspan=3 class="gray">}; |
|
From: jeff m. <jef...@us...> - 2005-05-01 19:46:12
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28167/lib/NetPass Modified Files: Config.pm Log Message: strike system feature Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.31 retrieving revision 1.32 diff -u -d -r1.31 -r1.32 --- Config.pm 1 May 2005 13:02:49 -0000 1.31 +++ Config.pm 1 May 2005 19:46:03 -0000 1.32 @@ -760,6 +760,8 @@ sub policy { my $self = shift; + _log("DEBUG", $self->debug."\n"); + my $parms = parse_parms({ -parms => \@_, -legal => [qw(-key -network -val)], @@ -769,7 +771,7 @@ ); if (!defined($parms)) { - warn Carp::longmess("invalid parameters ".Class::ParmList->error); + _log("ERROR", Carp::longmess("invalid parameters ".Class::ParmList->error)."\n"); return undef; } |
|
From: jeff m. <jef...@us...> - 2005-05-01 17:39:17
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv809/www/htdocs/Admin Modified Files: gencfg.mhtml Log Message: gencfg lock/unlock gui fixes Index: gencfg.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/gencfg.mhtml,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- gencfg.mhtml 1 May 2005 05:44:12 -0000 1.11 +++ gencfg.mhtml 1 May 2005 17:39:08 -0000 1.12 @@ -27,8 +27,6 @@ <%perl> -use Config::General; - my ($isRoot, $groups) = $m->comp('/Admin/MemberOf', 'group' => 'default', 'acl' => [ 'Admin' ]); if (! $isRoot ) { @@ -36,8 +34,6 @@ return; } -my %config = $np->cfg->{'cfg'}->getall(); - my $restartnetpass = 0; my $restartnessus = 0; my $restarthttpd = 0; @@ -81,9 +77,10 @@ <h2>General Configuration</h2> +<input disabled id='submitButton' type='submit' name='submit' value='Commit Changes'> <P> + % $m->comp('/Admin/LockConfig', 'enableWhenLocked' => 'submitButton'); -<input id='submitButton' type='submit' name='submit' value='Commit Changes'> <P> <TABLE WIDTH=800 ID="policyConfig" class="expandable" CELLSPACING=2 CELLPADDING=2> <THEAD> @@ -102,6 +99,15 @@ <!--<a href="help.mhtml?printable=1&topic=MULTI_MAC" target='new' style='align:right;'>?</a>--> </TD></TR> <TR> +<TD CLASS='left'>Strikes</TD> +<TD CLASS='right'> +<%$q->textfield ( + -name => 'policy:STRIKES', + -value => $np->cfg->policy(-key => 'STRIKES'), + -size => 3, + )%> +</TD></TR> +<TR> <TD CLASS='left'>RESULTS_DISPLAY</TD> <TD CLASS='right'> <%$q->popup_menu ( |
|
From: jeff m. <jef...@us...> - 2005-05-01 17:39:17
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv809/www/components/Admin Modified Files: LockConfig Log Message: gencfg lock/unlock gui fixes Index: LockConfig =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/LockConfig,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- LockConfig 1 May 2005 05:44:11 -0000 1.5 +++ LockConfig 1 May 2005 17:39:08 -0000 1.6 @@ -1,7 +1,7 @@ <%doc> </%doc> <%args> - $enabledWhenLocked => ''; + $enableWhenLocked => ''; </%args> <script language="JavaScript"> @@ -15,40 +15,45 @@ b.innerHTML = "Lock Config"; } lockOpPending = false; - var ra = r.split(/\s/); + var ra = r.split(/\s+/); + var i = 0; + while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } - if (ra[0] == "OK") { + if (ra[i] == "OK") { // something succeeded - if (ra[1] == "lock") { + if (ra[i+1] == "lock") { // we got the lock, change button to // green and text to 'unlock' b.style.backgroundColor = '#77FF77'; b.innerHTML = 'Config is Locked (by you)<BR>Unlock Config'; adjust_onClick(b, "return lockConfig(0, 0);"); + enable_element('submitButton'); } else { // we got the unlock, button -> yellow // text -> 'lock' b.style.backgroundColor = '#FFFF77'; b.innerHTML = 'Config is Unlocked<BR>Lock Config'; adjust_onClick(b, "return lockConfig(1, 0);"); + disable_element('submitButton'); } } else { // something failed -//alert(r + " ral:" + ra.length + ' 1:' + ra[0] + ' 2:' + ra[1] + ' 3:' + ra[2]); - if (ra[1] == "lock") { + if (ra[i+1] == "lock") { // we didnt get the lock, change button to // red and text to 'force lock' b.style.backgroundColor = '#FF7777'; - b.innerHTML = 'Config is Locked by '+ra[2]+'<BR>Force Lock Config'; + b.innerHTML = 'Config is Locked by '+ra[i+2]+'<BR>Force Lock Config'; adjust_onClick(b, "return lockConfig(1, 1);"); + disable_element('submitButton'); } else { // we didnt get the unlock, // button -> red // text -> 'force unlock' b.style.backgroundColor = '#FF7777'; - b.innerHTML = 'Config is Locked