netpass-devel Mailing List for NetPass (Page 4)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: jeff m. <jef...@us...> - 2005-09-21 16:25:56
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24573/www/htdocs/Admin/cmd Modified Files: setresult.mhtml Log Message: audit logging for QC result changes Index: setresult.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd/setresult.mhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- setresult.mhtml 31 Aug 2005 20:09:17 -0000 1.3 +++ setresult.mhtml 21 Sep 2005 16:25:45 -0000 1.4 @@ -33,6 +33,7 @@ if ($rv) { print "NOK $rid failed: $rv\n"; } else { + $m->comp('/Audit', msg => [ "result changed for $ma to $st" ]); print "OK $rid\n"; } } |
|
From: jeff m. <jef...@us...> - 2005-09-19 15:27:13
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/reports In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13120/www/htdocs/Admin/reports Modified Files: bynet.mhtml Log Message: minor adjustments, 2.00 release Index: bynet.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/reports/bynet.mhtml,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- bynet.mhtml 9 Sep 2005 12:32:11 -0000 1.8 +++ bynet.mhtml 19 Sep 2005 15:26:56 -0000 1.9 @@ -142,7 +142,7 @@ printf("\n\ntotal registered = $totalClients\n"); printf("total act in quar = $totalInQuar (%2.2f%%)\n", - 100*($totalInQuar/$totalClients)); + $totalClients ? 100*($totalInQuar/$totalClients) : 0 ); #print "printing took ", tv_interval($t0), "secs\n"; |
|
From: jeff m. <jef...@us...> - 2005-09-19 15:27:05
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13120/bin Modified Files: resetport.pl Log Message: minor adjustments, 2.00 release Index: resetport.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/resetport.pl,v retrieving revision 1.16 retrieving revision 1.17 diff -u -d -r1.16 -r1.17 --- resetport.pl 3 Aug 2005 20:22:40 -0000 1.16 +++ resetport.pl 19 Sep 2005 15:26:56 -0000 1.17 @@ -175,7 +175,7 @@ my $threads = {}; my $me = threads->self; -my $ps = exists $opts{'t'} ? $opts{'t'} : 20; +my $ps = exists $opts{'t'} ? $opts{'t'} : 50; my $threadPool = {}; my $swThrAffin = {}; |
|
From: jeff m. <jef...@us...> - 2005-09-19 15:25:15
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12690/bin Modified Files: macscan.pl Log Message: macscan feature Index: macscan.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/macscan.pl,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- macscan.pl 3 Aug 2005 02:44:38 -0000 1.11 +++ macscan.pl 19 Sep 2005 15:25:03 -0000 1.12 @@ -13,13 +13,15 @@ =head1 SYNOPSIS - macscan.pl [-q] [-D] [-c cstr] [-U dbuser/dbpass] [-t thread-queue-size] [-s secs] + macscan.pl [-q] [-D] [-c cstr] [-U dbuser/dbpass] [-t thread-queue-size] [-s secs] [-n] [-1] -q be quiet. exit status only. -D enable debugging -c db connect string -U db user[/pass] -t thread queue size -s thread sleep time + -n not really + -1 run just once =head1 OPTIONS @@ -45,8 +47,8 @@ =item B<-t thead-queue-size> A number denoting how many switches to delegate to each thread for monitoring. -The default is 20. If you have 100 switches in your NetPass configuration, -5 threads will be spawned. Each thread will linearly search each switch for +The default is 50. If you have 100 switches in your NetPass configuration, +2 threads will be spawned. Each thread will linearly search each switch for multi-mac violations. Each thread requires a connection to the database, so don't set this number too low or you'll needless use DB resources. @@ -62,6 +64,16 @@ be somewhat (but not much) longer. You can estimate about 30 seconds to check a switch. +=item B<-n> + +"not really" means just report when we've found ports we'd like to move back +to quarantine - but don't really move them. + +=item B<-1> + +Run only once. Process all of the switches, give us a report of bad ports and +exit. Should be run along with -D + =back =head1 DESCRIPTION @@ -89,6 +101,7 @@ use strict; use threads; +use threads::shared; use Getopt::Std; use lib '/opt/netpass/lib/'; use FileHandle; @@ -103,7 +116,7 @@ } my %opts : shared; -getopts('c:U:qt:s:Dh?', \%opts); +getopts('c:U:qt:s:Dn1h?', \%opts); pod2usage(2) if exists $opts{'h'} || exists $opts{'?'}; # foreach network in <switchmap> { @@ -132,16 +145,20 @@ my $dbuser : shared; my $dbpass : shared; -($dbuser, $dbpass) = exists $opts{'U'} ? split('/', $opts{'U'}) : (undef, undef); +($dbuser, $dbpass) = exists $opts{'U'} ? split('/', $opts{'U'}) : (undef, undef); -my $cstr : shared = exists $opts{'c'} ? $opts{'c'} : undef; +my $cstr : shared = exists $opts{'c'} ? $opts{'c'} : undef; +my $notReally : shared = exists $opts{'n'} ? 1 : 0; +my $once : shared = exists $opts{'1'} ? 1 : 0; +my $badPorts = &share({}); +my $startTime = time(); print "Connecting to NetPass ..\n" if $D; my $np = new NetPass(-cstr => $cstr, - -dbuser => $dbuser, -dbpass => $dbpass, - -debug => exists $opts{'D'} ? 1 : 0, - -quiet => exists $opts{'q'} ? 1 : 0); + -dbuser => $dbuser, -dbpass => $dbpass); +# -debug => exists $opts{'D'} ? 1 : 0, +# -quiet => exists $opts{'q'} ? 