netpass-devel Mailing List for NetPass (Page 7)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: jeff m. <jef...@us...> - 2005-08-10 19:52:24
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8611/install.d/init.d Modified Files: netpass Log Message: bug fixes Index: netpass =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/init.d/netpass,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- netpass 3 Aug 2005 02:44:38 -0000 1.5 +++ netpass 10 Aug 2005 19:52:15 -0000 1.6 @@ -72,6 +72,8 @@ echo #[ $RETVAL -eq 0 ] && exit $RETVAL + touch /var/lock/subsys/netpass + return 0 } @@ -92,6 +94,8 @@ killproc npapid.pl echo + rm -f /var/lock/subsys/netpass + return 0 } |
|
From: jeff m. <jef...@us...> - 2005-08-10 19:52:24
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8611/bin Modified Files: appstarter.pl npsvc.pl Log Message: bug fixes Index: npsvc.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/npsvc.pl,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- npsvc.pl 4 Aug 2005 20:41:17 -0000 1.2 +++ npsvc.pl 10 Aug 2005 19:52:15 -0000 1.3 @@ -70,6 +70,14 @@ while (1) { print scalar(localtime), " wakeup\n" if $D; + + if (! -e "/var/lock/subsys/netpass") { + print scalar(localtime), " /var/lock/subsys/netpass doesnt exist. go to sleep.\n" + if $D; + sleep ($ST); + next; + } + foreach my $svc (keys %$proctowatch) { print scalar(localtime), " doing $svc\n" if $D; my $pid = RUNONCE::alreadyRunning($svc); @@ -90,7 +98,7 @@ } if ($action eq 'restart') { print scalar(localtime), " restarting $svc\n"; - system($proctowatch->{$svc}{'cmd'}); + runAs($proctowatch->{$svc}{'cmd'}); } } print scalar(localtime), " sleeping for $ST seconds\n" if $D; @@ -156,3 +164,38 @@ $fh->close(); return \%pw; } + +sub runAs { + my $cmd = shift; + my $as = shift; + $as ||= "netpass"; + my ($uid,$gid) = (getpwnam($as))[2,3]; + if (!defined($uid)) { + _log("ERROR", "no such user $as\n"); + return; + } + unless ($cmd) { + _log("ERROR", "cmd empty\n"); + return; + } + + _log("DEBUG", qq{exec'ing as $as cmd "$cmd"\n}) if $D; + my $child = fork; + return if ($child); # parent + + open STDIN, '/dev/null'; + open STDOUT, '>/dev/null'; + setsid; + + if (setgid($gid)) { + _log("ERROR", "child $$ failed to setgid($gid) $!\n"); + exit 0; + } + if (setuid($uid)) { + _log("ERROR", "child $$ failed to setuid($uid) $!\n"); + exit 0; + } + exec($cmd); + _log("ERROR", "child $$ failed to exec($cmd) $!\n"); + exit 0; +} Index: appstarter.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/appstarter.pl,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- appstarter.pl 3 Aug 2005 02:44:38 -0000 1.4 +++ appstarter.pl 10 Aug 2005 19:52:15 -0000 1.5 @@ -189,7 +189,7 @@ RUNONCE::handleConnection(); - my $x = $np->db->getAppAction(); + my $x = $np->db->getAppAction(1); if (ref($x) ne "ARRAY") { _log("ERROR", "getAppAction failed: $x\n"); } else { @@ -211,6 +211,7 @@ stop($row) unless !isRunning($row->[1]); } } + $np->db->ackAppAction($row->[0]); } } @@ -276,23 +277,31 @@ return; } - _log("DEBUG", qq{exec'ing as $as cmd "$cmd"\n}) if $D; + _log("DEBUG", qq{forking to exec as $as cmd "$cmd"\n}) if $D; my $child = fork; - return if ($child); # parent + return if (defined($child) && ($child > 0)); # parent - open STDIN, '/dev/null'; - open STDOUT, '>/dev/null'; - setsid; + #open STDIN, '/dev/null'; + #open STDOUT, '>/dev/null'; + setsid or _log("WARN", "$$ child failed to setsid $!\n"); - if (setgid($gid)) { - _log("ERROR", "child $$ failed to setgid($gid) $!\n"); + _log("DEBUG", "$$ inchild change to uid=$uid gid=$gid\n"); + + my $rv = setgid($gid); + + unless ($rv) { + _log("ERROR", "$$ child failed to setgid($gid) rv=$rv err=$!\n"); exit 0; } - if (setuid($uid)) { - _log("ERROR", "child $$ failed to setuid($uid) $!\n"); + $rv = setuid($uid); + unless ($rv) { + _log("ERROR", "$$ child failed to setuid($uid) rv=$rv err=$!\n"); exit 0; } - exec($cmd); + { + _log("DEBUG", qq{$$ in child. calling exec\n}) if $D; + exec($cmd); + } _log("ERROR", "child $$ failed to exec($cmd) $!\n"); exit 0; } |
|
From: jeff m. <jef...@us...> - 2005-08-10 19:52:23