by '+ra[2]+'<BR>Force Unlock Config'; + b.innerHTML = 'Config is Locked by '+ra[i+2]+'<BR>Force Unlock Config'; adjust_onClick(b, "return lockConfig(0, 1);"); + disable_element('submitButton'); } } } @@ -90,26 +95,53 @@ } } +function enable_element(o) { + if (!o) return; + var o2; + if (typeof o == "string") { + o2 = document.getElementById(o); + if (!o2) return; + } else { + o2 = o; + } + + o2.disabled = false; +} + +function disable_element(o) { + if (!o) return; + + var o2; + + if (typeof o == "string") { + o2 = document.getElementById(o); + if (!o2) return; + } + else { + o2 = o; + } + + o2.disabled = true; +} + --> </script> <style> -DIV.unlockedButton { - text-align: center; - width: 10em; - float: right; - display: block; - border: outset 2px black; - padding: 2px 5px 2px 5px; +DIV.lockButton { + text-align: center; + width: 10em; + float: right; + display: block; + border: outset 2px black; + padding: 2px 5px 2px 5px; background-color: #FFFF77; - cursor: pointer; + cursor: pointer; } </style> <div onclick="return false;" id='lockButton' - class='unlockedButton'>Thinking ...</div> - -<!--<div class='unlockedButton'>Testing<BR>Foobar</div>--> + class='lockButton'>Thinking ...</div> <%perl> my $lstat = $np->db->isConfigLocked(); @@ -118,10 +150,10 @@ # the config is locked if ($lstat->{'user'} eq $m->session->{'username'}) { # by us, so show the unlock button - print qq{<script>lockConfig_results("OK lock");</script>}; + print qq{<script>lockConfig_results("OK lock");enable_element('$enableWhenLocked');</script>}; } else { # but not by us, show the force unlock button - print qq{<script>lockConfig_results("NOK lock $lstat->{'user'}");</script>}; + print qq{<script>lockConfig_results("NOK lock $lstat->{'user'}");disable_element('$enableWhenLocked');</script>}; } } elsif ($lstat) { @@ -129,6 +161,6 @@ } else { # the config is not locked, show the lock button - print qq{<script>lockConfig_results("OK unlock");</script>}; + print qq{<script>lockConfig_results("OK unlock");disable_element('$enableWhenLocked');</script>}; } </%perl> |
|
From: jeff m. <jef...@us...> - 2005-05-01 17:39:16
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv809 Modified Files: MANIFEST Log Message: gencfg lock/unlock gui fixes Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.34 retrieving revision 1.35 diff -u -d -r1.34 -r1.35 --- MANIFEST 1 May 2005 05:55:45 -0000 1.34 +++ MANIFEST 1 May 2005 17:39:08 -0000 1.35 @@ -23,7 +23,6 @@ bin/proc_counter.pl bin/portmover.pl bin/npapid.pl -bin/npsnortd.pl bin/resetport-restart.sh bin/ciconf.pl bin/rm_stale_cookies.pl @@ -82,10 +81,7 @@ install.d/init.d/netpassha install.d/init.d/nessusd install.d/init.d/netpass -install.d/init.d/npstatusd -install.d/init.d/npcfgd install.d/init.d/npgarp -install.d/init.d/npsnortd install.d/init.d/apache install.d/init.d/swatch install.d/init.d/mysqld @@ -102,7 +98,6 @@ install.d/testpm install.d/snmptrapd install.d/install-ipvs.sh -install.d/sysconfig.npsnortd install.d/sysconfig.snort lib/Bundle/NetPass/API.pm lib/Bundle/NetPass1.pm @@ -115,7 +110,6 @@ lib/NetPass/Auth/Unix.pm lib/NetPass/Config.pm lib/NetPass/DB.pm -lib/NetPass/Snort.pm lib/NetPass/API.pm lib/NetPass/LOG.pm lib/NetPass/Nessus.pm |
|
From: Matt <mt...@us...> - 2005-05-01 14:07:03
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17017 Removed Files: npstatusd Log Message: --- npstatusd DELETED --- |
|
From: Matt <mt...@us...> - 2005-05-01 14:06:26
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16737 Removed Files: npcfgd Log Message: --- npcfgd DELETED --- |
|
From: Matt <mt...@us...> - 2005-05-01 14:05:50
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16438 Removed Files: npsnortd Log Message: --- npsnortd DELETED --- |
|
From: Matt <mt...@us...> - 2005-05-01 14:05:15
|
Update of /cvsroot/netpass/NetPass/install.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16107 Removed Files: sysconfig.npsnortd Log Message: --- sysconfig.npsnortd DELETED --- |
|
From: Matt <mt...@us...> - 2005-05-01 14:04:02
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15593 Removed Files: npsnortd.pl Log Message: --- npsnortd.pl DELETED --- |
|
From: Matt <mt...@us...> - 2005-05-01 14:03:19
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15290 Removed Files: Snort.pm Log Message: --- Snort.pm DELETED --- |