1 : 0); die "Failed to connect to NetPass: $np\n" unless (ref($np) eq "NetPass"); @@ -152,12 +169,11 @@ my $allSwitches = $np->cfg->getSwitches(); - # we divide the switches up into groups of "$ps" # and give each group out to a thread for periodic # polling -my $ps = exists $opts{'t'} ? $opts{'t'} : 20; +my $ps = exists $opts{'t'} ? $opts{'t'} : 50; for(my $i = 0 ; $i <= $#{$allSwitches} ; $i += $ps) { my $end = $i + $ps - 1; @@ -172,6 +188,25 @@ $threads[0]->join; print "Parent thread joined\n" if $D; +if ($once) { + my $ns = netstats($np); + + print "Processed ", $ns->{'networks'}, " networks, "; + print $ns->{'switches'}, " switches and ", $ns->{'ports'}, " ports\n"; + print "in ", time()-$startTime, " seconds.\n\n"; + + print "Ports That Are Not In Quarantine But Should Be Report\n"; + print "(MAC status NR=not registered, Q=status is P/QUAR):\n\n"; + foreach my $switch (keys %$badPorts) { + print "$switch\n"; + foreach my $port (keys %{$badPorts->{$switch}}) { + print "\t$port : "; + print join(',', @{$badPorts->{$switch}->{$port}}); + print "\n"; + } + } + print qq{\n\nThere might be a "cleanup" error printed next. You can ignore it.\n\n}; +} exit 0; @@ -186,9 +221,9 @@ # this means we need a private NP. my $np = new NetPass(-cstr => $cstr, - -dbuser => $dbuser, -dbpass => $dbpass, - -debug => exists $opts{'D'} ? 1 : 0, - -quiet => exists $opts{'q'} ? 1 : 0); + -dbuser => $dbuser, -dbpass => $dbpass); + #-debug => exists $opts{'D'} ? 1 : 0, + #-quiet => exists $opts{'q'} ? 1 : 0); die "Failed to connect to NetPass: $np\n" unless (ref($np) eq "NetPass"); @@ -216,9 +251,9 @@ print "[$tid] Entering loop.\n" if $D; while ( 1 ) { + _log("DEBUG", "thread ".threads->self->tid. " wokeup\n"); for my $switch (sort keys %snmp) { - print "[$tid] Wokeup. Processing $switch ..\n" if $D; - _log("DEBUG", "thread ".threads->self->tid. " wokeup\n"); + print "[$tid] Processing $switch ..\n" if $D; my ($mp, $pm) = $snmp{$switch}->get_mac_port_table(); @@ -235,25 +270,36 @@ next if ($nw eq "none"); # port is not managed by netpass - _log("DEBUG", "getMatchingNetwork($switch, $p) = $nw\n") if $D; + #_log("DEBUG", "getMatchingNetwork($switch, $p) = $nw\n") if $D; + my $macscan = $np->cfg->policy(-key => 'MACSCAN', -network => $nw); my $multi_mac = $np->cfg->policy(-key => 'MULTI_MAC', -network => $nw); - if ($macscan == 0) { + if (0 && $macscan == 0) { # too verbose #_log("INFO", "macscan is disabled for this port: $switch/$p ($nw)\n"); next; } - if ($multi_mac ne "ALL_OK") { + if (0 && $multi_mac ne "ALL_OK") { # too verbose #_log("INFO", "multi_mac is $multi_mac for this port: $switch/$p ($nw)\n"); next; } + # if the port is already quarantined, don't bother going any further + my @av = $np->cfg->availableVlans(-switch => $switch, -port => $p); + + my $curVlanSetting = $snmp{$switch}->get_vlan_membership($p); + + if ($curVlanSetting->[0] == $av[1]) { + _log("INFO", "$switch $p is already quarantined\n"); + next; + } + if (!exists $ports{$p}) { #print "skipping port $p\n"; } else { @@ -271,11 +317,18 @@ if ( $mok == -1 ) { _log("ERROR", "macIsRegistered($mac) failed: ".$np->db->error()."\n"); } - elsif( $mok == 0 ) { + elsif ( $mok == 0 ) { + # mac is not registered $portIsOK = 0; - push @nOkMacs, $mac; + push @nOkMacs, $mac."/NR"; } - else { + elsif ($np->db->macStatus($mac) =~ /^[P]QUAR/) { + # mac registered but quarantined + $portIsOK = 0; + push @nOkMacs, $mac."/Q"; + #_log("INFO", "$mac is quarantined, port state is ".join(',',@$curVlanSetting)."\n"); + } else { + # mac is registered and unquar push @okMacs, $mac; } } @@ -293,20 +346,33 @@ _log("INFO", "Found OK mac $mac on multimac port $switch/$p\n"); $np->db->addResult(-mac => $mac, -type => 'manual', - -id => 'msg:multi_mac'); + -id => 'msg:multi_mac') unless $notReally; } } - print "[$tid] Found nok macs ".(join(',', sort @nOkMacs))." on $switch/$p\n" if $D; - _log("INFO", "Found unreg'd macs ".(join(',', sort @nOkMacs))." on $switch/$p\n"); + print "[$tid] Found NOK macs ".(join(',', sort @nOkMacs))." on $switch/$p\n" if $D; + _log("INFO", "Found NOK macs ".(join(',', sort @nOkMacs))." on $switch/$p\n"); + + if (! exists $badPorts->{$switch} ) { + $badPorts->{$switch} = &share({}); + } + if (! exists $badPorts->{$switch}->{$p}) { + $badPorts->{$switch}->{$p} = &share([]); + } + + push @{$badPorts->{$switch}->{$p}}, @nOkMacs; $np->movePort(-switch => $switch, -port => $p, - -vlan => 'quarantine'); + -vlan => 'quarantine') unless $notReally; } } } } + if ($once) { + return; + } + _log("DEBUG", "thread ".threads->self->tid. " going back to sleep\n"); sleep ($threadSleep); } } @@ -340,3 +406,38 @@ setsid or die "$myname: can't start a new session: $!"; open STDERR, '>&STDOUT' or die "$myname: can't dup stdout: $!"; } + + +sub netstats { + my $np = shift; + return unless (ref($np) eq "NetPass"); + + my $networks = $np->cfg->getNetworks(); + my $totsw = 0; + my $totpo = 0; + + my %switchesSeen; + + foreach my $nw (@$networks) { + my $switches = $np->cfg->getSwitches($nw); + my $q = $np->cfg->quarantineVlan($nw); + my $u = $np->cfg->nonquarantineVlan($nw); + next unless $q && $u; + foreach my $sw (@$switches) { + $switchesSeen{$sw} = 1; + my $v = $np->cfg->getVlanMap($sw); + foreach my $section (split(';', $v)) { + + if ($section =~ /$u\/$q$/) { + my $hr = NetPass::Config::expandTagList($section); + $totpo += scalar keys %$hr; + } + } + } + } + + $totsw = scalar keys %switchesSeen; + return { 'networks' => ($#$networks + 1), + 'switches' => $totsw, + 'ports' => $totpo }; +} |
|
From: jeff m. <jef...@us...> - 2005-09-19 15:25:14