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8611 Modified Files: CHANGES MANIFEST install Log Message: bug fixes Index: CHANGES =================================================================== RCS file: /cvsroot/netpass/NetPass/CHANGES,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- CHANGES 3 Aug 2005 02:44:38 -0000 1.9 +++ CHANGES 10 Aug 2005 19:52:15 -0000 1.10 @@ -177,4 +177,6 @@ jcm lots of bugs fixed 2005-08-10 2.0 released - + jcm bug fixes to appstarter + jcm perms adjustments to ids cfg + jcm bug fix in netpass.pm validate code Index: install =================================================================== RCS file: /cvsroot/netpass/NetPass/install,v retrieving revision 1.24 retrieving revision 1.25 diff -u -d -r1.24 -r1.25 --- install 4 Aug 2005 06:45:23 -0000 1.24 +++ install 10 Aug 2005 19:52:15 -0000 1.25 @@ -173,6 +173,8 @@ uninstallSwatch(); depatchConf("/etc", "fstab"); + depatchConf("/etc", "inittab"); + lsystem("/sbin/init q"); dropDatabase(); lprint ("NetPass uninstall finished.\n"); @@ -243,6 +245,13 @@ } lsystem("/etc/init.d/syslog restart"); +my $smtp_server = ask("Some of the NetPass subsystems send problem alerts via email.\n\ +Enter an SMTP server here: "); + +patchConf("/etc", "inittab", { '%SMTPHOST%' => $smtp_server }); +lsystem("/sbin/init q"); + +configureNPSVC($TARGET); my $squidRV = patchSquidConf($PKGDIR, "install.d/squid.conf"); @@ -360,6 +369,12 @@ "); + my $apicli = ask("Enter the IP addresses of all of your NetPass API Clients (a netblock is OK). +We'll use this to permit API traffic from those clients. Enter the addresses on a single line, +separated by spaces: + +"); + my $npvip = ''; my $redir1 = ''; my $redir2 = ''; @@ -415,6 +430,10 @@ $l =~ s/%TRAPDEVS%/$trappers/g; $l =~ s/^#TRAP//; } + if ($apicli ne "") { + $l =~ s/%APICLIENTS%/$apicli/g; + $l =~ s/^#API//; + } $l =~ s/%MYIP%/$myip/g; print $fo $l; @@ -717,7 +736,7 @@ } sub patchConf { - my ($b, $f) = (shift, shift); + my ($b, $f, $rh) = (shift, shift, shift); ll("Patching configuration file: $b/$f"); @@ -749,6 +768,14 @@ return; } + # perform any search/replace instructions + + if (ref($rh) eq "HASH") { + foreach my $srk (keys %$rh) { + searchReplace(\@d, $srk, $rh->{$srk}); + } + } + # check to see if the patch is already applied if (grep (/$marker/, @s)) { Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.52 retrieving revision 1.53 diff -u -d -r1.52 -r1.53 --- MANIFEST 4 Aug 2005 20:41:17 -0000 1.52 +++ MANIFEST 10 Aug 2005 19:52:15 -0000 1.53 @@ -73,7 +73,6 @@ doc/netfilter_conntrack_perf.txt etc/netpass-example.conf etc/oui.txt -etc/npsvc.conf etc/npsvc-example.conf install.d/logrotate.d/apache install.d/logrotate.d/netpass @@ -113,6 +112,7 @@ install.d/sysconfig.snort install.d/create-indexes.sql install.d/sysctl.conf +install.d/inittab lib/Bundle/NetPass/API.pm lib/Bundle/NetPass1.pm lib/Bundle/NetPass2.pm |
|
From: jeff m. <jef...@us...> - 2005-08-10 19:52:23
|
Update of /cvsroot/netpass/NetPass/etc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8611/etc Added Files: npsvc-example.conf Removed Files: npsvc.conf Log Message: bug fixes --- npsvc.conf DELETED --- --- NEW FILE: npsvc-example.conf --- # service email action <restart|norestart> command with args # npapi ad...@do... restart /opt/netpass/bin/npapid.pl resetport %EMAIL% restart /opt/netpass/bin/resetport.pl /opt/netpass/log/snmptraps.log portmover %EMAIL% restart /opt/netpass/bin/portmover.pl |
|
From: Jeff M. <jcm...@os...> - 2005-08-09 22:39:10
|
White, Stephen P. wrote: > All, > > I'm not a programmer, so have no idea what is in the code. But, based on > the description, this looks promising for integration into netpass > perhaps. I haven't been following along on this list as closely as I > could have, but the last I heard there was no "agent" for netpass, but > plans to try to use the cisco freebie. > > We are currently using Netreg & moving towards netpass. > > Thanks, > > Steve i have the following list (originally from the resnet-l list) stashed away for future ref... eventually i expect we'll have to look seriously at an agent because nessus has limited utility in an environment with alot of personal firewalls. "Check out http://www.utoronto.ca/security/UTORprotect/ESP/ It is based on the Microsoft Baseline Security Analyzer Command Line Interface and can check for missing patches. " "We sue the CNI Cat (Client Assessment Tool) tool. It comes as both an