|
From: Matt <mt...@us...> - 2005-05-01 14:02:46
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15078 Modified Files: API.pm Log Message: Index: API.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/API.pm,v retrieving revision 1.14 retrieving revision 1.15 diff -u -d -r1.14 -r1.15 --- API.pm 22 Apr 2005 03:53:19 -0000 1.14 +++ API.pm 1 May 2005 14:02:35 -0000 1.15 @@ -41,20 +41,34 @@ return ($their_secret eq $my_secret) ? 1 : 0; }; -=head2 $aref = getSnortRules($secret, $type = <enabled | disabled | all>) +=head2 $aref = getSnortRules(-secret => $secret, -type => $type = <enabled | disabled | all> + -ignorequarrule => 0|1) -Retrieve snort rules registered in the NetPass database. Returns -an C<array reference> on success, C<undef> on failure. +Retrieve snort rules registered in the NetPass database. Arguments include +a secret, type either return all enabled rules, all disabled rules, or all +rules. Argument ignorequarrule will prepend vlan filtering rules to filter +quarantine traffic from being monitored by snort. Returns an C<array reference> +on success, C<undef> on failure. =cut sub getSnortRules { my $self = shift; - my $secret = shift; - my $type = shift; my $np = $::np; my @aref; + my $parms = parse_parms({ + -parms => \@_, + -legal => [ qw(-secret -type -ignorequarrule) ], + -defaults => { -secret => '', + -type => '', + -ignorequarrule => 0, + } + }); + + return "invalid params\n".Carp::longmess(Class::ParmList->error) if (!defined($parms)); + my ($secret, $type, $ignorequarrule) = $parms->get('-secret', '-type', '-ignorequarrule'); + return undef unless ($self->$check_soap_auth($secret)); return undef unless ($type =~ /^(enabled|disabled|all)$/); @@ -63,11 +77,13 @@ _log("DEBUG", "retrieving snort rules"); - foreach my $nw (@$network) { - my $qvlan = $np->cfg->quarantineVlan($nw); - next unless defined $qvlan; - push @aref, sprintf("pass tcp any any -> any any (vlan:%d;)\n", $qvlan); + if ($ignorequarrule) { + foreach my $nw (@$network) { + my $qvlan = $np->cfg->quarantineVlan($nw); + next unless defined $qvlan; + push @aref, sprintf("pass tcp any any -> any any (vlan:%d;)\n", $qvlan); + } } my $rules = $np->db->getSnortRules($type); |
|
From: Matt <mt...@us...> - 2005-05-01 13:04:06
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15204 Modified Files: import_snort_rules.pl Log Message: Index: import_snort_rules.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/import_snort_rules.pl,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- import_snort_rules.pl 25 Apr 2005 05:42:00 -0000 1.8 +++ import_snort_rules.pl 1 May 2005 13:03:57 -0000 1.9 @@ -117,7 +117,7 @@ -desc => $data->{$sid}{desc} ); - if ($rv != 1) { + if ($rv ne 1) { warn "failed to add $sid $rv"; } } |
|
From: Matt <mt...@us...> - 2005-05-01 13:03:20
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14835 Modified Files: index.mhtml Log Message: Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/index.mhtml,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- index.mhtml 27 Apr 2005 03:54:07 -0000 1.8 +++ index.mhtml 1 May 2005 13:03:11 -0000 1.9 @@ -47,8 +47,8 @@ foreach my $arg (keys %$args) { - my($a, $h, $p) = split('_', $arg); - $actions->{"$h:$p"} = $args->{$arg}; + my($a, $hp) = split('_', $arg); + $actions->{$hp} = $args->{$arg}; } foreach my $nw (@$networks) { @@ -59,22 +59,24 @@ push @rows, $q->TR( - $q->th({-colspan=>3}, "Snort Sensors") + $q->th({-colspan=>4}, "Snort Sensors") ). $q->TR({-class=>'gray'}, $q->td({-align=>"center"}, "Sensor"). $q->td({-align=>"center"}, "Status"). + $q->td({-align=>"center"}, "Mode"). $q->td({-align=>"center"}, "Action") ); foreach my $s (sort keys %$sensors) { my $rv = undef; - my $soap = makeSoapConnection($np, $s, $sensors->{$s}); + my $soap = makeSoapConnection($np, split(':', $s)); my $sec = $np->cfg->npapiSecret(); my $md5 = md5_hex(hostip.$sec); + my $srw = ($sensors->{$s} eq 'rw') ? 1 : 0; - if ($rw && defined $soap) { - my $a = $actions->{$s.':'.$sensors->{$s}}; + if ($rw && defined $soap && $srw) { + my $a = $actions->{$s}; if ($a eq "Start") { eval{$soap->startSnort($md5)->result}; @@ -92,32 +94,34 @@ $rv = eval{$soap->snortStatus($md5)->result} if defined $soap; push @rows, $q->TR({-class=>'gray'}, - $q->td({-width=>"40%"}, $s.':'.