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12690 Modified Files: CHANGES Log Message: macscan feature Index: CHANGES =================================================================== RCS file: /cvsroot/netpass/NetPass/CHANGES,v retrieving revision 1.19 retrieving revision 1.20 diff -u -d -r1.19 -r1.20 --- CHANGES 31 Aug 2005 20:09:16 -0000 1.19 +++ CHANGES 19 Sep 2005 15:25:03 -0000 1.20 @@ -232,3 +232,18 @@ jcm bug fix in bynet report (macos arp padding issue) jcm bug fix in scan config (snort list limited to first 250) +2005-09-09 + jcm added sort by IP to various admin forms + jcm added cisco tree search patch by NU + jcm bug fix to quarctl form - couldnt change results status + +2005-09-19 + jcm added feature to macscan: if the port contains unregistered macs _OR_ + macs that have been quarantined, and the port is not in quarantine, + it will be placed in quarantine. OK macs (registered and not + quarantined) will be given the multi-mac message) + jcm changed number-of-switches-per-thread to 50 in macscan to try and control + how many concurrent db queries it makes. + jcm changed number-of-threads in resetport from 20 to 50 to see if it makes + it more responsive. + |
|
From: jeff m. <jef...@us...> - 2005-09-14 19:33:39
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13422/www/htdocs/Admin Modified Files: qc.mhtml Log Message: bug fix to qc.mhtml Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.28 retrieving revision 1.29 diff -u -d -r1.28 -r1.29 --- qc.mhtml 9 Sep 2005 12:32:11 -0000 1.28 +++ qc.mhtml 14 Sep 2005 19:33:31 -0000 1.29 @@ -657,7 +657,8 @@ return "Error: $mac PQUAR requires that you specify a message."; } else { $resultsRV = $np->db->addResult(-mac => $mac, -type => 'manual', - -id => $args->{"message:$mac"}); + -force => 1, + -id => $args->{"message:$mac"}); } } |
|
From: jeff m. <jef...@us...> - 2005-09-14 17:41:36
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17687/www/htdocs/Admin Modified Files: audit.mhtml Log Message: bug fix to audit form Index: audit.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/audit.mhtml,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- audit.mhtml 31 Aug 2005 20:09:17 -0000 1.8 +++ audit.mhtml 14 Sep 2005 17:41:27 -0000 1.9 @@ -248,47 +248,40 @@ # double check the value, make sure noone can sneak an insertion attack in here ;) $type = ($type eq "OR")?"OR":"AND"; + + my $query = "SELECT DATE_FORMAT(ts, '%Y-%m-%d %H:%i:%s') as dt, username, ipAddress, macAddress, severity, location, message FROM audit "; - my @clause = (); - my @params = (); + my @SC = (); if($ip) { - push(@clause, "ipAddress=?"); - push(@params, $ip); + push @SC, " ipAddress = ".$dbh->quote($ip); } if($message) { - push(@clause, "message LIKE ?"); - push(@params, $message); + push @SC, " message LIKE ".$dbh->quote($message); } if($mac) { $mac =~ s/://g; - - push(@clause, "macAddress=?"); - push(@params, lc($mac)); + push @SC, " macAddress = ".$dbh->quote($mac); } if($uid) { - push(@clause, "username=?"); - push(@params, $uid); + push @SC, " username = ".$dbh->quote($uid); } if($sev) { - push(@clause, "severity=?"); - push(@params, $sev); + push @SC, " severity = ".$dbh->quote($sev); } - my $query = "SELECT DATE_FORMAT(ts, '%Y-%m-%d %H:%i:%s') as dt, username, ipAddress, macAddress, severity, location, message FROM audit "; - if($#clause>-1) { - $query .= " WHERE " . join(" $type ", @clause) + if($#SC > -1) { + $query .= " WHERE " . join(" $type ", @SC) } $query .= " ORDER BY ts DESC LIMIT $start,$limit"; - #print $query; - #print join(',', @params); + #print "query ", $query, "<P>"; my $lres = $dbh->selectall_arrayref($query); @@ -314,9 +307,7 @@ my @results = @$lres; -print "others<P>"; foreach my $npserv (keys %hosts) { -print "others=$npserv<P>"; my $rdbh = DBI->connect('dbi:mysql:database=netpass;host='.$npserv, $np->cfg->dbUsername, $np->cfg->dbPassword); if ($rdbh) { |
|
From: jeff m. <jef...@us...> - 2005-09-09 12:32:27
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6223/www/htdocs/OSSTemplate/js Modified Files: ldap.js lockcfg.js radius.js Log Message: bug fixes Index: ldap.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/ldap.js,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- ldap.js 22 Aug 2005 20:39:35 -0000 1.3 +++ ldap.js 9 Sep 2005 12:32:11 -0000 1.4 @@ -43,7 +43,9 @@ if (o.options[i].selected) { gotOne = true; xh_post("/Admin/cmd/getLDAP.mhtml?server=" + - o.options[i].value, "ldap_xh_results_getLDAP", prefix); + o.options[i].value + + "&npsess=" + session_id, + "ldap_xh_results_getLDAP", prefix); } } if (!gotOne) ldap_clear_fields(prefix); @@ -83,7 +85,8 @@ if (f && s && (f.value != '') && (s.selectedIndex > 0)) { xh_post("/Admin/cmd/setLDAP.mhtml?server=" + s.options[s.selectedIndex].value + - "&passwordField=" + f.value, + "&passwordField=" + f.value + + "&npsess=" + session_id, "ldap_xh_results_setLDAP", prefix); } } Index: radius.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/radius.js,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- radius.js 22 Aug 2005 20:39:35 -0000 1.3 +++ radius.js 9 Sep 2005 12:32:11 -0000 1.4 @@ -39,7 +39,9 @@ if (o.options[i].selected) { gotOne = true; xh_post("/Admin/cmd/getRadiusSecret.mhtml?server=" + - o.options[i].value, "radius_xh_results_getSecret", prefix); + o.options[i].value + + "&npsess=" + session_id, + "radius_xh_results_getSecret", prefix); } } if (!gotOne) { @@ -57,7 +59,8 @@ if ( sc && sv && (sc.value != '') && (sv.selectedIndex > 0) ) { xh_post("/Admin/cmd/setRadiusSecret.mhtml?server=" + sv.options[sv.selectedIndex].value + - "&secret=" + sc.value, + "&secret=" + sc.value + + "&npsess=" + session_id, "radius_xh_results_setSecret", prefix); } } Index: lockcfg.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/lockcfg.js,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- lockcfg.js 6 May 2005 03:09:50 -0000 1.2 +++ lockcfg.js 9 Sep 2005 12:32:11 -0000 1.3 @@ -67,7 +67,10 @@ } lockOpPending = true; - var url = "/Admin/cmd/lockcfg.mhtml?printable=2&lock="+lock +"&force="+force; + var url = "/Admin/cmd/lockcfg.mhtml?printable=2&lock=" + + lock + + "&force=" + force + + "&npsess=" + session_id; xmlhttp.open("GET", url , true); xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState == 4) { |
