netpass-devel Mailing List for NetPass (Page 5)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:27
|
Update of /cvsroot/netpass/NetPass/www/components In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/www/components Modified Files: CookieDetect Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: CookieDetect =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/CookieDetect,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- CookieDetect 24 Apr 2005 03:42:02 -0000 1.4 +++ CookieDetect 31 Aug 2005 20:09:17 -0000 1.5 @@ -11,9 +11,10 @@ </%once> <%args> - $url => "" - $test => "" - $ip => "" + $url => "" + $test => "" + $ip => "" + $mac => "" </%args> <%perl> @@ -25,7 +26,10 @@ my %c = Apache::Cookie->fetch; return 1 if (exists $c{$cn}); - my $ncfu = $np->db->getPage('msg:no_cookies', 1); + _log("DEBUG", "$mac $ip has cookies disabled\n"); + $m->comp('/Audit', msg => [ "$mac $ip has cookies disabled" ] ); + + my $ncfu = $np->db->getPage(-name => 'msg:no_cookies', -nohtml => 1, -npcfg => $np->cfg, -ip => $ip); if (defined($ncfu) && ($ncfu ne "")) { print $ncfu; } else { |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:26
|
Update of /cvsroot/netpass/NetPass/www/components/Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/www/components/Client Modified Files: BeginScan GetInfo Login Remediate WelcomePage Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: GetInfo =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/GetInfo,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- GetInfo 30 Sep 2004 01:19:38 -0000 1.2 +++ GetInfo 31 Aug 2005 20:09:17 -0000 1.3 @@ -35,7 +35,7 @@ my $ip = $m->session->{'remote_addr'}; my $mac = $m->session->{'remote_mac'}; -_log("DEBUG", "$mac $ip os=".$m->session->{'remote_os'}."\n"); +_log("DEBUG", "$mac $ip os=".$m->session->{'remote_os'}." url=".$url."\n"); if(!$m->session->{'phase'}) { _log ("DEBUG", "$mac $ip /Client/GetInfo no phase for this session, setting to LOGIN\n"); Index: BeginScan =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/BeginScan,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- BeginScan 4 Aug 2005 20:41:18 -0000 1.11 +++ BeginScan 31 Aug 2005 20:09:17 -0000 1.12 @@ -166,6 +166,7 @@ } print $q->start_form; + print $q->hidden(-name => 'npsess', -value => $m->session->{_session_id}); print $q->submit(-name=>'continue', -value=>'Continue'); print $q->end_form; Index: Remediate =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/Remediate,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- Remediate 18 May 2005 15:23:43 -0000 1.11 +++ Remediate 31 Aug 2005 20:09:17 -0000 1.12 @@ -96,7 +96,7 @@ } } - +print $q->hidden(-name => 'npsess', -value => $m->session->{_session_id}); print $q->end_form(); Index: Login =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/Login,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- Login 24 Apr 2005 03:42:03 -0000 1.4 +++ Login 31 Aug 2005 20:09:17 -0000 1.5 @@ -20,6 +20,9 @@ return; } + my $mtime = (stat("/cookies/data/".$m->session->{_session_id}))[9]; + _log("DEBUG", "mtime $mtime stime ".$m->session->{_session_mtime}."\n"); + if (!defined($username) || ($username eq "")) { _log("DEBUG", "$mac $ip /Client/Login no username given, Phase=LOGIN\n"); $m->session->{'phase'} = 'LOGIN'; Index: WelcomePage =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/WelcomePage,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- WelcomePage 24 Apr 2005 03:42:03 -0000 1.7 +++ WelcomePage 31 Aug 2005 20:09:17 -0000 1.8 @@ -35,6 +35,7 @@ -size => 8 ), "</td></tr></table>"; print $q->hidden(-name => 'js_enabled', -value => ''); + print $q->hidden(-name => 'npsess', -value => $m->session->{_session_id}); print $q->submit(-name => 'beginScan', -value => 'I understand, begin the scan ..'); |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:26
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/lib/NetPass Modified Files: DB.pm Network.pm Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.54 retrieving revision 1.55 diff -u -d -r1.54 -r1.55 --- DB.pm 22 Aug 2005 19:26:07 -0000 1.54 +++ DB.pm 31 Aug 2005 20:09:17 -0000 1.55 @@ -1273,7 +1273,7 @@ $osC = qq{OS='$os', } if defined($os) && ($os ne "") && ($os ne "Unknown"); $unC = qq{username='$username', } if defined($username) && ($username ne ""); - $sql = qq{UPDATE register SET ipAddress='$ip', registeredOn=NOW(), status='unquar', $unC $osC switchIP=NULL, switchPort=NULL WHERE macAddress = '$mac'}; + $sql = qq{UPDATE register SET ipAddress='$ip', lastSeen=NOW(), status='unquar', $unC $osC switchIP=NULL, switchPort=NULL WHERE macAddress = '$mac'}; _log("DEBUG", "$mac $ip sql=$sql\n"); $rv = $self->{'dbh'}->do($sql); if (!defined($rv)) { Index: Network.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Network.pm,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- Network.pm 23 Jun 2005 20:21:08 -0000 1.5 +++ Network.pm 31 Aug 2005 20:09:17 -0000 1.6 @@ -243,11 +243,14 @@ my $ip2 = ip2int($1); $mac = $2; next if (!$ii && $mac =~ /incomplete/); - $rv{$1} = $2 if (($ip2 & $mask) == $nw); + my $mac2; + foreach my $_mp (split(/:/, $mac)) { + $mac2 .= substr("00".$_mp, -2); + } + $rv{$1} = $mac2 if (($ip2 & $mask) == $nw); } } return \%rv; - } # distinct address or regexp passed in |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:26