$sensors->{$s}). - $q->td({-width=>"20%", -align=>"center"}, ($rv) ? + $q->td({-width=>"35%"}, $s). + $q->td({-width=>"15%", -align=>"center"}, ($rv) ? "<B><FONT COLOR=green>Running</FONT></B>" : - "<B><FONT COLOR=red>Down</FONT></B>"). + "<B><FONT COLOR=red>Down</FONT></B>"). + $q->td({-width=>"10%", -align=>"center"}, + '<B>'.$sensors->{$s}.'</B>'). $q->td({-width=>"40%", -align=>"center"}, $q->submit( - -name => join('_', 'start', $s, $sensors->{$s}), + -name => join('_', 'start', $s), -value => 'Start', - (!$rv && $rw) ? "" : "disabled" + (!$rv && $rw && $srw) ? "" : "disabled" ). $q->submit( - -name => join('_', 'stop', $s, $sensors->{$s}), + -name => join('_', 'stop', $s), -value => 'Stop', - ($rv && $rw) ? "" : "disabled" + ($rv && $rw && $srw) ? "" : "disabled" ). $q->submit( - -name => join('_', 'restart', $s, $sensors->{$s}), + -name => join('_', 'restart', $s), -value => 'Restart', - ($rv && $rw) ? "" : "disabled" + ($rv && $rw && $srw) ? "" : "disabled" ) ) ); } - print $q->table( {-border=>0, -width=>500}, @rows); + print $q->table( {-border=>0, -width=>550}, @rows); return; } |
|
From: Matt <mt...@us...> - 2005-05-01 13:02:59
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14679 Modified Files: Config.pm Log Message: Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.30 retrieving revision 1.31 diff -u -d -r1.30 -r1.31 --- Config.pm 27 Apr 2005 03:54:07 -0000 1.30 +++ Config.pm 1 May 2005 13:02:49 -0000 1.31 @@ -531,8 +531,9 @@ =head2 $sensors = $cfg-E<gt>getSnortSensors(network) -Returns a HASHREF with the keys being address of the machine npsnortd -is running on and the values the port. Returns C<undef> on failure. +Returns a HASHREF with hostname:port of the sensor being the keys and +the values either ro|rw representing whether sensor modification is +permitted or not. Returns C<undef> on failure. =cut @@ -547,9 +548,8 @@ if (recur_exists($self->{'cfg'}, 'network', $nw, 'snort', 'servers')) { my $s = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); foreach ($s->keys('servers')) { - my($h, $p) = split(':', $_, 2); - $sensors->{$h} = $p; - + my $v = $s->obj('servers')->value($_); + $sensors->{$_} = ($v =~ /rw|ro/) ? $v : 'ro'; } return $sensors; } @@ -557,9 +557,8 @@ if (recur_exists($self->{'cfg'}, 'snort', 'servers')) { my $s = $self->{'cfg'}->obj('snort'); foreach ($s->keys('servers')) { - my($h, $p) = split(':', $_, 2); - $sensors->{$h} = $p; - + my $v = $s->obj('servers')->value($_); + $sensors->{$_} = ($v =~ /rw|ro/) ? $v : 'ro'; } return $sensors; } |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:55:56
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12353/lib/NetPass Modified Files: DB.pm Log Message: doc update Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.37 retrieving revision 1.38 diff -u -d -r1.37 -r1.38 --- DB.pm 1 May 2005 05:44:10 -0000 1.37 +++ DB.pm 1 May 2005 05:55:45 -0000 1.38 @@ -2083,7 +2083,7 @@ print $hr->{'type'}->[0] , ' ', $hr->{'id'}->[0] , ' ', - $hr->{'row'}->[0] , ' ', + $hr->{'rowid'}->[0] , ' ', $hr->{'timestamp'}->[0], ' ', $hr->{'dt'}->[0] , ' ', $hr->{'status'}->[0]; |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:55:54
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12353 Modified Files: MANIFEST Log Message: doc update Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.33 retrieving revision 1.34 diff -u -d -r1.33 -r1.34 --- MANIFEST 1 May 2005 05:44:10 -0000 1.33 +++ MANIFEST 1 May 2005 05:55:45 -0000 1.34 @@ -64,7 +64,6 @@ doc/npsnort.txt doc/netpass-install.sxw doc/snort-2.3.3-vlan.patch -doc/.mysqlcluster.txt.swp etc/netpass-example.conf etc/oui.txt install.d/logrotate.d/apache |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:45:03
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281 Modified Files: MANIFEST Log Message: QC results management, client code cleanup, admin perms cleanup Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.32 retrieving revision 1.33 diff -u -d -r1.32 -r1.33 --- MANIFEST 29 Apr 2005 00:32:35 -0000 1.32 +++ MANIFEST 1 May 2005 05:44:10 -0000 1.33 @@ -63,6 +63,8 @@ doc/nessus-install.txt doc/npsnort.txt doc/netpass-install.sxw +doc/snort-2.3.3-vlan.patch +doc/.mysqlcluster.txt.swp etc/netpass-example.conf etc/oui.txt install.d/logrotate.d/apache @@ -186,6 +188,7 @@ www/htdocs/Admin/chpwd.mhtml www/htdocs/Admin/auth.mhtml www/htdocs/Admin/lockcfg.mhtml +www/htdocs/Admin/cmd/setresult.mhtml www/htdocs/OSSTemplate/css/OSSTemplate.css.cgi www/htdocs/OSSTemplate/css/.htaccess www/htdocs/OSSTemplate/css/calendar.css |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:21