|
From: jeff m. <jef...@us...> - 2005-09-09 12:32:26
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/reports In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6223/www/htdocs/Admin/reports Modified Files: byclient.mhtml bynet.mhtml Log Message: bug fixes Index: byclient.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/reports/byclient.mhtml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- byclient.mhtml 22 Aug 2005 19:26:08 -0000 1.5 +++ byclient.mhtml 9 Sep 2005 12:32:11 -0000 1.6 @@ -146,7 +146,7 @@ $q->TR( $q->th("Neighbor") . $q->th("Status") . - $q->th("UBIT Name") . + $q->th($np->cfg->policy(-key => 'USERNAME_PROMPT', -network => 'default')) . $q->th("IP Address") . $q->th("OS") ); Index: bynet.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/reports/bynet.mhtml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- bynet.mhtml 6 Sep 2005 20:29:18 -0000 1.7 +++ bynet.mhtml 9 Sep 2005 12:32:11 -0000 1.8 @@ -81,9 +81,14 @@ my $totalInQuar = 0; my $totalPingable = 0; - foreach my $network (NetPass::Network::ipsort([keys %netStats])) { - my $dottedNetwork = int2ip($network)."/". - int2cidr($masks{$network}); + my %dottedNetworks; + foreach my $netInt (keys %netStats) { + $dottedNetworks{int2ip($netInt)} = $netInt; + } + + foreach my $dottedNetwork ( NetPass::Network::ipsort([ keys %dottedNetworks ]) ) { + my $network = $dottedNetworks{$dottedNetwork}; + $dottedNetwork .= "/".int2cidr($masks{$network}); # pinging the broadcast doesnt seem to populate the linux # arp table, so we wont bother. @@ -97,7 +102,6 @@ if ($minq->{$_ip} =~ "incomplete") { delete $minq->{$_ip}; } - } } else { $minq = "" if $minq =~ "incomplete"; @@ -108,7 +112,6 @@ $allMacs =~ tr [A-Z] [a-z]; $allMacs =~ s/\ /%20/g; my $byClient = "byclient.mhtml?macs=$allMacs"; - my $aq = 0; my $aq2 = 0; if (ref($minq) eq "HASH") { |
|
From: jeff m. <jef...@us...> - 2005-09-09 12:32:26
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6223/www/htdocs/Admin Modified Files: autohandler netgroups.mhtml qc.mhtml Log Message: bug fixes Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- netgroups.mhtml 6 Sep 2005 20:29:18 -0000 1.9 +++ netgroups.mhtml 9 Sep 2005 12:32:11 -0000 1.10 @@ -239,7 +239,7 @@ </tr> <tr> <td style='text-align:center; vertical-align: top;'> - <%$q->scrolling_list(-name => 'netgroups', -values => [ $WH, NetPass::Network::ipsort($allNetgroups) ], + <%$q->scrolling_list(-name => 'netgroups', -values => [ $WH, @$allNetgroups ], -default => $netgroups, -id => 'netgroups', -attributes => { $WH => { 'disabled' => 1 } }, -onchange => 'netgroup_onchange_netgroups();', Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/autohandler,v retrieving revision 1.18 retrieving revision 1.19 diff -u -d -r1.18 -r1.19 --- autohandler 31 Aug 2005 20:09:17 -0000 1.18 +++ autohandler 9 Sep 2005 12:32:11 -0000 1.19 @@ -63,6 +63,10 @@ % if (exists $m->session->{'logged_in'} && ($m->session->{'logged_in'} == 1)) { +<script language='JavaScript'><!-- +var session_id = "<%$m->session->{_session_id}%>"; +--></script> + <center> <div class='sbHeader'>Logged in as <%$m->session->{'username'}%></div> <a class='sbLinks' title='' href="/Admin/logout.mhtml"><I>(Logout)</I></a><BR> Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.27 retrieving revision 1.28 diff -u -d -r1.27 -r1.28 --- qc.mhtml 7 Sep 2005 15:24:46 -0000 1.27 +++ qc.mhtml 9 Sep 2005 12:32:11 -0000 1.28 @@ -21,7 +21,6 @@ <script><!-- setWhereAmI('Quarantine Control'); -var session_id = "<%$m->session->{_session_id}%>"; --></script> <%perl> |
|
From: jeff m. <jef...@us...> - 2005-09-09 12:32:26
|
Update of /cvsroot/netpass/NetPass/lib In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6223/lib Modified Files: NetPass.pm Log Message: bug fixes Index: NetPass.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass.pm,v retrieving revision 1.22 retrieving revision 1.23 diff -u -d -r1.22 -r1.23 --- NetPass.pm 31 Aug 2005 20:09:16 -0000 1.22 +++ NetPass.pm 9 Sep 2005 12:32:11 -0000 1.23 @@ -524,6 +524,7 @@ my $community = shift; my $mac = shift; my $loopctl = shift; + my $myNW = shift; # first determine which port this mac address is on. if we dont find the # mac on this switch - stop. @@ -544,7 +545,7 @@ return (undef, undef, undef, undef); } - my $ifIndex = $snmp->get_mac_port($mac); + my $ifIndex = $snmp->get_mac_port($mac, $myNW); return (undef, undef, undef, undef) if !defined($ifIndex); # not on this switch _log ("DEBUG", "$mac possibly found on $switch / $ifIndex. checking to see if it links to another switch.\n"); @@ -565,7 +566,7 @@ return $self->search_topology($next_switch, ($self->cfg->getCommunities($next_switch))[1], - $mac, $loopctl); + $mac, $loopctl, $myNW); } # otherwise, it's this switch. to preserve the semantics @@ -616,7 +617,7 @@ my ($_sw, $_po, $_mp, $_pm) = $self->search_topology($bsw, ($self->cfg->getCommunities($bsw))[1], - $mac, {}); + $mac, {}, $myNW); next if (!defined($_sw) || !defined($_po)); |