ActiveX client that can be run through the web and as a standalone exe. It is a commercial product. It checks for AV, Windows Updates, and sets Windows updates to automatic. It also does a number of other things. We are very pleased with it. http://www.classicnetworking.com" "Probably the best freebie: <http://www.belarc.com/Programs/advisor.exe> This one is web-based: <http://www.pedestalsoftware.com/products/se/downloads/webscan/> Then we can start looking at the better ones: <http://software.gfi.com/lannetscan.exe> <http://www.eeye.com/html/temp/DLdotcom/Retina511Demo.exe> <http://www.lavalys.hu/downloads/everestpro151.zip> GFI and eEye are really security scanners but they do have some nice system audit features. EVEREST Professional is very good but it will only last for a month or so." > > > -----Original Message----- > From: net...@so... > [mailto:net...@so...] On Behalf Of Jefferson Cowart > Sent: Tuesday, August 09, 2005 3:02 PM > To: 'NetReg - an automated DHCP registration system' > Subject: RE: NetReg: using Nessus > > If people are looking for a solution like this that is GPL, you can take > a > look at the NetReg client I developed last summer. It has many of the > same > features (AV, Windows Updates, Spyware, etc.). The one caveat is at the > moment, there is little documentation aside from the code itself (which > is > decently commented). That said I'm happy to answer questions about the > code > and plan on actually writing some docs sometime. You can take a look at > the > subversion repository of all the code at > https://svn.cs.pomona.edu/its/Programming/NetRegClient/trunk/. > > > ---------------- > Thanks > Jefferson Cowart > Je...@co... > > Thanks, > > Steve > > Stephen White > LAN Engineer - Principal > University of Missouri St. Louis > > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Netpass-devel mailing list > Net...@li... > https://lists.sourceforge.net/lists/listinfo/netpass-devel > |
|
From: White, S. P. <wh...@um...> - 2005-08-09 21:42:16
|
All, I'm not a programmer, so have no idea what is in the code. But, based on the description, this looks promising for integration into netpass perhaps. I haven't been following along on this list as closely as I could have, but the last I heard there was no "agent" for netpass, but plans to try to use the cisco freebie.=20 We are currently using Netreg & moving towards netpass.=20 Thanks, Steve -----Original Message----- From: net...@so... [mailto:net...@so...] On Behalf Of Jefferson Cowart Sent: Tuesday, August 09, 2005 3:02 PM To: 'NetReg - an automated DHCP registration system' Subject: RE: NetReg: using Nessus If people are looking for a solution like this that is GPL, you can take a look at the NetReg client I developed last summer. It has many of the same features (AV, Windows Updates, Spyware, etc.). The one caveat is at the moment, there is little documentation aside from the code itself (which is decently commented). That said I'm happy to answer questions about the code and plan on actually writing some docs sometime. You can take a look at the subversion repository of all the code at https://svn.cs.pomona.edu/its/Programming/NetRegClient/trunk/.=20 ---------------- Thanks Jefferson Cowart Je...@co... =20 Thanks, =20 Steve =20 Stephen White LAN Engineer - Principal University of Missouri St. Louis |
|
From: Matt <mt...@us...> - 2005-08-08 13:07:09
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8760 Modified Files: API.pm Log Message: Index: API.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/API.pm,v retrieving revision 1.25 retrieving revision 1.26 diff -u -d -r1.25 -r1.26 --- API.pm 3 Aug 2005 02:44:39 -0000 1.25 +++ API.pm 8 Aug 2005 13:06:58 -0000 1.26 @@ -365,8 +365,8 @@ if ($arrays) { for (my $i = 0; $i <= $#$type; $i++) { - my $t = "Unknown"; - $t = localtime($time->[$i]) if $time->[$i] =~ /^\d+$/; + my $t = $time->[$i]; + $t = localtime($time->[$i]) if $time->[$i] =~ /^\d+$/; if ($mode eq "not_really") { push @msgs, sprintf("%s report-only for violation of %d plugin at %s.", @@ -378,8 +378,8 @@ } } } else { - my $t = "Unknown"; - $t = localtime($time) if $time =~ /^\d+$/; + my $t = $time; + $t = localtime($time) if $time =~ /^\d+$/; if ($mode eq "not_really") { push @msgs, sprintf("%s report-only for violation of %d plugin at %s", |