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/www/htdocs/Admin Modified Files: clienthistory.mhtml gencfg.mhtml lockcfg.mhtml qc.mhtml user.mhtml Log Message: QC results management, client code cleanup, admin perms cleanup Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.18 retrieving revision 1.19 diff -u -d -r1.18 -r1.19 --- qc.mhtml 29 Apr 2005 00:30:07 -0000 1.18 +++ qc.mhtml 1 May 2005 05:44:12 -0000 1.19 @@ -67,16 +67,65 @@ These tools might require additional access. If you get an access denied, click on the "Apply for an account" link and apply for a "Network Documentation" account. <P> -%} - - <ul> <li> <a target="_blank" href="http://netstats.cit.buffalo.edu/Maps/Layer2Traceroute.cgi">Layer 2 Traceroute</a> <li> <a target="_blank" href="http://netstats.cit.buffalo.edu/oss-bin/macip.cgi">IP to MAC Translator</a> </ul> +%} +<script language="JavaScript"><!-- +function quarctl_setresult_rv(r) { + if (r) { + var ra = r.split(/\s+/); + var i = 0; + while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } + + // OK rowid + // NOK rowid + + if ( (ra.length > 2) && (ra[i] == "OK")) { + var o = document.getElementById('results-row-'+ra[i+1]); + if (o) { + o.style.display = 'none'; + } + } + } +} + +function quarctl_changeResult(ma, rid) { + if (ma && rid) { + var o = document.getElementById('results-status-'+rid); + if (o) { + var url = "cmd/setresult.mhtml?printable=2&ma="+ma+"&rid="+rid+"&st="+o.value; + xmlhttp.open("GET", url, true); + xmlhttp.onreadystatechange = function() { + if (xmlhttp.readyState == 4) { + quarctl_setresult_rv(xmlhttp.responseText); + } + }; + xmlhttp.send(null); + } + } + return false; +} + +function quarctl_onchange_status(ma) { + if (ma) { + var mf = document.getElementById('message:' + ma); + var sf = document.getElementById('status:' + ma); + if (mf && sf) { + if ( (sf.value == "QUAR") || (sf.value == "PQUAR") ) { + mf.disabled = false; + } else { + mf.disabled = true; + } + } + } +} + +--></script> <%perl> print $q->start_form(-method => "POST"); @@ -210,100 +259,114 @@ my @rows = (); -push(@rows, $q->TR( - $q->td({-colspan=>8}, ' '). - $q->td({-colspan=>1, -align=>"right"}, - $q->submit(-name => "submit", -value => "Save Changes", $readOnly) - ) - ) -); - -push(@rows, $q->TR( - $q->th("First Seen") . - $q->th("Last Seen") . - $q->th($np->cfg->policy(-key => 'USERNAME_PROMPT', -network => $ENV{'REMOTE_ADDR'}) || "Username") . - $q->th("IP Address") . - $q->th("Mac Address") . - $q->th("Unquar<BR>When?") . - $q->th("Status") . - $q->th("History") . - $q->th("Add Result") - ) -); - -while (my $row = $results->fetchrow_hashref() ) { - push( @rows, $q->TR( - $q->td({-align=>'center'}, $row->{lastSeen}) . - $q->td({-align=>'center'}, $row->{registeredOn}) . - $q->td({-align=>'center'}, $row->{username}) . - $q->td({-align=>'center'}, $row->{ipAddress}) . - $q->td({-align=>'center'}, "<code>", NetPass::padMac($row->{macAddress})), "</code>" . - $q->td({-align=>'center'}, - $q->popup_menu( - -name => "uqlinkup:" . $row->{macAddress}, - -values => [ 'no', 'yes' ], - -labels => { - "no" => "Web Visit", - "yes" => "Link Up" - }, - -default => $row->{uqlinkup}, $readOnly - ), "\n",), +</%perl> +<table width='80%'> +<tr><td colspan=8></td> + <td colspan=2 align='right'><input type='submit' name='submit' value='Save Changes' <%$readOnly%>></td> +</tr> +<tr><th>Registered On</th><th>Last Seen</th><th><%$np->cfg->policy(-key => 'USERNAME_PROMPT', -network => $ENV{'REMOTE_ADDR'}) || "Username"%> + <th>IP Address</th><th>MAC Address</th><th>Unquar<BR>When?</th><th>Status</th><th>Incident<BR>History</th><th>Results<br><span style='font-size:10pt;'>Pending/U-Fixed</span></th><th>Add Result</th></tr> - $q->td({-align=>'center'}, - $q->popup_menu( - -name => "status:" . $row->{macAddress}, - -values => $statuses, - -labels => { - "" => "Default Description" - }, - -default => $row->{status}, $readOnly - ), "\n", - $q->hidden( - -name => "ids", - -value => $row->{macAddress} - ), "\n", - $q->hidden( -name => 'ipAddr:' . $row->{macAddress}, - -value => $row->{ipAddress} - ), "\n", - $q->hidden( -name => 'messageOrig:' . $row->{macAddress}, - -value => defne($row->{message}) ? $row->{message} : "--None--" - ), "\n", - $q->hidden( -name => 'uqlinkupOrig:' . $row->{macAddress}, - -value => $row->{uqlinkup} - ), "\n", - $q->hidden( -name => 'statusOrig:' . $row->{macAddress}, - -value => $row->{status} - ), - ) . - $q->td({-align=>'center'}, - $q->a({-href => "clienthistory.mhtml?mac=".