|
Update of /cvsroot/netpass/NetPass/lib/NetPass/WWW In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/lib/NetPass/WWW Modified Files: Session.pm.file Session.pm.mysql Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: Session.pm.file =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/WWW/Session.pm.file,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- Session.pm.file 20 May 2005 15:16:12 -0000 1.5 +++ Session.pm.file 31 Aug 2005 20:09:17 -0000 1.6 @@ -46,13 +46,8 @@ session_directory => '%COOKIEDATA%', session_lock_directory => '%COOKIELOCK%', - - - - - - - session_use_cookie => 1, + session_args_param => 'npsess', + session_use_cookie => 0, session_cookie_name => $cookieName, session_cookie_expires => '+1y', session_cookie_domain => '%COOKIEDOM%', @@ -77,6 +72,7 @@ return -1 if $r->content_type && $r->content_type !~ m|^text/|i; my $status = $ah->handle_request($r); + $r->header_out("Cache-Control" => 'no-cache'); return $status; } Index: Session.pm.mysql =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/WWW/Session.pm.mysql,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- Session.pm.mysql 20 May 2005 15:16:12 -0000 1.4 +++ Session.pm.mysql 31 Aug 2005 20:09:17 -0000 1.5 @@ -63,7 +63,8 @@ session_lock_user_name => 'root', session_lock_password => '', - session_use_cookie => 1, + session_args_param => 'npsess', + session_use_cookie => 0, session_cookie_name => $cookieName, session_cookie_expires => '+1y', session_cookie_domain => '%COOKIEDOM%', |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:26
|
Update of /cvsroot/netpass/NetPass/lib In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191/lib Modified Files: NetPass.pm Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: NetPass.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass.pm,v retrieving revision 1.21 retrieving revision 1.22 diff -u -d -r1.21 -r1.22 --- NetPass.pm 16 Aug 2005 14:04:32 -0000 1.21 +++ NetPass.pm 31 Aug 2005 20:09:16 -0000 1.22 @@ -676,7 +676,7 @@ if ( defined($snmp->err) ) { _log ("ERROR", "new SNMP::Device failed: ".$snmp->err."\n"); - return (undef, undef, undef, undef); + next; } my ($mp, $pm) = $snmp->get_mac_port_table(); |
|
From: jeff m. <jef...@us...> - 2005-08-31 20:09:25
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15191 Modified Files: CHANGES MANIFEST Log Message: bug fixes, see CHANGES file, see message on netpass-users before deploying these changes Index: CHANGES =================================================================== RCS file: /cvsroot/netpass/NetPass/CHANGES,v retrieving revision 1.18 retrieving revision 1.19 diff -u -d -r1.18 -r1.19 --- CHANGES 22 Aug 2005 20:39:35 -0000 1.18 +++ CHANGES 31 Aug 2005 20:09:16 -0000 1.19 @@ -215,3 +215,20 @@ jcm added some code to reject google web accelerator if it accesses the admin pages jcm javascript fixes to Admin pages for IE compatibility + +2005-08-31 + jcm bug fix. a non-responsive switch would abort the port search and leave + users stuck in quarantine + jcm disabled use of cookies for session tracking. placed session id in + http POST instead. the problem was that toolbars like google + would sue the same cookie store that IE uses. this would cause + weird things to occur because the session state would become + corrupt. + jcm minor bug in fsp.pl - a diagnostic script. + jcm bug fix to Admin/cmd/setresult.mhtml to fix a permissions problem where + an network admin wouldnt be able to change the status of a client's + result + jcm bug fix to ScanAdmin audit messages (incorrectly ref'd logged_in) + jcm bug fix in bynet report (macos arp padding issue) + jcm bug fix in scan config (snort list limited to first 250) + Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.54 retrieving revision 1.55 diff -u -d -r1.54 -r1.55 --- MANIFEST 16 Aug 2005 19:38:33 -0000 1.54 +++ MANIFEST 31 Aug 2005 20:09:16 -0000 1.55 @@ -171,6 +171,7 @@ www/components/Client/Validate www/components/Client/WelcomePage www/components/Client/ShowResults +www/components/Client/.BeginScan.swp www/components/style/back/start_sidebar www/components/style/back/end_content www/components/style/back/end_sidebar @@ -179,6 +180,7 @@ www/components/CookieDetect www/components/Audit www/components/OSDetect +www/components/FormAuthRadius www/htdocs/Admin/Editor/edit.mhtml www/htdocs/Admin/Editor/index.mhtml www/htdocs/Admin/Editor/view.mhtml |
|
From: Don R. <don...@em...> - 2005-08-31 17:32:21
|
....revisiting this issue again.... Mac OS X /sbin/arp does not return padded MACs....it looks like this is not an issue anywhere at this point except in Admin/reports/ bynet.mhtml. The links created in the "Active/In-Quar" do not have padded MACs in the links, so when one of the links if clicked on, the client report is not presented, since the non-padded MACs are not in the database. This may be a place to add the padMac function found in other routines. Don Donald G. Rugh Director of Network Services Information Services Saint Vincent College 300 Fraser Purchase Road Latrobe, PA 15650 724-805-2559 don...@em... |
|
From: Don R. <don...@em...> - 2005-08-31 14:37:13
|