|
From: jeff m. <jef...@us...> - 2005-08-05 15:34:08
|
Update of /cvsroot/netpass/NetPass/lib In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14355/lib Modified Files: NetPass.pm Log Message: bug fix Index: NetPass.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass.pm,v retrieving revision 1.19 retrieving revision 1.20 diff -u -d -r1.19 -r1.20 --- NetPass.pm 4 Aug 2005 20:41:17 -0000 1.19 +++ NetPass.pm 5 Aug 2005 15:33:59 -0000 1.20 @@ -330,7 +330,7 @@ no strict 'refs'; - my $auth_mod = $self->{'cfg'}->policy(-key => 'AUTH_METHOD'); + my $auth_mod = $self->cfg->policy(-key => 'AUTH_METHOD'); _log "DEBUG", "auth_meth = $auth_mod\n"; if (exists $self->{'auth_mod_loaded'}) { @@ -367,7 +367,7 @@ no strict 'refs'; - my $auth_mod = $self->{'cfg'}->policy(-key => 'ADMIN_AUTH_METHOD'); + my $auth_mod = $self->cfg->policy(-key => 'ADMIN_AUTH_METHOD'); _log "DEBUG", "admin_auth_meth = $auth_mod\n"; if (exists $self->{'auth_mod_loaded'}) { @@ -425,7 +425,7 @@ sub enforceMultiMacPolicy { my ($self, $mac, $ip, $status, $sw, $po, $mp, $pm) = @_; - if ( $self->policy(-key => 'MULTI_MAC') eq "ALL_OK" ) { + if ( $self->cfg->policy(-key => 'MULTI_MAC') eq "ALL_OK" ) { _log "DEBUG", "$mac $ip MULTI_MAC policy is ALL_OK $sw/$po\n"; my $allOK = 1; my @OKmacs; @@ -481,7 +481,7 @@ # XXX ELSE DISALLOWED # XXX for future implementation - _log "ERROR", "MULTI_MAC policy ".$self->policy(-key => 'MULTI_MAC')." not implemented\n"; + _log "ERROR", "MULTI_MAC policy ".$self->cfg->policy(-key => 'MULTI_MAC')." not implemented\n"; return ($status, $sw, $po); } |
|
From: jeff m. <jef...@us...> - 2005-08-04 20:41:30
|
Update of /cvsroot/netpass/NetPass/www/components/Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10393/www/components/Client Modified Files: BeginScan Log Message: bug fixes to npsvc watcher, added some additional client logging Index: BeginScan =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/BeginScan,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- BeginScan 3 Aug 2005 01:26:12 -0000 1.10 +++ BeginScan 4 Aug 2005 20:41:18 -0000 1.11 @@ -46,6 +46,8 @@ my $plugin_total = $parms->{'pitot'}; return if ($plugin_total < 1); + #_log("DEBUG", $parms->{'mac'}." ".$parms->{'ip'}." cmb2=".$cbm->[2]."\n"); + my $max_iteration = (split('/', $cbm->[2]))[1]; $max_iteration ||= $plugin_total; @@ -58,6 +60,7 @@ my $percent_done = int(100*(eval($cbm->[2]))); + print qq{<!-- $cbm->[2] -->}; print qq{<image style='margin: 0px 1px 0px 1px; ' src="$progress_image" border="0" width="$progress_step_pixel_width" height="10" alt="$percent_done percent">}; $m->flush_buffer(); }; @@ -69,7 +72,9 @@ password => $np->cfg->nessus(-key => 'password'), ssl => 1, timeout => 20, debug => 0, callback => $progressBar, - callbackparms => { pitot => $plugin_total } + callbackparms => { 'pitot' => $plugin_total, + 'mac' => $mac, + 'ip' => $ip } ); $nessus->preferences( { host_expansion => 'none', @@ -101,8 +106,8 @@ print "<div style=\"display: inline;\">"; if( !$nessus->login()) { - _log("ERROR", "couldnt login to nessus server\n"); - _log("ERROR", "Nessus login failed code=", $nessus->code, + _log("ERROR", "$mac $ip couldnt login to nessus server\n"); + _log("ERROR", "$mac $ip Nessus login failed code=", $nessus->code, " err=", $nessus->error, "\n"); $m->comp('/Audit', 'msg' => [ 'end scan (nessus login failed)' ]); @@ -113,8 +118,9 @@ goto scan_finished; } - print "\n<!-- PIDS: ", join(',',@$pids), "-->\n"; + _log("DEBUG", "$mac $ip plugin_set\n"); $nessus->plugin_set(join(';', @$pids)); + _log("DEBUG", "$mac $ip attack\n"); $nessus->attack($ip); _log("DEBUG", "$mac $ip end scan\n"); |
|
From: jeff m. <jef...@us...> - 2005-08-04 20:41:26
|