$row->{macAddress}}, - "[ view ]") - ) . - $q->td({-align=>'center'}, - $q->popup_menu( - -name => "message:" . $row->{macAddress}, - -values => $msgs, - -default => defne($row->{message}) ? $row->{message} : "--None--", $readOnly - ) - ) - )); -} -$results->finish(); +%while (my $row = $results->fetchrow_hashref() ) { +% my $myPendingResults = $np->db->getResults(-mac => $row->{'macAddress'}, -status => 'pending'); +% my $myUFixedResults = $np->db->getResults(-mac => $row->{'macAddress'}, -status => 'user-fixed'); +% my $nPR = 0; +% my $nUFR = 0; +% my $macAddress = $row->{'macAddress'}; +% my $disabled = ($row->{'status'} =~ /^[P]{0,1}QUAR$/i) ? "" : "disabled"; +% +% if (ref($myPendingResults) eq "HASH") { +% $nPR = $#{$myPendingResults->{'type'}} + 1; +% } else { +% print "<P class='error'>getResults($macAddress) failed: $myPendingResults</P>"; +% } +% if (ref($myUFixedResults) eq "HASH") { +% $nUFR = $#{$myUFixedResults->{'type'}} + 1; +% } else { +% print "<P class='error'>getResults($macAddress) failed: $myUFixedResults</P>"; +% } -push(@rows, $q->TR( - $q->td({-colspan=>8}, ' '). - $q->td({-colspan=>1, -align=>"right"}, - $q->submit(-name => "submit", -value => "Save Changes", $readOnly) - ) - ) -); +<tr> + <td align='center'><%$row->{'lastSeen'}%> + <input type='hidden' name='ids' value="<%$macAddress%>"> + <input type='hidden' name='ipAddr:<%$macAddress%>' value="<%$row->{'ipAddress'}%>"> + <input type='hidden' name='messageOrig:<%$macAddress%>' value="--None--"> + <input type='hidden' name='uqlinkupOrig:<%$macAddress%>' value="<%$row->{'uqlinkup'}%>"> + <input type='hidden' name='statusOrig:<%$macAddress%>' value="<%$row->{'status'}%>"> + </td> + <td align='center'><%$row->{'registeredOn'}%></td> + <td align='center'><%$row->{'username'}%></td> + <td align='center'><%$row->{'ipAddress'}%></td> + <td align='center'><code><%$row->{'macAddress'}%></code></td> + <td align='center'><%$q->popup_menu(-name => "uqlinkup:" . $row->{'macAddress'}, + -values => [ 'no', 'yes' ], + -labels => { + "no" => "Web Visit", + "yes" => "Link Up" + }, + -default => $row->{'uqlinkup'}, $readOnly)%></td> + <td align='center'><%$q->popup_menu(-name => "status:" . $row->{'macAddress'}, + -values => $statuses, + -labels => { + "" => "Default Description" + }, + -id => 'status:' . $macAddress, + -onchange => qq{quarctl_onchange_status('$macAddress');}, + -default => $row->{'status'}, $readOnly)%></td> + <td align='center'><a href="clienthistory.mhtml?mac=<%$macAddress%>">[ view ]</a></td> + <td align='center'><a onclick='return showHideObj2("results-<%$macAddress%>");' href="">[ <%$nPR%>/<%$nUFR%> ]</a></td> + <td align='center'><%$q->popup_menu(-name => "message:" . $row->{macAddress}, + -values => $msgs, + -id => 'message:'. $macAddress, + -default => "--None--", $readOnly||$disabled)%></td> +</tr> + <tr style='display:none;' id='results-<%$macAddress%>'><td colspan=7></td><td colspan=3> +% if ($nUFR || $nPR) { + <table width='100%'> + <tr><th>Type</th><th>ID</th><th>Time Entered</th><th>Status</th></tr> +% for(my $rn = 0 ; $rn <= $#{$myPendingResults->{'type'}} ; $rn++) { + <tr id='results-row-<%$myPendingResults->{'rowid'}->[$rn]%>'> + <td><%$myPendingResults->{'type'}->[$rn]%></td> + <td><%$myPendingResults->{'id'}->[$rn]%></td> + <td><%$myPendingResults->{'dt'}->[$rn]%></td> + <td><%$q->popup_menu(-name => 'result:'.$macAddress, + -values => [ 'pending', 'fixed', 'user-fixed' ], + -default => $myPendingResults->{'status'}->[$rn], + -id => qq{results-status-$myPendingResults->{'rowid'}->[$rn]}, + -onchange => qq{quarctl_changeResult('$macAddress', + '$myPendingResults->{'rowid'}->[$rn]')})%></td> + </tr> +% } +% for(my $rn = 0 ; $rn <= $#{$myUFixedResults->{'type'}} ; $rn++) { + <tr id='results-row-<%$myPendingResults->{'rowid'}->[$rn]%>'> + <td><%$myUFixedResults->{'type'}->[$rn]%></td> + <td><%$myUFixedResults->{'id'}->[$rn]%></td> + <td><%$myUFixedResults->{'dt'}->[$rn]%></td> + <td><%$q->popup_menu(-name => 'result:'.