bug fix for listing Snort plug-ins -- could not list more than the first 250 plug-ins: /opt/netpass/www/htdocs/Admin/Scan/index.mhtml, getResults method change the following line: my $link = "index.mhtml?key=$key&type=$type&status= $status&search=Search&start="; to: my $link = "index.mhtml?key=$key&type=$type&status= $status&service=$service&search=Search&start="; Donald G. Rugh Director of Network Services Information Services Saint Vincent College 300 Fraser Purchase Road Latrobe, PA 15650 724-805-2559 don...@em... |
|
From: Jeff M. <jcm...@os...> - 2005-08-26 15:03:07
|
thanks. i made the change to CookieDetect. On Fri, 2005-08-26 at 10:55 -0400, Don Rugh wrote: > We came across a bug in CookieDetect -- it seemed to always be using > the default message in the html instead of the database -- looks like > the getPage method was changed, but this code was not updated...we can > either send you the patch, or I'm sure you can make the appropriate > changes... > > > > Donald G. Rugh > > Director of Network Services > > Information Services > > Saint Vincent College > > 300 Fraser Purchase Road > > Latrobe, PA 15650 > > 724-805-2559 > > don...@em... > > > |
|
From: Don R. <don...@em...> - 2005-08-26 14:55:32
|
We came across a bug in CookieDetect -- it seemed to always be using the default message in the html instead of the database -- looks like the getPage method was changed, but this code was not updated...we can either send you the patch, or I'm sure you can make the appropriate changes... Donald G. Rugh Director of Network Services Information Services Saint Vincent College 300 Fraser Purchase Road Latrobe, PA 15650 724-805-2559 don...@em... |
|
From: jeff m. <jef...@us...> - 2005-08-22 20:40:05
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20603/www/htdocs/OSSTemplate/js Modified Files: debug.js Log Message: bug fix Admin javascript/IE compat Index: debug.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/debug.js,v retrieving revision 1.13 retrieving revision 1.14 diff -u -d -r1.13 -r1.14 --- debug.js 22 Aug 2005 20:39:35 -0000 1.13 +++ debug.js 22 Aug 2005 20:39:57 -0000 1.14 @@ -1,4 +1,4 @@ -var DBGLEVEL = 1; +var DBGLEVEL = 0; var dbgwin; var browserType_IE = 0; |
|
From: jeff m. <jef...@us...> - 2005-08-22 20:39:46
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20485/www/htdocs/OSSTemplate/js Modified Files: debug.js ldap.js network.js radius.js switch.js Log Message: bug fix Admin javascript/IE compat Index: debug.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/debug.js,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- debug.js 23 Jun 2005 20:21:10 -0000 1.12 +++ debug.js 22 Aug 2005 20:39:35 -0000 1.13 @@ -1,4 +1,4 @@ -var DBGLEVEL = 0; +var DBGLEVEL = 1; var dbgwin; var browserType_IE = 0; Index: ldap.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/ldap.js,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- ldap.js 23 Jun 2005 20:21:10 -0000 1.2 +++ ldap.js 22 Aug 2005 20:39:35 -0000 1.3 @@ -118,7 +118,7 @@ if (o) { for (var i = o.options.length-1 ; i > 0 ; i--) { if (o.options[i].selected) - o.options[i] = undefined; + o.options[i] = null; // IE doesnt like undefined; } } } Index: radius.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/radius.js,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- radius.js 23 Jun 2005 20:21:10 -0000 1.2 +++ radius.js 22 Aug 2005 20:39:35 -0000 1.3 @@ -92,7 +92,7 @@ if (o) { for (var i = o.options.length-1 ; i > 0 ; i--) { if (o.options[i].selected) - o.options[i] = undefined; + o.options[i] = null; //IE doesnt like undefined; } } } Index: switch.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/switch.js,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- switch.js 3 Jun 2005 16:59:55 -0000 1.3 +++ switch.js 22 Aug 2005 20:39:35 -0000 1.4 @@ -39,7 +39,7 @@ var vm = document.getElementById("vlanmap"); if (vm) { for(i = vm.options.length-1 ; i > 0 ; i--) - vm.options[i] = undefined; + vm.options[i] = null; // IE doesnt like undefined; } } else { dbg (1, RN + ": switch already exists: " + o.value); @@ -102,13 +102,15 @@ dbg(1, RN); var vm = document.getElementById('vlanmap'); if (vm) { + dbg(1, RN + ": found vlanmap field"); for (var i = vm.options.length-1 ; i > 0 ; i--) { + dbg(1, RN + ": checking item " + i); if (vm.options[i].selected) { - vm.options[i] = undefined; + dbg(1, RN + ": item " + i + " is selected. deleting it. " + vm.options[i]); + vm.options[i] = null; } } } else { dbg (1, RN + ": cant find vlanmap field"); } - return false; } Index: network.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/network.js,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- network.js 8 Jun 2005 16:46:01 -0000 1.7 +++ network.js 22 Aug 2005 20:39:35 -0000 1.8 @@ -163,7 +163,7 @@ // you cant delete yourself. if (servs.options[i].value != network_ourHostname) { dbg(1, RN + ": del " + servs.options[i].value); - servs.options[i] = undefined; + servs.options[i] = null; // IE doesnt like undefined; } } } @@ -190,7 +190,7 @@ // element 0 is WH for(var i = switches.options.length-1 ; i > 0 ; i--) { if (switches.options[i].selected) - switches.options[i] = undefined; + switches.options[i] = null; // IE doesnt like undefined; } } return false; |
|
From: jeff m. <jef...@us...> - 2005-08-22 20:39:44