Update of /cvsroot/netpass/NetPass/lib In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10393/lib Modified Files: NetPass.pm RUNONCE.pm Log Message: bug fixes to npsvc watcher, added some additional client logging Index: RUNONCE.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/RUNONCE.pm,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -d -r1.1.1.1 -r1.2 --- RUNONCE.pm 24 Sep 2004 01:05:20 -0000 1.1.1.1 +++ RUNONCE.pm 4 Aug 2005 20:41:18 -0000 1.2 @@ -10,6 +10,9 @@ # to read them. # # $Log$ +# Revision 1.2 2005/08/04 20:41:18 jeffmurphy +# bug fixes to npsvc watcher, added some additional client logging +# # Revision 1.1.1.1 2004/09/24 01:05:20 jeffmurphy # Initial import. # @@ -28,6 +31,7 @@ use Fcntl; my $listen = undef; $RUNONCE::VERSION = "1.0"; +$RUNONCE::SANITY = 1; sub D { 0; } @@ -56,13 +60,15 @@ sub alreadyRunning { my ($ps, $rt, $lq) = (shift, shift, shift); + my $psO = $ps; + if(defined($ps)) { if($ps !~ /^\d+$/) { my $portNum = getservbyname($ps, 'tcp'); if(!defined($portNum)) { die "$$ RUNONCE::alreadyRunning() : unknown port <$ps>"; } - $portNum = $ps; + $ps = $portNum; } } else { @@ -81,7 +87,7 @@ print "\n\n$$ alreadyRunning try #$i\n" if &RUNONCE::D; - $pid = RUNONCE::alreadyRunning2($ps, $lq); + $pid = RUNONCE::alreadyRunning2($ps, $lq, $psO); print "\n$$ alreadyRunning2 returned $pid\n" if &RUNONCE::D; return $pid if($pid != -1); @@ -90,8 +96,8 @@ return $pid; } -sub alreadyRunning2($$) { - my ($ps, $lq) = (shift, shift); +sub alreadyRunning2($$$) { + my ($ps, $lq, $psO) = (shift, shift, shift); my $mn = $0; if($mn =~ /([^\/]+)$/) { $mn = $1; @@ -124,7 +130,7 @@ if(defined($c)) { print "$$ reading from remote\n" if &RUNONCE::D; my $l = $c->getline(); - print "$$ read ", length($l), " from remote\n" if &RUNONCE::D; + print "$$ read ", (defined($l)?length($l):"UNDEF"), " from remote\n" if &RUNONCE::D; if(!defined($l)) { # remote end closed cnx on us @@ -134,8 +140,10 @@ } chomp($l); - print "$$ remote sent \"$l\"\n" - if &RUNONCE::D; + if (&RUNONCE::D) { + print qq{$$ remote sent "$l" (expecting /^$psO/)\n} if !$RUNONCE::SANITY; + print qq{$$ remote sent "$l" (expecting "$mn")\n} if $RUNONCE::SANITY; + } if($l =~ /(\d+)\s(.*)/) { $remoteName = $2; @@ -146,8 +154,12 @@ # basename. this is a sanity check and # we punt if it fails. - if($remoteName ne $mn) { - warn "$$ remoteName isnt what i expected.\nexpected=\"$mn\" got=\"$remoteName\""; + if($RUNONCE::SANITY && ($remoteName ne $mn)) { + warn qq{$$ remoteName isnt what i expected.\nexpected="$mn" got="$remoteName" (sanity on)}; + return -1; + } + elsif (!$RUNONCE::SANITY && ($remoteName !~ /^$psO/)) { + warn qq{$$ remoteName isnt what i expected.\nexpected=/^$psO/ got="$remoteName" (sanity off)}; return -1; } } else { Index: NetPass.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass.pm,v retrieving revision 1.18 retrieving revision 1.19 diff -u -d -r1.18 -r1.19 --- NetPass.pm 8 May 2005 02:35:45 -0000 1.18 +++ NetPass.pm 4 Aug 2005 20:41:17 -0000 1.19 @@ -716,6 +716,7 @@ } _log "DEBUG", "$mac $ip could not find us on the network!\n"; + $self->db->audit(-mac => $mac, -ip => $ip, -msg => [ "could not find us on the network! is our switch/port configured?" ]); return (undef, undef, undef, undef); } |
|
From: jeff m. <jef...@us...> - 2005-08-04 20:41:26
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10393 Modified Files: MANIFEST Log Message: bug fixes to npsvc watcher, added some additional client logging Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.51 retrieving revision 1.52 diff -u -d -r1.51 -r1.52 --- MANIFEST 3 Aug 2005 02:44:38 -0000 1.51 +++ MANIFEST 4 Aug 2005 20:41:17 -0000 1.52 @@ -70,9 +70,11 @@ doc/snort-2.3.3-vlan.patch doc/ebtablesnmpsetup.txt doc/npinline-l3.txt +doc/netfilter_conntrack_perf.txt etc/netpass-example.conf etc/oui.txt etc/npsvc.conf +etc/npsvc-example.conf install.d/logrotate.d/apache install.d/logrotate.d/netpass install.d/logrotate.d/snort @@ -110,6 +112,7 @@ install.d/drop-indexes.sql install.d/sysconfig.snort install.d/create-indexes.sql +install.d/sysctl.conf lib/Bundle/NetPass/API.pm lib/Bundle/NetPass1.pm lib/Bundle/NetPass2.pm |
|
From: jeff m. <jef...@us...> - 2005-08-04 20:41:26