$macAddress, + -values => [ 'pending', 'fixed', 'user-fixed' ], + -default => $myUFixedResults->{'status'}->[$rn], + -id => qq{results-status-$myPendingResults->{'rowid'}->[$rn]}, + -onchange => qq{quarctl_changeResult('$macAddress', + '$myUFixedResults->{'rowid'}->[$rn]')})%></td> + </tr> +% } + </table> +% } else { + No results worth mentioning. +% } + </td></tr> +%} -print $q->table({-width=>'80%'}, @rows); +<tr><td colspan=8></td> + <td colspan=2 align='right'><input type='submit' name='submit' value='Save Changes' <%$readOnly%>></td> +</tr> +</table> -end_of_page:; +% end_of_page:; +<P> +<form> -print $q->p(); -print $q->end_form(); +<%perl> ####################### @@ -375,7 +438,7 @@ push(@params, $uqlinkup); } - my $query = "SELECT DATE_FORMAT(lastSeen, '%Y-%m-%d %H:%i:%s') as lastSeen, DATE_FORMAT(registeredOn, '%Y-%m-%d %H:%i:%s') as registeredOn, username, macAddress, ipAddress, OS, status, message, uqlinkup FROM register"; + my $query = "SELECT DATE_FORMAT(lastSeen, '%Y-%m-%d %H:%i:%s') as lastSeen, DATE_FORMAT(registeredOn, '%Y-%m-%d %H:%i:%s') as registeredOn, username, macAddress, ipAddress, OS, status, uqlinkup FROM register"; if($#clause>-1) { $query .= " WHERE " . join(" $type ", @clause) @@ -471,7 +534,6 @@ return "Failed to prepare sql: ".$dbh->errstr; } - #my $results = { 'mac' => [], type => [], id => [] }; my $resultsRV = ''; foreach my $mac (@$ids) { @@ -482,7 +544,9 @@ my $u_unc = 1; print "debug: processing mac $mac<P><UL>\n" if $D; - if ( ($args->{"message:$mac"} eq $args->{"messageOrig:$mac"}) ) { + # if message is "" then status is probably unquar and the field + # is disabled, resulting in an empty value. + if ( ($args->{"message:$mac"} eq "") || ($args->{"message:$mac"} eq $args->{"messageOrig:$mac"}) ) { if ($D) { print "debug: message is unchanged.<P>\n"; print qq{M=|$args->{"message:$mac"}|<P>\n}; @@ -572,7 +636,8 @@ if ($args->{"message:$mac"} eq "--None--") { return "Error: $mac PQUAR requires that you specify a message."; } else { - push @params, $args->{"message:$mac"}; + #push @params, $args->{"message:$mac"}; + push @params, undef; $resultsRV = $np->db->addResult(-mac => $mac, -type => 'manual', -id => $args->{"message:$mac"}); } @@ -582,7 +647,8 @@ if ($args->{"message:$mac"} eq "--None--") { push @params, undef; } else { - push @params, $args->{"message:$mac"}; + push @params, undef; + #push @params, $args->{"message:$mac"}; $resultsRV = $np->db->addResult(-mac => $mac, -type => 'manual', -force => 1, -id => $args->{"message:$mac"}); Index: gencfg.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/gencfg.mhtml,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- gencfg.mhtml 27 Apr 2005 03:54:07 -0000 1.10 +++ gencfg.mhtml 1 May 2005 05:44:12 -0000 1.11 @@ -42,8 +42,6 @@ my $restartnessus = 0; my $restarthttpd = 0; -# XX Not functional yet - if ($submit eq 'Commit Changes') { foreach my $ak ( keys %ARGS ) { if ($ak =~ /^(\S+):(\S+)$/) { @@ -83,9 +81,9 @@ <h2>General Configuration</h2> -% $m->comp('/Admin/LockConfig'); +% $m->comp('/Admin/LockConfig', 'enableWhenLocked' => 'submitButton'); -<input type='submit' name='submit' value='Commit Changes'> <P> +<input id='submitButton' type='submit' name='submit' value='Commit Changes'> <P> <TABLE WIDTH=800 ID="policyConfig" class="expandable" CELLSPACING=2 CELLPADDING=2> <THEAD> Index: user.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/user.mhtml,v retrieving revision 1.20 retrieving revision 1.21 diff -u -d -r1.20 -r1.21 --- user.mhtml 29 Apr 2005 00:30:08 -0000 1.20 +++ user.mhtml 1 May 2005 05:44:12 -0000 1.21 @@ -36,8 +36,7 @@ if (!$isRoot && !$isReadWrite) { print $q->p({-class=>'error'}, - "Sorry, permission denied.<BR>You must have one of: ". - join(', ', @rwACLs). " permissions on at least one group to use this form."); + "Sorry, you don't have access to this form."); return; } Index: lockcfg.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/lockcfg.mhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- lockcfg.mhtml 27 Apr 2005 03:54:07 -0000 1.3 +++ lockcfg.mhtml 1 May 2005 05:44:12 -0000 1.4 @@ -6,6 +6,16 @@ </%args> <%perl> +my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); +if (! $isRoot ) { + if ($lock) { + print "NOK lock permission denied\n"; + } else { + print "NOK unlock permission denied\n"; + } + return; +} + my $lstat = $np->db->isConfigLocked(); my $rv; Index: clienthistory.