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20485/www/htdocs/Admin Modified Files: switch.mhtml Log Message: bug fix Admin javascript/IE compat Index: switch.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/switch.mhtml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- switch.mhtml 3 Aug 2005 02:44:39 -0000 1.5 +++ switch.mhtml 22 Aug 2005 20:39:35 -0000 1.6 @@ -112,13 +112,13 @@ </td> <td class='vlanmapRow'><input id='addVlan' name='addVlan' size=20 value='Add Vlan Map...' onblur='switch_onblur_addVlan(this);' onfocus='switch_onfocus_addVlan(this);'><BR> - <B><U>Format examples:</U></B><BR> + <B>Hit TAB after entrering in the new mapping.<P><U>Format examples:</U></B><BR> <I>portA,portB-portF:unquar/quar</I><BR> <I>1,5-7:101/201</I><BR> <I>1-24:101/201</I><BR> <I>1,2,3,4,5:101/201</I><BR> </td> - <td class='vlanmapRow'><input type='submit' onclick='switch_onclick_deleteVlan();return false;' + <td class='vlanmapRow'><input type='button' onclick='switch_onclick_deleteVlan();return false;' name='deleteVlan' id='deleteVlan' value='Delete Vlan'> </td> </tr> |
|
From: jeff m. <jef...@us...> - 2005-08-22 20:39:44
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20485 Modified Files: CHANGES Log Message: bug fix Admin javascript/IE compat Index: CHANGES =================================================================== RCS file: /cvsroot/netpass/NetPass/CHANGES,v retrieving revision 1.17 retrieving revision 1.18 diff -u -d -r1.17 -r1.18 --- CHANGES 22 Aug 2005 19:26:06 -0000 1.17 +++ CHANGES 22 Aug 2005 20:39:35 -0000 1.18 @@ -209,3 +209,9 @@ 2005-08-27 jcm additions to appstarter so that the nessus (scanconfig) 'refresh plugins' button actually does something + jcm altered qc.mhtml and byclient.mhtml so that they used the LDAP settings + also tied them together so clicking on mac addr takes you from + qc to byclient + jcm added some code to reject google web accelerator if it accesses the + admin pages + jcm javascript fixes to Admin pages for IE compatibility |
|
From: jeff m. <jef...@us...> - 2005-08-22 19:26:18
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3124/www/htdocs/Admin Modified Files: greset.mhtml qc.mhtml Log Message: appstarter changes Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.25 retrieving revision 1.26 diff -u -d -r1.25 -r1.26 --- qc.mhtml 11 Aug 2005 00:09:06 -0000 1.25 +++ qc.mhtml 22 Aug 2005 19:26:08 -0000 1.26 @@ -260,32 +260,51 @@ my @rows = (); </%perl> +<script language="JavaScript"> +function ldap_popup(url, w, h) { + var opts="top=0,left=0,scrollbars,status=no,menubar=no,location=no,toolbar=no,resizable=yes,fullsize=no,width=" + + w + ",height=" + h; + window.open(url, "LDAP Query", opts); +} +</script> + <table width='80%'> <tr><td colspan=8></td> <td colspan=2 align='right'><input type='submit' name='submit' value='Save Changes' <%$readOnly%>></td> </tr> <tr><th>Registered On</th><th>Last Seen</th><th><%$np->cfg->policy(-key => 'USERNAME_PROMPT', -network => $ENV{'REMOTE_ADDR'}) || "Username"%> <th>IP Address</th><th>MAC Address</th><th>Unquar<BR>When?</th><th>Status</th><th>Incident<BR>History</th><th>Results<br><span style='font-size:10pt;'>Pending/U-Fixed</span></th><th>Add Result</th></tr> +<%perl> +while (my $row = $results->fetchrow_hashref() ) { + my $myPendingResults = $np->db->getResults(-mac => $row->{'macAddress'}, -status => 'pending'); + my $myUFixedResults = $np->db->getResults(-mac => $row->{'macAddress'}, -status => 'user-fixed'); + my $nPR = 0; + my $nUFR = 0; + my $macAddress = $row->{'macAddress'}; + my $disabled = ($row->{'status'} =~ /^[P]{0,1}QUAR$/i) ? "" : "disabled"; + my $ldap_url = $np->cfg->policy(-key => 'LDAP_USER_QUERY', -network => $row->{'ipAddress'}); + my $ldap_puh = $np->cfg->policy(-key => 'LDAP_POPUP_HEIGHT', -network => $row->{'ipAddress'}); + my $ldap_puw = $np->cfg->policy(-key => 'LDAP_POPUP_WIDTH', -network => $row->{'ipAddress'}); + my $ldap_ref = ''; + if ($ldap_url) { + $ldap_puh ||= 480; + $ldap_puw ||= 640; + $ldap_ref = sprintf(qq{<a href="javascript:ldap_popup('$ldap_url', %d, %d);">}, + $row->{'username'}, + $ldap_puw, $ldap_puh); + } -%while (my $row = $results->fetchrow_hashref() ) { -% my $myPendingResults = $np->db->getResults(-mac => $row->{'macAddress'}, -status => 'pending'); -% my $myUFixedResults = $np->db->getResults(-mac => $row->{'macAddress'}, -status => 'user-fixed'); -% my $nPR = 0; -% my $nUFR = 0; -% my $macAddress = $row->{'macAddress'}; -% my $disabled = ($row->{'status'} =~ /^[P]{0,1}QUAR$/i) ? "" : "disabled"; -% -% if (ref($myPendingResults) eq "HASH") { -% $nPR = $#{$myPendingResults->{'type'}} + 1; -% } else { -% print "<P class='error'>getResults($macAddress) failed: $myPendingResults</P>"; -% } -% if (ref($myUFixedResults) eq "HASH") { -% $nUFR = $#{$myUFixedResults->{'type'}} + 1; -% } else { -% print "<P class='error'>getResults($macAddress) failed: $myUFixedResults</P>"; -% } - + if (ref($myPendingResults) eq "HASH") { + $nPR = $#{$myPendingResults->{'type'}} + 1; + } else { + print "<P class='error'>getResults($macAddress) failed: $myPendingResults</P>"; + } + if (ref($myUFixedResults) eq "HASH") { + $nUFR = $#{$myUFixedResults->{'type'}} + 1; + } else { + print "<P class='error'>getResults($macAddress) failed: $myUFixedResults</P>"; + } +</%perl> <tr> <td align='center'><%$row->{'lastSeen'}%> <input type='hidden' name='ids' value="<%$macAddress%>"> @@ -295,9 +314,9 @@ <input type='hidden' name='statusOrig:<%$macAddress%>' value="<%$row->{'status'}%>"> </td> <td align='center'><%$row->{'registeredOn'}%></td> - <td align='center'><%$row->{'username'}%></td> + <td align='center'><%$ldap_ref%><%$row->{'username'}%><%$ldap_ref?"