|
From: jeff m. <jef...@us...> - 2005-09-07 15:24:56
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1085/www/htdocs/Admin Modified Files: qc.mhtml Log Message: bug in qc, cant change results status, due to move away from cookies Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.26 retrieving revision 1.27 diff -u -d -r1.26 -r1.27 --- qc.mhtml 22 Aug 2005 19:26:08 -0000 1.26 +++ qc.mhtml 7 Sep 2005 15:24:46 -0000 1.27 @@ -21,6 +21,7 @@ <script><!-- setWhereAmI('Quarantine Control'); +var session_id = "<%$m->session->{_session_id}%>"; --></script> <%perl> @@ -98,7 +99,8 @@ if (ma && rid) { var o = document.getElementById('results-status-'+rid); if (o) { - var url = "cmd/setresult.mhtml?printable=2&ma="+ma+"&rid="+rid+"&st="+o.value; + var url = "cmd/setresult.mhtml?printable=2&ma="+ma+"&rid="+rid+"&st="+o.value + + "&npsess=" + session_id; xmlhttp.open("GET", url, true); xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4) { |
|
From: jeff m. <jef...@us...> - 2005-09-06 20:33:22
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv950/www/htdocs/Admin Modified Files: clienthistory.mhtml Log Message: minor bug fix to incident history report Index: clienthistory.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/clienthistory.mhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- clienthistory.mhtml 3 May 2005 16:13:30 -0000 1.3 +++ clienthistory.mhtml 6 Sep 2005 20:33:14 -0000 1.4 @@ -97,7 +97,7 @@ % my $notes = $history->{$dt}->{notes}; % my $macaddr = $history->{$dt}->{macAddress}; % $notes =~ s/\n/<BR>/g; -<DL><DT><%$dt%>: Submitted by <%$username%> for mac = <%$macaddr%></DT> +<DL><DT><%$dt%>: Submitted by <%$user%> for mac = <%$macaddr%></DT> <DD><%$notes%></DD></DL> %} </td><td align='left' style='vertical-align:top;'><PRE> |
|
From: jeff m. <jef...@us...> - 2005-09-06 20:29:28
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32100/lib/NetPass Modified Files: Network.pm Log Message: sorting by ipaddr on network, switch, netgroup and bynet Admin forms Index: Network.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Network.pm,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- Network.pm 31 Aug 2005 20:09:17 -0000 1.6 +++ Network.pm 6 Sep 2005 20:29:18 -0000 1.7 @@ -143,7 +143,8 @@ sub ip2int { my $i = shift; - + + $i =~ s/\/.*$//; # get rid of any subnet mask if ($i !~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/) { die Carp::longmess("ip2int: \"$i\" doesnt look like an ip address to me"); } @@ -155,6 +156,19 @@ ($o[3] ) ); } +=head2 @list = ipsort($aref) + +Given an array ref containing IP addresses. Sort them so they +are ascending and return a new list. + +=cut + +sub ipsort { + my $ar = shift; + return [] unless (ref($ar) eq "ARRAY"); + return sort { ip2int($a) <=> ip2int($b) } @$ar ; +} + =head2 $ip = host2addr($hostname || $ipaddress) Given a hostname, translate it (using Net::DNS) to its corresponding |
|
From: jeff m. <jef...@us...> - 2005-09-06 20:29:28
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/reports In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32100/www/htdocs/Admin/reports Modified Files: bynet.mhtml Log Message: sorting by ipaddr on network, switch, netgroup and bynet Admin forms Index: bynet.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/reports/bynet.mhtml,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- bynet.mhtml 25 Oct 2004 17:48:27 -0000 1.6 +++ bynet.mhtml 6 Sep 2005 20:29:18 -0000 1.7 @@ -81,7 +81,7 @@ my $totalInQuar = 0; my $totalPingable = 0; - foreach my $network (sort keys %netStats) { + foreach my $network (NetPass::Network::ipsort([keys %netStats])) { my $dottedNetwork = int2ip($network)."/". int2cidr($masks{$network}); |
|
From: jeff m. <jef...@us...> - 2005-09-06 20:29:28
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32100/www/htdocs/Admin Modified Files: netgroups.mhtml network.mhtml switch.mhtml Log Message: sorting by ipaddr on network, switch, netgroup and bynet Admin forms Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- netgroups.mhtml 14 Jun 2005 21:57:31 -0000 1.8 +++ netgroups.mhtml 6 Sep 2005 20:29:18 -0000 1.9 @@ -239,7 +239,7 @@ </tr> <tr> <td style='text-align:center; vertical-align: top;'> - <%$q->scrolling_list(-name => 'netgroups', -values => [ $WH, sort @$allNetgroups ], + <%$q->scrolling_list(-name => 'netgroups', -values => [ $WH, NetPass::Network::ipsort($allNetgroups) ], -default => $netgroups, -id => 'netgroups', -attributes => { $WH => { 'disabled' => 1 } }, -onchange => 'netgroup_onchange_netgroups();', Index: switch.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/switch.mhtml,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- switch.mhtml 22 Aug 2005 20:39:35 -0000 1.6 +++ switch.mhtml 6 Sep 2005 20:29:18 -0000 1.7 @@ -93,7 +93,7 @@ <table border='0' width=1000 id='switchConfig'> <tr class='selector'> <td class='selector'> - <%$q->popup_menu(-id => 'switch', -name => 'switch', -values => [ $WH, sort @$allSwitches ], + <%$q->popup_menu(-id => 'switch', -name => 'switch', -values => [ $WH, NetPass::Network::ipsort($allSwitches) ], -default => $switch, -onchange => 'switch_onchange_switch();')%> </td> <td class='selector'> Index: network.