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10393/bin Modified Files: npsvc.pl Log Message: bug fixes to npsvc watcher, added some additional client logging Index: npsvc.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/npsvc.pl,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- npsvc.pl 21 Jul 2005 15:49:42 -0000 1.1 +++ npsvc.pl 4 Aug 2005 20:41:17 -0000 1.2 @@ -36,10 +36,13 @@ use Pod::Usage; use FileHandle; use Net::SMTP; +use Data::Dumper; use lib qw(/opt/netpass/lib); use RUNONCE; +$RUNONCE::SANITY = 0; + my $proctowatch = {}; my $DEFAULTCONFIG = "/opt/netpass/etc/npsvc.conf"; my $WAITPERIOD = 300; @@ -48,11 +51,14 @@ $SIG{'HUP'} = \&handler; my %opts; -getopts('c:m:w:h', \%opts); +getopts('s:c:m:w:hD', \%opts); pod2usage(2) if exists $opts{'h'}; my $config = (exists $opts{'c'}) ? $opts{'c'} : $DEFAULTCONFIG; my $waittime = (exists $opts{'w'}) ? $opts{'w'} : $WAITPERIOD; +my $D = (exists $opts{'D'}) ? 1 : 0; +my $ST = (exists $opts{'s'}) ? $opts{'s'} : 30; + die "File $config does not exist!" unless -e $config; my $mailserver = (exists $opts{'m'}) ? $opts{'m'} : ""; @@ -60,15 +66,21 @@ $proctowatch = processConfFile($config); sleep($waittime); +print "Config is:\n", Dumper($proctowatch), "\n"; + while (1) { + print scalar(localtime), " wakeup\n" if $D; foreach my $svc (keys %$proctowatch) { + print scalar(localtime), " doing $svc\n" if $D; my $pid = RUNONCE::alreadyRunning($svc); next if ($pid > 0); RUNONCE::close; my $action = $proctowatch->{$svc}{'action'}; + if ($mailserver ne "" && time() > ($proctowatch->{$svc}{'lastemailed'} + $EMAILTIMEOUT)) { + print scalar(localtime), " sending email for $svc\n"; Email("npsvc", $proctowatch->{$svc}{'email'}, "$svc down $action", @@ -76,10 +88,13 @@ $mailserver); $proctowatch->{$svc}{'lastemailed'} = time(); } - system($proctowatch->{$svc}{'cmd'}) - if ($action eq 'restart'); + if ($action eq 'restart') { + print scalar(localtime), " restarting $svc\n"; + system($proctowatch->{$svc}{'cmd'}); + } } - sleep (30); + print scalar(localtime), " sleeping for $ST seconds\n" if $D; + sleep ($ST); } exit 0; @@ -115,14 +130,24 @@ $fh->open($file) || die "Unable to open $file"; while (my $line = $fh->getline) { + chomp($line); + print "config: <$line>\n" if $D; next if ($line =~ /^\s*\#/); my($port, $email, $action, $cmd) = split(/\s+/, $line, 4); - chomp $cmd; + print "config(pre-regexp): <$port> <$email> <$action> <$cmd>\n" if $D; + if ($email !~ /^\w+\@\w*\.*\w*\.*\w+\.\w+$/) { + print "config(email) <$email> didnt parse\n"; + } + if (! -e (split(/\s+/, $cmd))[0]) { + print "config(cmd) <$cmd> not executable\n"; + } next if ($cmd eq '' || $email !~ /^\w+\@\w*\.*\w*\.*\w+\.\w+$/ || $port eq '' || $action !~ /^(restart|norestart)$/ || - !-e $cmd); + !-e (split(/\s+/, $cmd))[0]); + print "config(post-regexp): <$port> <$email> <$action> <$cmd>\n" if $D; + $pw{$port}{'cmd'} = $cmd; $pw{$port}{'email'} = $email; $pw{$port}{'action'} = $action; |
|
From: jeff m. <jef...@us...> - 2005-08-04 06:45:45
|
Update of /cvsroot/netpass/NetPass/install.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9864/install.d Modified Files: install-ipvs.sh packages Log Message: installation fixes Index: install-ipvs.sh =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/install-ipvs.sh,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- install-ipvs.sh 3 Aug 2005 02:44:38 -0000 1.3 +++ install-ipvs.sh 4 Aug 2005 06:45:24 -0000 1.4 @@ -49,6 +49,12 @@ net.ipv4.conf.eth0.send_redirects = 1 EOF +cat <<EOF >>/etc/modprobe.conf +options ip_conntrack hashsize=1048576 # 512 MB RAM +#options ip_conntrack hashsize=2097152 # 1024 MB RAM +#options ip_conntrack hashsize=4194304 # 2048 MB RAM +EOF + /sbin/ipvsadm-save > /etc/sysconfig/ipvsadm chkconfig --level 345 ipvsadm on Index: packages =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/packages,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- packages 6 Apr 2005 20:50:36 -0000 1.3 +++ packages 4 Aug 2005 06:45:24 -0000 1.4 @@ -22,3 +22,4 @@ reiserfs-utils # perl SOAP expat-devel +net-snmp |
|
From: jeff m. <jef...@us...> - 2005-08-04 06:45:45
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9864/bin Modified Files: interfacecfg.pl Log Message: installation fixes Index: interfacecfg.