</a>":""%></td> <td align='center'><%$row->{'ipAddress'}%></td> - <td align='center'><code><%$row->{'macAddress'}%></code></td> + <td align='center'><code><a href="/Admin/reports/byclient.mhtml?macs=<%$row->{'macAddress'}%>"><%$row->{'macAddress'}%></a></code></td> <td align='center'><%$q->popup_menu(-name => "uqlinkup:" . $row->{'macAddress'}, -values => [ 'no', 'yes' ], -labels => { Index: greset.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/greset.mhtml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- greset.mhtml 10 Aug 2005 19:52:16 -0000 1.5 +++ greset.mhtml 22 Aug 2005 19:26:08 -0000 1.6 @@ -39,6 +39,8 @@ <%perl> +use Sys::Hostname; + my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); my $isRW; ($isRW, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'QuarAdmin' ], 'group' => 'default'); @@ -50,7 +52,7 @@ if ($ARGS{'quarantineall'}) { if ($np->db->clearRegister()) { - $np->db->reqAppAction('quarall', 'start', ''); + $np->db->reqAppAction('quarall', 'start', '', hostname); $np->db->audit( -user => $m->session->{'username'}, -severity => "ALERT", -msg => [ "Activated Quarantine All Global Reset" ]); @@ -58,7 +60,7 @@ print "<p class='error'>Failed to clear register table. Unquarantine all aborted.</P>"; } } elsif ($ARGS{'unquarantineall'}) { - $np->db->reqAppAction('unquarall', 'start', ''); + $np->db->reqAppAction('unquarall', 'start', '', hostname); $np->db->audit( -user => $m->session->{'username'}, -severity => "ALERT", -msg => [ "Activated Unquarantine All Global Reset" ]); |
|
From: jeff m. <jef...@us...> - 2005-08-22 19:26:18
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3124/bin Modified Files: appstarter.pl import_nessus_scans.pl npsvc.pl update_nessus_plugins.sh Log Message: appstarter changes Index: import_nessus_scans.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/import_nessus_scans.pl,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- import_nessus_scans.pl 8 May 2005 02:35:45 -0000 1.5 +++ import_nessus_scans.pl 22 Aug 2005 19:26:06 -0000 1.6 @@ -59,6 +59,8 @@ my ($dbuser, $dbpass) = exists $opts{'U'} ? split('/', $opts{'U'}) : (undef, undef); +$0 = "import_nessus_scans: connecting to NetPass"; + print "Loading Netpass object ..\n" if $D; my $np = new NetPass(-cstr => exists $opts{'c'} ? $opts{'c'} : undef, @@ -84,19 +86,22 @@ my $pass = $np->cfg->nessus(-key => 'password'); my $port = $np->cfg->nessus(-key => 'port'); -my $ncmd = "$bd/bin/nessus -q -p $host $port $user $pass "; +my $ncmd = "$bd/bin/nessus -c /dev/null -x -q -p $host $port $user $pass "; print qq{Nessus command is: "$ncmd"\n} if $D; +$0 = "import_nessus_scans: connecting to Nessus"; + open(FD, "$ncmd |") || die qq{open of "$ncmd" failed: $!}; my $query = "INSERT IGNORE INTO nessusScans (pluginID, name, family, category, short_desc, description, addedBy, lastModifiedBy, revision, copyright, cve, bugtraq, other_refs) VALUES (?,?,?,?,?,?,'import','import',?,?,?,?,?)"; my $sth = $dbh->prepare($query); - +my $sn = 0; print "Going into read loop ..\n" if $D; while(my $l = <FD>) { + $0 = "import_nessus_scans: importing scans ".$sn++; print qq{Read: "$l"} if $D; my ($id, $family, $name, $category, $copyright, $shortDesc, $revision, $cveId, $bugtraqId, $references, $description) = split(/\|/, $l); Index: update_nessus_plugins.sh =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/update_nessus_plugins.sh,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- update_nessus_plugins.sh 3 Aug 2005 02:46:07 -0000 1.1 +++ update_nessus_plugins.sh 22 Aug 2005 19:26:06 -0000 1.2 @@ -1,5 +1,9 @@ #!/bin/sh -/usr/local/bin/nessus-fetch --plugins +cd /tmp +/usr/local/sbin/nessus-update-plugins +# after the plugins are updated, nessus thinks for a bit +# before you can connect to it. +sleep 300 /opt/netpass/bin/import_nessus_scans.pl exit 0 Index: npsvc.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/npsvc.pl,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- npsvc.pl 16 Aug 2005 19:38:33 -0000 1.6 +++ npsvc.pl 22 Aug 2005 19:26:06 -0000 1.7 @@ -128,19 +128,19 @@ my $smtp = Net::SMTP->new($mailserver); if (!$smtp) { - warn("There was a problem sending email..."); - } - - use Sys::Hostname; - my $shn = (split(/\./, hostname))[0]; - $shn ||= hostname; - $smtp->mail($from); - $smtp->to($to); - $smtp->data(); - $smtp->datasend("Subject: $shn: $subject"); - $smtp->datasend("\n\n\n"); - $smtp->datasend($shn.":\n\n".$mesg); - $smtp->quit; + _log("WARNING", "There was a problem creating the SMTP object.\n"); + } else { + use Sys::Hostname; + my $shn = (split(/\./, hostname))[0]; + $shn ||= hostname; + $smtp->mail($from); + $smtp->to($to); + $smtp->data(); + $smtp->datasend("Subject: $shn: $subject"); + $smtp->datasend("\n\n\n"); + $smtp->datasend($shn.":\n\n".$mesg); + $smtp->quit; + } return (1); } @@ -202,7 +202,7 @@ my $child = fork; return if (defined($child) && ($child > 0)); # parent - setsid or _log("WARN", "$$ child failed to setsid $!\n"); + setsid or _log("WARNING", "$$ child failed to setsid $!