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/network.mhtml,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- network.mhtml 14 Jun 2005 21:42:24 -0000 1.12 +++ network.mhtml 6 Sep 2005 20:29:18 -0000 1.13 @@ -235,7 +235,7 @@ <table border=0 width=1000 id='networkConfig'> <tr class='selector'> <td class='selector'> - <%$q->popup_menu(-id => 'network', -name => 'network', -values => [ $WH, sort @$allNetworks ], + <%$q->popup_menu(-id => 'network', -name => 'network', -values => [ $WH, NetPass::Network::ipsort($allNetworks) ], -default => $network, -onchange => 'network_onchange_network();')%> </td> <td class='selector'> @@ -287,7 +287,7 @@ <td colspan=2> BSW: <input name='BSW' id='BSW' value='<%$BSW%>' size=16 maxlength=80><BR> <%$q->scrolling_list(-id => 'switches', -name => 'switches', -size => 4, - -values => [ $WH2, @$switches ] , -multiple => 'true')%></td></tr> + -values => [ $WH2, NetPass::Network::ipsort($switches) ] , -multiple => 'true')%></td></tr> </td> </tr> <tr><td colspan=3> |
|
From: jeff m. <jef...@us...> - 2005-09-01 18:27:30
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10224/lib/NetPass Modified Files: DB.pm Log Message: manifest problem Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.55 retrieving revision 1.56 diff -u -d -r1.55 -r1.56 --- DB.pm 31 Aug 2005 20:09:17 -0000 1.55 +++ DB.pm 1 Sep 2005 18:27:20 -0000 1.56 @@ -1023,7 +1023,7 @@ if ($rule =~ /msg\:\s*\"([\w-]+)\s+([^";]+)\"\;/) { $data->{category} = $1; - $data->{name} = $2; + $data->{name} = $1.' '.$2; } else { return "unknown msg"; } |
|
From: jeff m. <jef...@us...> - 2005-09-01 18:27:30
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10224 Modified Files: MANIFEST Log Message: manifest problem Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.55 retrieving revision 1.56 diff -u -d -r1.55 -r1.56 --- MANIFEST 31 Aug 2005 20:09:16 -0000 1.55 +++ MANIFEST 1 Sep 2005 18:27:20 -0000 1.56 @@ -171,7 +171,6 @@ www/components/Client/Validate www/components/Client/WelcomePage www/components/Client/ShowResults -www/components/Client/.BeginScan.swp www/components/style/back/start_sidebar www/components/style/back/end_content www/components/style/back/end_sidebar @@ -180,7 +179,6 @@ www/components/CookieDetect www/components/Audit www/components/OSDetect -www/components/FormAuthRadius www/htdocs/Admin/Editor/edit.mhtml www/htdocs/Admin/Editor/index.mhtml www/htdocs/Admin/Editor/view.mhtml |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:15:58
|
Update of /cvsroot/netpass/NetPass/lib/NetPass/WWW In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv19463/lib/NetPass/WWW Modified Files: Session.pm.mysql Log Message: set no cache in session.pm.mysql Index: Session.pm.mysql =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/WWW/Session.pm.mysql,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- Session.pm.mysql 31 Aug 2005 20:09:17 -0000 1.5 +++ Session.pm.mysql 31 Aug 2005 20:15:50 -0000 1.6 @@ -89,6 +89,7 @@ return -1 if $r->content_type && $r->content_type !~ m|^text/|i; my $status = $ah->handle_request($r); + $r->header_out("Cache-Control" => 'no-cache'); return $status; } |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:32
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/www/htdocs/Admin/Scan Modified Files: index.mhtml Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan/index.mhtml,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- index.mhtml 22 Aug 2005 19:26:08 -0000 1.8 +++ index.mhtml 31 Aug 2005 20:09:17 -0000 1.9 @@ -149,7 +149,7 @@ } } else { # this really shouldnt happen. we dont give them a Refresh Plugins button - $np->db->audit( -user => $m->session->{'logged_in'}, + $np->db->audit( -user => $m->session->{'username'}, -severity => "ALERT", -msg => [ "tried to Refresh Plugins but is ReadOnly" ]); } @@ -160,7 +160,7 @@ saveChanges($dbh,\%ARGS, $ids); } else { # this really shouldnt happen. we dont give them a submit button - $np->db->audit( -user => $m->session->{'logged_in'}, + $np->db->audit( -user => $m->session->{'username'}, -severity => "ALERT", -msg => [ "tried to change ScanAdmin but is ReadOnly" ]); @@ -326,7 +326,7 @@ my $count = $sth->rows; - my $link = "index.mhtml?key=$key&type=$type&status=$status&search=Search&start="; + my $link = "index.mhtml?key=$key&type=$type&status=$status&search=Search&service=$service&start="; my $prev_link = $link . ($start-$limit); my $next_link = ''; @@ -388,7 +388,7 @@ if ($args->{"message:$id"} ne $args->{"messageOrig:$id"}) { $np->db->audit( - -user => $m->session->{'logged_in'}, + -user => $m->session->{'username'}, -msg => [ "ScanAdmin: $id message changed to", $args->{"message:$id"}, "from", $args->{'messageOrig:'.$id} ]); } |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:31
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/www/components/Admin Modified Files: Login Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: Login =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/Login,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- Login 6 May 2005 20:13:34 -0000 1.12 +++ Login 31 Aug 2005 20:09:17 -0000 1.13 @@ -9,14 +9,11 @@ logged in, otherwise it returns 0. </%doc> - - <%args> $username => undef; $password => undef; $wherefrom => undef; </%args> - <%perl> #use Data::Dumper; print "<PRE>", Dumper($m->session), "</PRE>"; @@ -41,8 +38,10 @@ $m->session->{'my_groups'} = $np->db->getUserGroups($username); my $uri = $r->uri; if ($uri =~ /^\/Admin/) { - $m->redirect($uri); + _log("DEBUG", "redir ".add_session_id2($uri)."\n"); + $m->redirect(add_session_id2($uri)); } else { + _log("DEBUG", "redir2 /Admin/index.mhtml\n"); $m->redirect('/Admin/index.mhtml'); } |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:30