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/clienthistory.mhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- clienthistory.mhtml 20 Apr 2005 04:15:56 -0000 1.1 +++ clienthistory.mhtml 1 May 2005 05:44:12 -0000 1.2 @@ -15,20 +15,22 @@ <%perl> -my @rwGroups = ('Admin', 'QuarAdmin'); -my @roGroups = ('Reports'); my $readOnly = "disabled"; -my @aclGroups = (); -if (@aclGroups = $m->comp('/Admin/MemberOf', 'acl' => [ @rwGroups ])) { +my ($isRW, $rwGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin', 'QuarAdmin' ]); +my ($isRO, $roGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Reports' ]); +my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); + +if (! $isRW && ! $isRO ) { + print $q->p({-class=>'error'}, "Sorry, you don't have access to this form."); + return; +} + +if ($isRoot || $isRW) { $readOnly = ""; -} elsif (@aclGroups = $m->comp('/Admin/MemberOf', 'acl' => [ @roGroups ])) { +} +else { $readOnly = "disabled"; -} else { - print $q->p({-class=>'error'}, - "Sorry, permission denied.<BR>You must be in one of these groups: ", - join(',', @rwGroups, @roGroups)); - return; } my @rows; @@ -45,7 +47,7 @@ if (!$rv) { print $q->p({-class=>'error'}, - "Fatal Error Unable to add to History"); + "Unable to add to History: $rv"); } } @@ -55,7 +57,7 @@ push @rows, $q->TR( - $q->th({-colspan=>1}, "Add Client History") + $q->th({-colspan=>1}, "Add To Client History") ). $q->TR({-class=>'gray', -align=>"center"}, $q->td( @@ -76,34 +78,28 @@ ); my $history = $np->db->getClientHistory(-mac => $mac) if defined $mac; - -push @table, - $q->TR( - $q->th({-colspan=>1}, "Client History") - ); - -foreach my $dt (sort {$b cmp $a} keys %$history) { - my $user = $history->{$dt}->{username}; - my $notes = $history->{$dt}->{notes}; - my $macaddr = $history->{$dt}->{macAddress}; - $notes =~ s/\n/<BR>/g; - push @table, - $q->TR({-class=>'gray'}, - $q->td({-align=>"left"}, - "<DL> - <DT>$dt: Submitted by $username for mac = $macaddr</DT> - <DD>$notes</DD> - </DL> - " - ) - ); -} +my $results = $np->db->getResults(-mac => $mac, -status => 'any'); print $q->hidden(-name=>"mac", -value=>$mac); print $q->table( {-border=>0, -width=>600}, @rows); print $q->br(); -print $q->table( {-border=>0, -width=>600}, @table); -print $q->end_form(); - </%perl> +<table border="0"> +<tr><th>Client History</th><th>Results History</th></tr> +<tr class='gray'><td align='left'> +%foreach my $dt (sort {$b cmp $a} keys %$history) { +% my $user = $history->{$dt}->{username}; +% my $notes = $history->{$dt}->{notes}; +% my $macaddr = $history->{$dt}->{macAddress}; +% $notes =~ s/\n/<BR>/g; +<DL><DT><%$dt%>: Submitted by <%$username%> for mac = <%$macaddr%></DT> + <DD><%$notes%></DD></DL> +%} +</td><td align='left' style='vertical-align:top;'><PRE> +%for(my $i = 0 ; $i < $#{$results->{'type'}} ; $i++) { +<%$results->{'dt'}->[$i]%> <%$results->{'type'}->[$i]%> <%$results->{'id'}->[$i]%> <%$results->{'status'}->[$i]%> +%} +</pre></td></tr></table> +</form> + |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:21
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/www/htdocs/OSSTemplate/js Modified Files: OSSTemplate.js Log Message: QC results management, client code cleanup, admin perms cleanup Index: OSSTemplate.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/OSSTemplate.js,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- OSSTemplate.js 21 Apr 2005 18:08:07 -0000 1.3 +++ OSSTemplate.js 1 May 2005 05:44:12 -0000 1.4 @@ -54,6 +54,7 @@ } else { x.style.display = "none"; } + return false; } // end func function hideObj (obj) { |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:20
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/css In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/www/htdocs/OSSTemplate/css Modified Files: site.css Log Message: QC results management, client code cleanup, admin perms cleanup Index: site.css =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/css/site.css,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- site.css 23 Apr 2005 15:32:06 -0000 1.5 +++ site.css 1 May 2005 05:44:12 -0000 1.6 @@ -27,7 +27,7 @@ TH { font-weight: bold; - font-size: 14pt; + font-size: 12pt; color: #FFFFFF; background: #000000; |