\n"); _log("DEBUG", "$$ inchild change to uid=$uid gid=$gid\n"); Index: appstarter.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/appstarter.pl,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- appstarter.pl 10 Aug 2005 19:52:15 -0000 1.5 +++ appstarter.pl 22 Aug 2005 19:26:06 -0000 1.6 @@ -133,6 +133,10 @@ use RUNONCE; use NetPass::LOG qw(_log _cont); +use Proc::ProcessTable; +use Sys::Hostname; + + my $myName = "appstarter"; my %opts; @@ -197,20 +201,20 @@ foreach my $row (@$x) { if ($row->[2] eq "start") { - if (isRunning($row->[1])) { + if (isRunning($row)) { _log("WARNING", $row->[1]. " is already running, so wont start another copy.\n"); - # behavior is to ack the duplicate.XXX } else { start($row); } } elsif ($row->[2] eq "stop") { - if (!isRunning($row->[1])) { + if (!isRunning($row)) { _log("WARNING", $row->[1]. " is not running, so cant stop.\n"); } else { stop($row) unless !isRunning($row->[1]); } } + $np->db->ackAppAction($row->[0]); } } @@ -220,14 +224,14 @@ } sub isRunning { - my $cn = shift; + my $row = shift; + my $cn = $row->[1]; _log("DEBUG", "isRunning $cn\n") if $D; my @pids = (); if ($cn =~ /^([u]{0,1}[n]{0,1})quarall$/) { - use Proc::ProcessTable; my $pt = new Proc::ProcessTable; my $un = $1; foreach my $pte (@{$pt->table}) { @@ -237,13 +241,24 @@ _log("DEBUG", "isRunning looking for $cn found: ".join(',',@pids)."\n") if $D; return @pids; } + + if ($cn eq "reload_nessus_plugins") { + my $pt = new Proc::ProcessTable; + foreach my $pte (@{$pt->table}) { + push @pids, $pte->pid + if ($pte->cmndline =~ /(nessus-fetch|nessus-update-plugins|import_nessus_scans)/); + } + _log("DEBUG", "isRunning looking for $cn found: ".join(',',@pids)."\n") if $D; + return @pids; + } + _log("DEBUG", "shouldnt be here\n"); } sub start { my $row = shift; - my ($rowid, $cmd, $junk, $as) = @$row; + my ($rowid, $cmd, $junk, $as, $hn) = @$row; if ($cmd eq "quarall") { runAs("/opt/netpass/bin/bulk_moveport.pl -N 0.0.0.0/0 -a quarantine", $as); @@ -251,15 +266,57 @@ elsif ($cmd eq "unquarall") { runAs("/opt/netpass/bin/bulk_moveport.pl -N 0.0.0.0/0 -a unquarantine", $as); } + elsif ($cmd eq "reload_nessus_plugins") { + runAs("/opt/netpass/bin/update_nessus_plugins.sh", $as); + } } sub stop { - my $cmd = shift; + my $row = shift; + my ($rowid, $cmd, $junk, $as, $hn) = @$row; + my @pids; + if ($cmd eq "quarall") { # search for "reset: quarantine" + + my $pt = new Proc::ProcessTable; + my $un = $1; + foreach my $pte (@{$pt->table}) { + push @pids, $pte->pid + if ($pte->cmndline =~ /^reset:\squarantine/); + } + _log("DEBUG", "stopping $cmd pids: ".join(',',@pids)."\n") if $D; + kill 9, @pids; + return @pids; } elsif ($cmd eq "unquarall") { # search for "reset: unquarantine" + + my $pt = new Proc::ProcessTable; + my $un = $1; + foreach my $pte (@{$pt->table}) { + push @pids, $pte->pid + if ($pte->cmndline =~ /^reset:\sunquarantine/); + } + _log("DEBUG", "stopping $cmd pids: ".join(',',@pids)."\n") if $D; + kill 9, @pids; + return @pids; + } + elsif ($cmd eq "reload_nessus_plugins") { + # search for "nessus-fetch" + # search for "nessus-update-plugins" + # search for "import_nessus_scans" + # search for "update_nessus_plugins.sh" + + my $pt = new Proc::ProcessTable; + my $un = $1; + foreach my $pte (@{$pt->table}) { + push @pids, $pte->pid + if ($pte->cmndline =~ /(nessus-fetch|nessus-update-plugins|import_nessus_scans|update_nessus_plugins\.sh)/); + } + _log("DEBUG", "stopping $cmd pids: ".join(',',@pids)."\n") if $D; + kill 9, @pids; + return @pids; } } @@ -281,8 +338,6 @@ my $child = fork; return if (defined($child) && ($child > 0)); # parent - #open STDIN, '/dev/null'; - #open STDOUT, '>/dev/null'; setsid or _log("WARN", "$$ child failed to setsid $!\n"); _log("DEBUG", "$$ inchild change to uid=$uid gid=$gid\n"); @@ -300,6 +355,8 @@ } { _log("DEBUG", qq{$$ in child. calling exec\n}) if $D; + open STDIN, '/dev/null'; + open STDOUT, '>/dev/null'; exec($cmd); } _log("ERROR", "child $$ failed to exec($cmd) $!\n"); |
|
From: jeff m. <jef...@us...> - 2005-08-22 19:26:18
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3124/lib/NetPass Modified Files: Config.pm DB.pm Log Message: appstarter changes Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.52 retrieving revision 1.53 diff -u -d -r1.52 -r1.53 --- Config.pm 16 Aug 2005 15:50:09 -0000 1.52 +++ Config.pm 22 Aug 2005 19:26:07 -0000 1.53 @@ -424,7 +424,8 @@ =head2 $bool = $cfg-E<gt>ha_servers(network) -If HA is enabled, returns the list of netpass servers assigned to this network. Else undef. +If HA is enabled, returns the list (ARRAYREF) of netpass servers assigned to this network. +Else undef. =cut Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.53 retrieving revision 1.54 diff -u -d -r1.53 -r1.54 --- DB.pm 16 Aug 2005 15:50:09 -0000 1.53 +++ DB.pm 22 Aug 2005 19:26:07 -0000 1.54 @@ -1700,8 +1700,11 @@ Request a particular action be preformed on the specified process. If you specify serverid (a FQ hostname) it will only run on that -particular server. If you leave it empty (undef) it will run -on all servers. +particular server. If you leave it empty (undef) we'll used the +hostname of the host we are running on as the value. If you want +to run the same command on multiple servers (e.g. if you are running +in HA mode) then you need to insert a separate row for each +server. Returns 0 on failure, 1 on success. @@ -1719,7 +1722,7 @@ my $actionas = shift; my $serverid = shift; - $serverid ||= hostname; + $serverid ||= hostname; if (!defined($proc) || ($proc eq "")) { _log "ERROR", "no process name given\n"; @@ -1740,7 +1743,6 @@ action, actionas, status, serverid) VALUES(FROM_UNIXTIME(?), ?, ?, ?, ?, ?)}; - _log "DEBUG", "sql=$sql\n"; my $sth = $self->{'dbh'}->prepare($sql); if (!$sth->execute()) { @@ -1754,7 +1756,6 @@ } $sth->finish; - _log "DEBUG", "sql=$ins\n"; $sth = $self->{'dbh'}->prepare($ins); if (!$sth->execute(time(), $proc, $action, $actionas, 'pending', $serverid)) { |