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/www/htdocs/Admin Modified Files: audit.mhtml autohandler chpwd.mhtml greset.mhtml index.mhtml Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/index.mhtml,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- index.mhtml 3 Aug 2005 02:44:39 -0000 1.12 +++ index.mhtml 31 Aug 2005 20:09:17 -0000 1.13 @@ -5,8 +5,6 @@ # Available under the "Artistic License" # http://www.gnu.org/licenses/license-list.html#ArtisticLicense </%doc> - - <script><!-- setWhereAmI('Home'); --></script> Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/autohandler,v retrieving revision 1.17 retrieving revision 1.18 diff -u -d -r1.17 -r1.18 --- autohandler 3 Aug 2005 02:44:39 -0000 1.17 +++ autohandler 31 Aug 2005 20:09:17 -0000 1.18 @@ -8,7 +8,44 @@ <%args> $printable => 0; </%args> +<%filter> + s/(href=\")([^\"]+)\"/add_session_id($1,$2)/eg; + s/(action=\")([^\"]+)\"/add_session_id($1,$2)/eg; + my $_SID = $m->session->{_session_id}; + s/\<\/form\>/\<input type=hidden name='npsess' value='$_SID'\>\<\/form\>/i; +</%filter> <%perl> + # this is used by the above filter + sub add_session_id { + my $lt = shift; + my $url = shift; + my $SID = $m->session->{_session_id}; + return $lt.$url.'"' if $url =~ m{^\w+://}; # Don't alter external URLs + if ( $url !~ /npsess=/ ) { + if ($url =~ /\?/) { + $url =~ s/\?/?npsess=$SID&/; + } else { + $url .= "?npsess=".$SID; + } + } + + return $lt.$url.'"'; + } + + # this is used by /Admin/Login for redirects + sub add_session_id2 { + my $url = shift; + return $url if $url =~ m{^\w+://}; # Don't alter external URLs + if ($url =~ /\?/) { + $url =~ s/\?/?npsess=$m->session->{_session_id}&/; + } else { + $url .= "?npsess=".$m->session->{_session_id}; + } + + return $url; + } + + use Sys::Hostname; my $serverType = "PRODUCTION"; if (hostname =~ /-d.cit.buffalo.edu$/) { Index: chpwd.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/chpwd.mhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- chpwd.mhtml 3 May 2005 16:13:30 -0000 1.3 +++ chpwd.mhtml 31 Aug 2005 20:09:17 -0000 1.4 @@ -92,7 +92,8 @@ <tr><td class='left'>New (Confirm) Password:</td> <td class='right'><input name='new2' type='password'></td></tr> <tr><td colspan=2><center><input type='submit' name='submit' value='Change Password'></center></td></tr> -</table></form> +</table> +</form> % } else { Sorry. You don't have permission to use this form. % } Index: audit.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/audit.mhtml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- audit.mhtml 24 Apr 2005 03:42:03 -0000 1.7 +++ audit.mhtml 31 Aug 2005 20:09:17 -0000 1.8 @@ -163,7 +163,7 @@ my ($results, $count, $result_set, $next_link, $prev_link) = getAudits($np->db->{'dbh'},$ip,$mac,$uid,$sev,$type,$message,$start); -if($count<0) { +if ($count < 0) { print $q->p( {-class => 'error'}, "Sorry, there was an error while processing your request!"); } @@ -190,20 +190,25 @@ $q->th("Message") )); -while (my $row = $results->fetchrow_hashref() ) { - push( @rows, $q->TR( {-class=> $row->{severity} }, - $q->td({-align=>'center'}, $row->{dt}) . - $q->td({-align=>'center'}, $row->{username}) . - $q->td({-align=>'center'}, $row->{ipAddress}) . - $q->td({-align=>'center'}, NetPass::padMac($row->{macAddress})) . - #$q->td({-align=>'center'}, $row->{severity}) . - #$q->td({-align=>'center'}, $row->{location}) . - $q->td({-align=>'center'}, $row->{message}) +foreach my $row ( sort { $a->[0] <=> $b->[0] } @$results ) { + # 0 dt + # 1 username + # 2 ipAddress + # 3 macAddress + # 4 severity + # 5 location + # 6 message + push( @rows, $q->TR( {-class=> $row->[4] }, + $q->td({-align=>'center'}, $row->[0]) . + $q->td({-align=>'center'}, $row->[1]) . + $q->td({-align=>'center'}, $row->[2]) . + $q->td({-align=>'center'}, NetPass::padMac($row->[3])) . + #$q->td({-align=>'center'}, $row->[4]) . + #$q->td({-align=>'center'}, $row->[5]) . + $q->td({-align=>'center'}, $row->[6]) )); } -$results->finish(); - print $q->table({-width=>'80%'}, @rows); print $q->p(); @@ -220,6 +225,24 @@ my $message = shift; my $start = shift; + # since we dont store the audit table in NDB, we need + # to fetch and merge results from the other NP servers. + + my %hosts = ( &hostname => 1 ); + my $allnw = $np->cfg->getNetworks(); + if (ref($allnw) eq "ARRAY") { + foreach my $nw (@$allnw) { + if ( $np->cfg->ha($nw) ) { + my $svrs = $np->cfg->ha_servers($nw); + if (ref($svrs) eq "ARRAY") { + foreach my $sn (@$svrs) { + $hosts{$sn} = 1; + } + } + } + } + } + $start = 0 if(!($start =~ /\d+/) || $start<0); my $limit = 250; @@ -267,32 +290,49 @@ #print $query; #print join(',', @params); - my $sth = $dbh->prepare($query); + my $lres = $dbh->selectall_arrayref($query); - if(!defined($sth)) { - return ("prepare failed: ". $dbh->errstr, -1); - } - - if( !