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/interfacecfg.pl,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- interfacecfg.pl 16 May 2005 16:10:42 -0000 1.11 +++ interfacecfg.pl 4 Aug 2005 06:45:24 -0000 1.12 @@ -60,6 +60,7 @@ sub getIps($); sub director($); sub realserver($); +sub getmem(); my %opts; my %ifaces; @@ -207,7 +208,7 @@ printf("echo \"\t\t\t\tldirectord\" >> %s\n\n", $HARESOURCES); - print <<END + print <<END2 # set ip_forward OFF for vs-dr director (1 on, 0 off) cat /proc/sys/net/ipv4/ip_forward echo "0" >/proc/sys/net/ipv4/ip_forward @@ -221,6 +222,25 @@ echo "1" >/proc/sys/net/ipv4/conf/eth0/send_redirects cat /proc/sys/net/ipv4/conf/eth0/send_redirects +#echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max # 512 MB +#echo 2097152 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max # 1024 MB +#echo 4194304 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max # 2048 MB + +END2 + ; + my $memsize = getmem(); + print "# getmem says we have at least $memsize MB in the local machine\n"; + if ($memsize == 2048) { + print "echo 4194304 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max # 2048 MB\n"; + } + elsif ($memsize == 1024) { + print "echo 2097152 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max # 1024 MB\n"; + } + else { + print "echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max # 512 MB\n"; + } + + print <<END # start heartbeat /etc/init.d/heartbeat stop /etc/init.d/heartbeat start @@ -329,3 +349,20 @@ int2ip($m), int2ip($b)); } + +sub getmem() { + open(FD, "/proc/meminfo") || return 512; + my $ms = 0; + while(my $l = <FD>) { + if ($l =~ /^MemTotal:\s*(\d+)/) { + $ms = $1; + last; + } + } + close(FD); + $ms /= 1024; + return 2048 if ($ms > 2048); + return 1024 if ($ms > 1024); + return 512; +} + |
|
From: jeff m. <jef...@us...> - 2005-08-04 06:45:32
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9864 Modified Files: install Log Message: installation fixes Index: install =================================================================== RCS file: /cvsroot/netpass/NetPass/install,v retrieving revision 1.23 retrieving revision 1.24 diff -u -d -r1.23 -r1.24 --- install 3 Aug 2005 02:44:38 -0000 1.23 +++ install 4 Aug 2005 06:45:23 -0000 1.24 @@ -498,6 +498,9 @@ # squid init script installed via RPM lsystem ("chkconfig --level 2345 squid on"); + lsystem ("chkconfig --level 2345 dhcrelay on"); + lsystem ("chkconfig --level 2345 snmptrapd on"); + lsystem ("chkconfig --level 2345 apache on"); } sub installApacheStartupScript { |
|
From: jeff m. <jef...@us...> - 2005-08-04 05:45:09
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv520 Added Files: netfilter_conntrack_perf.txt Log Message: archived for posterity --- NEW FILE: netfilter_conntrack_perf.txt --- (This appears to be a binary file; contents omitted.) |
|
From: Robert V. <re...@no...> - 2005-08-03 21:07:46
|
Robert Vance wrote: > > With respect to the rest of the items... thanks and I'll run an update > to verify asap. These items (byos report, user editor, progress bar) are looking good. Thanks! Bob |
|
From: Matt <mt...@us...> - 2005-08-03 20:38:01
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3344 Modified Files: ids.mhtml Log Message: Index: ids.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Scan/ids.mhtml,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- ids.mhtml 2 Jun 2005 18:28:30 -0000 1.9 +++ ids.mhtml 3 Aug 2005 20:37:36 -0000 1.10 @@ -132,8 +132,10 @@ } } elsif ($rulesave eq "Save" && $readOnly ne "disabled") { if ($raw) { + my $r = $rule; + $r =~ s/\r\n/ /g; my $rv = $np->db->addSnortRuleEntry( - -rule => $rule, + -rule => $r, -user => $m->session->{'username'}, -desc => $desc ); |
|
From: jeff m. <jef...@us...> - 2005-08-03 20:22:49
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32315/www/htdocs/Admin/Editor Modified Files: edit.mhtml Log Message: message editor bug Index: edit.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor/edit.mhtml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- edit.mhtml 8 Jun 2005 16:35:42 -0000 1.5 +++ edit.mhtml 3 Aug 2005 20:22:40 -0000 1.6 @@ -46,7 +46,7 @@ $content = $np->db->getPage(-name => $name, -group => $group); if(!defined($content)) { - print $q->error("Sorry, there was an error while processing your request!"); + print $q->p({-class=>'error'}, "Sorry, there was an error while processing your request! (getPage couldn't load the page)"); return; } } |
|
From: jeff m. <jef...@us...> - 2005-08-03 20:22:49
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32315/lib/NetPass Modified Files: DB.pm Log Message: message editor bug Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.50 retrieving revision 1.51 diff -u -d -r1.50 -r1.51 --- DB.pm 3 Aug 2005 17:49:55 -0000 1.50 +++ DB.pm 3 Aug 2005 20:22:40 -0000 1.51 @@ -491,7 +491,7 @@ $self->reconnect() || return undef; - return undef unless defined($name) && ($name =~ /^msg:/); + return undef unless defined($name); my $sql = "SELECT content FROM pages WHERE name = ".$self->dbh->quote($name); my $page = ''; |