|
From: jeff m. <jef...@us...> - 2005-08-22 19:26:18
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/reports In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3124/www/htdocs/Admin/reports Modified Files: byclient.mhtml Log Message: appstarter changes Index: byclient.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/reports/byclient.mhtml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- byclient.mhtml 3 Aug 2005 18:02:21 -0000 1.4 +++ byclient.mhtml 22 Aug 2005 19:26:08 -0000 1.5 @@ -18,8 +18,13 @@ $macs => ''; </%args> -<script><!-- +<script language="JavaScript"><!-- setWhereAmI('Reports'); +function ldap_popup(url, w, h) { + var opts="top=0,left=0,scrollbars,status=no,menubar=no,location=no,toolbar=no,resizable=yes,fullsize=no,width=" + + w + ",height=" + h; + window.open(url, "LDAP Query", opts); +} --></script> <%perl> @@ -153,11 +158,24 @@ foreach my $m (sort @$neis) { next if ($m eq $mac); + my $ldap_url = $np->cfg->policy(-key => 'LDAP_USER_QUERY', -network => $ri->{$m}->{'ipAddress'} ); + my $ldap_puh = $np->cfg->policy(-key => 'LDAP_POPUP_HEIGHT', -network => $ri->{$m}->{'ipAddress'} ); + my $ldap_puw = $np->cfg->policy(-key => 'LDAP_POPUP_WIDTH', -network => $ri->{$m}->{'ipAddress'} ); + my $ldap_ref = ''; + if ($ldap_url) { + $ldap_puh ||= 480; + $ldap_puw ||= 640; + $ldap_ref = sprintf(qq{<a href="javascript:ldap_popup('$ldap_url', %d, %d);">}, + $ri->{$m}->{'username'}, + $ldap_puw, $ldap_puh); + } + my $row = ""; if (exists $ri->{$m}) { $row .= - $q->td($ri->{$m}->{'status'}) . - $q->td($ri->{$m}->{'username'}) . + $q->td(qq{<a href="/Admin/qc.mhtml?mac=$m&submit=search">}. + $ri->{$m}->{'status'}."</a>") . + $q->td($ldap_ref.$ri->{$m}->{'username'}.($ldap_ref?"</a>":"")) . $q->td($ri->{$m}->{'ipAddress'}) . $q->td($ri->{$m}->{'OS'}); } else { @@ -204,12 +222,26 @@ my $rn = 0; foreach my $ma (keys %$mi) { + + my $ldap_url = $np->cfg->policy(-key => 'LDAP_USER_QUERY', -network => $mi->{$ma}->{'ipAddress'} ); + my $ldap_puh = $np->cfg->policy(-key => 'LDAP_POPUP_HEIGHT', -network => $mi->{$ma}->{'ipAddress'} ); + my $ldap_puw = $np->cfg->policy(-key => 'LDAP_POPUP_WIDTH', -network => $mi->{$ma}->{'ipAddress'} ); + my $ldap_ref = ''; + if ($ldap_url) { + $ldap_puh ||= 480; + $ldap_puw ||= 640; + $ldap_ref = sprintf(qq{<a href="javascript:ldap_popup('$ldap_url', %d, %d);">}, + $mi->{$ma}->{'username'}, + $ldap_puw, $ldap_puh); + } + push @rows, $q->TR( { -id => $rl[$rn % 2].$rn, -class => $rl[$rn % 2] }, $q->td({-class => 'mono', -id => 'macCell'.$rn}, NetPass::padMac($ma)), - $q->td($mi->{$ma}->{'status'}), - $q->td($mi->{$ma}->{'username'}), + $q->td(qq{<a href="/Admin/qc.mhtml?mac=$ma&submit=search">}. + $mi->{$ma}->{'status'}."</a>"), + $q->td($ldap_ref.$mi->{$ma}->{'username'}.($ldap_ref?"</a>":"")), $q->td($mi->{$ma}->{'ipAddress'}), $q->td($mi->{$ma}->{'OS'}), $q->td($mi->{$ma}->{'switchIP'}), |
|
From: jeff m. <jef...@us...> - 2005-08-22 19:26:17
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3124/www/htdocs/Admin/Scan Modified Files: index.mhtml Log Message: appstarter changes Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan/index.mhtml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- index.mhtml 16 Aug 2005 14:04:34 -0000 1.7 +++ index.mhtml 22 Aug 2005 19:26:08 -0000 1.8 @@ -120,10 +120,32 @@ if ($update) { if ($readOnly eq "") { + my %hosts = ( &hostname => 1 ); + my $allnw = $np->cfg->getNetworks(); + if (ref($allnw) eq "ARRAY") { + foreach my $nw (@$allnw) { + if ( $np->cfg->ha($nw) ) { + my $svrs = $np->cfg->ha_servers($nw); + if (ref($svrs) eq "ARRAY") { + foreach my $sn (@$svrs) { + $hosts{$sn} = 1; + } + } + } + } + } else { + _log ("ERROR", "getNetworks returns no networks\n"); + print $q->p({-class=>'error'}, "No networks are configured? I can't reload the plugins."); + } + if ($service eq "Nessus") { - $np->db->reqAppAction('reload_nessus_plugins', 'start', ''); + foreach my $hn (keys %hosts) { + $np->db->reqAppAction('reload_nessus_plugins', 'start', 'root', $hn); + } } else { - $np->db->reqAppAction('reload_snort_plugins', 'start', ''); + foreach my $hn (keys %hosts) { + $np->db->reqAppAction('reload_snort_plugins', 'start', 'root', $hn); + } } } else { # this really shouldnt happen. we dont give them a Refresh Plugins button |
|
From: jeff m. <jef...@us...> - 2005-08-22 19:26:17
|