$sth->execute(@params) ) { - return ("execute failed: ". $dbh->errstr, -1); + if(!defined($lres)) { + return ("failed to retrieve local results: ". $dbh->errstr, -1); } - my $count = $sth->rows; + my $count = $#{$lres}; my $link = "audit.mhtml?ip=$ip&mac=$mac&uid=$uid&type=$type&message=$message&search=Search&start="; my $prev_link = $link . ($start-$limit); my $next_link = ''; my $result_set = ""; - if($count==$limit) { + + if($count == $limit) { $result_set = "$start to " . ($start+$limit); $next_link = $link . ($start+$limit); } else { $result_set = "$start to " . ($start+$count); $next_link = ''; } - return ($sth, $count, $result_set, $next_link, $prev_link); + my @results = @$lres; + +print "others<P>"; + foreach my $npserv (keys %hosts) { +print "others=$npserv<P>"; + my $rdbh = DBI->connect('dbi:mysql:database=netpass;host='.$npserv, + $np->cfg->dbUsername, $np->cfg->dbPassword); + if ($rdbh) { + my $rres = $rdbh->selectall_arrayref($query); + if (ref($rres) eq "ARRAY") { + push @results, @$rres; + } else { + print $q->p({-class => 'error'}, "There was a problem retrieving the results from $npserv"); + } + $rdbh->disconnect; + } else { + print $q->p({-class => 'error'}, "Failed to connect to database on $npserv"); + } + } + + return (\@results, $count, $result_set, $next_link, $prev_link); } </%perl> Index: greset.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/greset.mhtml,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- greset.mhtml 22 Aug 2005 19:26:08 -0000 1.6 +++ greset.mhtml 31 Aug 2005 20:09:17 -0000 1.7 @@ -68,6 +68,7 @@ print $q->start_form(-name => 'form', -method => "POST"); </%perl> + <h2>Global Reset</h2> <FONT CLASS='error'>WARNING:</FONT>The following will cause <B>all managed ports</B> to be reset to the state you choose.<BR> @@ -128,7 +129,7 @@ border-color:#8b0000;", ); print "</TD>"; -print "</TR></TABLE>"; +print "</TR></TABLE></form>"; </%perl> |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:28
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/bin Modified Files: fsp.pl Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: fsp.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/fsp.pl,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- fsp.pl 12 Apr 2005 20:53:43 -0000 1.4 +++ fsp.pl 31 Aug 2005 20:09:16 -0000 1.5 @@ -56,7 +56,6 @@ use NetPass::LOG qw(_log _cont); require NetPass; -require NetPass::Config; pod2usage(1) if $#ARGV < 1; @@ -70,7 +69,7 @@ my ($ma, $ip) = (shift, shift); my ($dbuser, $dbpass) = exists $opts{'U'} ? split('/', $opts{'U'}) : (undef, undef); -my $np = new NetPass(-config => exists $opts{'c'} ? $opts{'c'} : undef, +my $np = new NetPass(-cstr => exists $opts{'c'} ? $opts{'c'} : undef, -dbuser => $dbuser, -dbpass => $dbpass, -debug => exists $opts{'D'} ? 1 : 0, -quiet => exists $opts{'q'} ? 1 : 0); |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:27
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/www/htdocs/Admin/cmd Modified Files: setresult.mhtml Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: setresult.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd/setresult.mhtml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- setresult.mhtml 4 May 2005 20:22:17 -0000 1.2 +++ setresult.mhtml 31 Aug 2005 20:09:17 -0000 1.3 @@ -25,7 +25,9 @@ my $ng = $np->cfg->getNetgroup(-network => $nw); my ($isOK, $groups) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin', 'QuarAdmin' ]); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); - if ($isRoot || ($isOK && (grep (/^$nw$/, @$groups) || grep (/^$ng$/, @$groups)))) { + if ($isRoot || ($isOK && (grep (/^default$/, @$groups) || + grep (/^$nw$/, @$groups) || + grep (/^$ng$/, @$groups)))) { $rv = $np->db->updateResult(-mac => $ma, -rowid => $rid, -status => $st); if ($rv) { |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:27
|
Update of /cvsroot/netpass/NetPass/www/htdocs In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/www/htdocs Modified Files: netpass.mhtml Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: netpass.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/netpass.mhtml,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- netpass.mhtml 1 May 2005 19:46:04 -0000 1.8 +++ netpass.mhtml 31 Aug 2005 20:09:17 -0000 1.9 @@ -15,7 +15,7 @@ <%perl> -_log("DEBUG", $m->session->{'_session_id'}." calling /Client/GetInfo\n"); +_log("DEBUG", "$$ ". $m->session->{'_session_id'}." calling /Client/GetInfo\n"); $m->comp('/Client/GetInfo', %ARGS); my $mac = $m->session->{'remote_mac'}; @@ -27,10 +27,10 @@ _log("DEBUG", "$mac $ip calling /Client/Validate\n"); $m->comp("/Client/Validate", %ARGS); -_log("DEBUG", "$mac $ip Phase: ".$m->session->{'phase'}."\n"); +_log("DEBUG", "$mac $ip ".$m->session->{'_session_id'}." Phase: ".$m->session->{'phase'}."\n"); if($np->cfg->policy(-key => 'COOKIE_DETECT', -network => $ip)) { - return if ($m->comp('/CookieDetect', 'ip' => $ip, %ARGS) != 1); + return if ($m->comp('/CookieDetect', 'mac' => $mac, 'ip' => $ip, %ARGS) != 1); } if($m->session->{'phase'} eq 'LOGIN') { @@ -39,7 +39,8 @@ $m->comp('/Client/WelcomePage', %ARGS); } elsif($m->session->{'phase'} eq 'SCAN') { - _log("DEBUG", "$mac $ip calling /Client/BeginScan\n"); + _log("DEBUG", "$mac $ip calling /Client/BeginScan session ".$m->session->{'_session_id'}."\n"); + $m->comp('/Audit', msg => [ "sessionid ".$m->session->{'_session_id'} ] ); $m->comp('/Client/BeginScan', %ARGS); } elsif($m->session->{'phase'} eq 'REMEDIATE') { @@ -181,6 +182,7 @@ ################################################ + return; </%perl> |