|
From: jeff m. <jef...@us...> - 2005-08-03 20:22:49
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32315/bin Modified Files: resetport.pl Log Message: message editor bug Index: resetport.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/resetport.pl,v retrieving revision 1.15 retrieving revision 1.16 diff -u -d -r1.15 -r1.16 --- resetport.pl 3 Aug 2005 02:44:38 -0000 1.15 +++ resetport.pl 3 Aug 2005 20:22:40 -0000 1.16 @@ -393,9 +393,10 @@ my $thrq = shift; my $pq = { - 'q' => {} , - 'u' => {} , - 'qt' => {} + 'q' => {}, + 'u' => {}, + 'qt' => {}, + 'ut' => {} }; print $self->tid(), " connecting to DB\n" if $opts{'D'}; |
|
From: Robert V. <re...@no...> - 2005-08-03 18:43:06
|
Jeff Murphy wrote: > >> -- >> * We're still having issues with Netgroups in the Message Editor >> section. At this point all we see is the default group despite the >> fact we have a number of otherwise working Netgroups. > > i havent been able to reproduce this. Hrm. I wonder what I'm doing wrong then. I didn't see a database table update after this. Is this being pulled from the config and/or the user tables? With respect to the rest of the items... thanks and I'll run an update to verify asap. Bob |
|
From: jeff m. <jef...@us...> - 2005-08-03 18:02:31
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/reports In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30214/www/htdocs/Admin/reports Modified Files: byclient.mhtml Log Message: remove binlog rotate cron, mysqlcluster doesnt need it. bug fix in byclient Index: byclient.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/reports/byclient.mhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- byclient.mhtml 12 Apr 2005 19:52:18 -0000 1.3 +++ byclient.mhtml 3 Aug 2005 18:02:21 -0000 1.4 @@ -39,7 +39,7 @@ if ($#macs > -1) { # lookup IPs - my $ri = $np->db->{'dbh'}->getRegisterInfo(-macs => \@macs); + my $ri = $np->db->getRegisterInfo(-macs => \@macs); printMacInfo($ri); @@ -130,7 +130,7 @@ my $mac = shift; my $neis = shift; - my $ri = $np->db->{'dbh'}->getRegisterInfo(-macs => $neis); + my $ri = $np->db->getRegisterInfo(-macs => $neis); my @rows = (); my @rl = ('even', 'odd'); |
|
From: jeff m. <jef...@us...> - 2005-08-03 18:02:30
|
Update of /cvsroot/netpass/NetPass/install.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30214/install.d Modified Files: crontab.netpass Log Message: remove binlog rotate cron, mysqlcluster doesnt need it. bug fix in byclient Index: crontab.netpass =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/crontab.netpass,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- crontab.netpass 31 Dec 2004 19:33:09 -0000 1.2 +++ crontab.netpass 3 Aug 2005 18:02:20 -0000 1.3 @@ -1,7 +1,3 @@ -# purge old mysql binlog files -# -# -0 0 1 * * /opt/netpass/bin/mysql_binlog_rotate.pl # # collect stats on system health # |
|
From: Matt <mt...@us...> - 2005-08-03 17:50:06
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27442 Modified Files: DB.pm Log Message: Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.49 retrieving revision 1.50 diff -u -d -r1.49 -r1.50 --- DB.pm 3 Aug 2005 02:44:39 -0000 1.49 +++ DB.pm 3 Aug 2005 17:49:55 -0000 1.50 @@ -1015,32 +1015,32 @@ return "invalid params\n".Carp::longmess(Class::ParmList->error) if (!defined($parms)); my ($rule, $user, $desc) = $parms->get('-rule', '-user', '-desc'); - if ($rule =~ /sid\:(\d+)\;/) { + if ($rule =~ /sid\:\s*(\d+)\;/) { $data->{sid} = $1; } else { return "undefined sid"; } - if ($rule =~ /msg\:\"([\w-]+)\s+([^";]+)\"\;/) { + if ($rule =~ /msg\:\s*\"([\w-]+)\s+([^";]+)\"\;/) { $data->{category} = $1; $data->{name} = $2; } else { return "unknown msg"; } - if ($rule =~ /rev\:(\d+)\;/) { + if ($rule =~ /rev\:\s*(\d+)\;/) { $data->{rev} = $1; } else { return "unknown rev"; } - if ($rule =~ /classtype\:([^;]+)\;/) { + if ($rule =~ /classtype\:\s*([^;]+)\;/) { $data->{classtype} = $1; } else { return "unknown classtype"; } - if ($rule =~ /reference\:([^;]+)\;/) { + if ($rule =~ /reference\:\s*([^;]+)\;/) { $data->{reference} = $1; } |