Update of /cvsroot/netpass/NetPass/www/htdocs In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3124/www/htdocs Modified Files: autohandler Log Message: appstarter changes Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/autohandler,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- autohandler 25 Apr 2005 19:15:02 -0000 1.6 +++ autohandler 22 Aug 2005 19:26:08 -0000 1.7 @@ -9,6 +9,12 @@ </%args> <%init> +if ( ($r->uri =~ /^\/Admin\//) && ($ENV{'HTTP_X_MOZ'} eq "prefetch") ) { + use Apache::Constants; + _log("DEBUG", "GWA denied for ".join(' ', $r->hostname, $r->uri)); + return FORBIDDEN; +} + use NetPass; use NetPass::Config; use NetPass::DB; |
|
From: jeff m. <jef...@us...> - 2005-08-22 19:26:15
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3124 Modified Files: CHANGES Log Message: appstarter changes Index: CHANGES =================================================================== RCS file: /cvsroot/netpass/NetPass/CHANGES,v retrieving revision 1.16 retrieving revision 1.17 diff -u -d -r1.16 -r1.17 --- CHANGES 16 Aug 2005 19:38:33 -0000 1.16 +++ CHANGES 22 Aug 2005 19:26:06 -0000 1.17 @@ -203,3 +203,9 @@ jcm added npapid to ldirectord jcm added npapid-netpass-check.cgi checker so LVS can see if it's running or not. + jcm altered /etc/init.d/netpass so most scripts run as 'netpass' + and only those that require root run as root + +2005-08-27 + jcm additions to appstarter so that the nessus (scanconfig) 'refresh plugins' + button actually does something |
|
From: Matt <mt...@us...> - 2005-08-16 21:23:36
|
Update of /cvsroot/netpass/NetPass-Snort/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4698 Modified Files: npsnortd.pl Log Message: Index: npsnortd.pl =================================================================== RCS file: /cvsroot/netpass/NetPass-Snort/bin/npsnortd.pl,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -d -r1.1.1.1 -r1.2 --- npsnortd.pl 10 Aug 2005 20:14:50 -0000 1.1.1.1 +++ npsnortd.pl 16 Aug 2005 21:23:28 -0000 1.2 @@ -70,8 +70,9 @@ my $DEFAULTPORT = 20008; my $DEFAULTSNORTLOG = "/opt/snort/logs/snort.log"; my $TIMEOUT = 300; +my $DEFAULTSNORTPID = "/var/run/snort_dag0.pid"; -getopts('s:S:p:P:r:l:f:t:qDh?', \%opts); +getopts('s:S:p:P:r:l:f:t:b:qDh?', \%opts); pod2usage(2) if exists $opts{'h'} || exists $opts{'?'}; pod2usage(2) if !exists $opts{'s'} || !exists $opts{'S'}; @@ -98,7 +99,21 @@ # process snort logs from here on in my $logfile = (exists $opts{'l'}) ? $opts{'l'} : $DEFAULTSNORTLOG; -die "Unable to open $logfile" unless -e $logfile; + +if (!-e $logfile) { + # if logfile doesnt exist touch it + my $fh = new FileHandle("> $logfile"); + $fh->close(); + + my $pidfile = (exists $opts{'p'}) ? $opts{'p'} : $DEFAULTSNORTPID; + if (-e $pidfile) { + my $fh = new FileHandle($pidfile); + my $pid = $fh->getline; + $fh->close; + chomp $pid; + kill(0, $pid) if $pid =~ /^\d+$/; + } +} my $fh = new File::Tail ( name => $logfile, |
|
From: jeff m. <jef...@us...> - 2005-08-16 20:44:49
|
Update of /cvsroot/netpass/NetPass-Snort In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28171 Modified Files: MANIFEST Log Message: init script change Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass-Snort/MANIFEST,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -d -r1.1.1.1 -r1.2 --- MANIFEST 10 Aug 2005 20:14:50 -0000 1.1.1.1 +++ MANIFEST 16 Aug 2005 20:44:39 -0000 1.2 @@ -1,9 +1,9 @@ -MANIFEST -Makefile.PL -lib/NetPass/Snort.pm -bin/npsnortd.pl -LICENSE -etc/init.d/npsnortd -etc/sysconfig/npsnortd -etc/sysconfig/snort -etc/snort.conf +./MANIFEST +./LICENSE +./bin/npsnortd.pl +./etc/init.d/npsnortd +./etc/snort.conf +./etc/sysconfig/npsnortd +./etc/sysconfig/snort +./Makefile.PL +./lib/NetPass/Snort.pm |
|
From: jeff m. <jef...@us...> - 2005-08-16 20:44:48
|
Update of /cvsroot/netpass/NetPass-Snort/etc/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28171/etc/init.d Modified Files: npsnortd Log Message: init script change Index: npsnortd =================================================================== RCS file: /cvsroot/netpass/NetPass-Snort/etc/init.d/npsnortd,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -d -r1.1.1.1 -r1.2 --- npsnortd 10 Aug 2005 20:14:50 -0000 1.1.1.1 +++ npsnortd 16 Aug 2005 20:44:40 -0000 1.2 @@ -3,6 +3,7 @@ # npsnortd Start/Stop npsnortd. # # chkconfig: 2345 40 60 +# description: npsnort control daemon # # Source function library. . /etc/rc.d/init.d/functions |
|
From: jeff m. <jef...@us...> - 2005-08-16 19:38:43
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14679 Modified Files: CHANGES MANIFEST Log Message: bug fixe, lvs addition Index: CHANGES =================================================================== RCS file: /cvsroot/netpass/NetPass/CHANGES,v retrieving revision 1.15 retrieving revision 1.16 diff -u -d -r1.15 -r1.16 --- CHANGES 16 Aug 2005 16:31:32 -0000 1.15 +++ CHANGES 16 Aug 2005 19:38:33 -0000 1.16 @@ -199,3 +199,7 @@ bsw setting to be lost jcm bug fix to mr.mhtml - permissions problem if in both Reports and ScanAdmin acl + jcm bug fixes to npsvc daemon + jcm added npapid to ldirectord + jcm added npapid-netpass-check.cgi checker so LVS can see if it's + running or not. Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.53 retrieving revision 1.54 diff -u -d -r1.53 -r1.54 --- MANIFEST 10 Aug 2005 19:52:15 -0000 1.53 +++ MANIFEST 16 Aug 2005 19:38:33 -0000 1.54 @@ -255,6 +255,7 @@ www/htdocs/netpass.mhtml www/htdocs/survey.mhtml www/htdocs/snmptrapd-netpass-check.cgi +www/htdocs/npapid-netpass-check.cgi CHANGES LICENSE MANIFEST |
