netpass-devel Mailing List for NetPass (Page 9)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: Matt <mt...@us...> - 2005-07-21 15:54:30
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17943 Added Files: npsvc.pl Log Message: --- NEW FILE: npsvc.pl --- #!/opt/perl/bin/perl -w =head1 NAME npsvc.pl =head1 SYNOPSIS npsvc.pl <-c configfile> <-w time> <-m mailserver> -c configfile npsvc.pl config file -w time period of time to wait before starting to watch procs -m mailserver smtp mail server -h this message =head1 DESCRIPTION A script to watch processes listed in the npsvc config file =head1 AUTHOR Matt Bell <mt...@bu...> =head1 LICENSE (c) 2004 University at Buffalo. Available under the "Artistic License" http://www.gnu.org/licenses/license-list.html#ArtisticLicense =head1 REVISION =cut use strict; use Getopt::Std; use Pod::Usage; use FileHandle; use Net::SMTP; use lib qw(/opt/netpass/lib); use RUNONCE; my $proctowatch = {}; my $DEFAULTCONFIG = "/opt/netpass/etc/npsvc.conf"; my $WAITPERIOD = 300; my $EMAILTIMEOUT = 300; $SIG{'HUP'} = \&handler; my %opts; getopts('c:m:w:h', \%opts); pod2usage(2) if exists $opts{'h'}; my $config = (exists $opts{'c'}) ? $opts{'c'} : $DEFAULTCONFIG; my $waittime = (exists $opts{'w'}) ? $opts{'w'} : $WAITPERIOD; die "File $config does not exist!" unless -e $config; my $mailserver = (exists $opts{'m'}) ? $opts{'m'} : ""; $proctowatch = processConfFile($config); sleep($waittime); while (1) { foreach my $svc (keys %$proctowatch) { my $pid = RUNONCE::alreadyRunning($svc); next if ($pid > 0); RUNONCE::close; my $action = $proctowatch->{$svc}{'action'}; if ($mailserver ne "" && time() > ($proctowatch->{$svc}{'lastemailed'} + $EMAILTIMEOUT)) { Email("npsvc", $proctowatch->{$svc}{'email'}, "$svc down $action", "$svc down $action", $mailserver); $proctowatch->{$svc}{'lastemailed'} = time(); } system($proctowatch->{$svc}{'cmd'}) if ($action eq 'restart'); } sleep (30); } exit 0; sub Email { my($from, $to, $subject, $mesg, $mailserver) = @_; my $smtp = Net::SMTP->new($mailserver); if (!$smtp) { warn("There was a problem sending email..."); } $smtp->mail($from); $smtp->to($to); $smtp->data(); $smtp->datasend("Subject: $subject"); $smtp->datasend("\n\n\n"); $smtp->datasend($mesg); $smtp->quit; return (1); } sub handler { $proctowatch = processConfFile($config); return 1; } sub processConfFile { my $file = shift; my $fh = new FileHandle(); my %pw; $fh->open($file) || die "Unable to open $file"; while (my $line = $fh->getline) { next if ($line =~ /^\s*\#/); my($port, $email, $action, $cmd) = split(/\s+/, $line, 4); chomp $cmd; next if ($cmd eq '' || $email !~ /^\w+\@\w*\.*\w*\.*\w+\.\w+$/ || $port eq '' || $action !~ /^(restart|norestart)$/ || !-e $cmd); $pw{$port}{'cmd'} = $cmd; $pw{$port}{'email'} = $email; $pw{$port}{'action'} = $action; $pw{$port}{'lastemailed'} = 0; } $fh->close(); return \%pw; } |
|
From: Matt <mt...@us...> - 2005-07-21 15:45:32
|
Update of /cvsroot/netpass/NetPass/etc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17048 Added Files: npsvc.conf Log Message: --- NEW FILE: npsvc.conf --- # service email action <restart|norestart> command with args # npapid ad...@do... restart /opt/netpass/bin/npapid.pl |
|
From: Matt <mt...@us...> - 2005-07-19 14:53:01
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23474 Modified Files: addsidelink.mhtml Log Message: Index: addsidelink.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/addsidelink.mhtml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- addsidelink.mhtml 19 Jul 2005 14:45:20 -0000 1.1 +++ addsidelink.mhtml 19 Jul 2005 14:52:43 -0000 1.2 @@ -18,7 +18,7 @@ --></script> <%perl> -my @rwGroups = ('Admin', 'QuarAdmin'); +my @rwGroups = ('Admin'); my ($rw, $aclGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ @rwGroups ]); print $q->h2("Modify Side Links"); |
|
From: Matt <mt...@us...> - 2005-07-19 14:48:29
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22144 Modified Files: DB.pm Log Message: Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.47 retrieving revision 1.48 diff -u -d -r1.47 -r1.48 --- DB.pm 23 Jun 2005 20:21:07 -0000 1.47 +++ DB.pm 19 Jul 2005 14:47:50 -0000 1.48 @@ -664,6 +664,82 @@ return 0; } +=head2 getSideLinks() + +Get a list of User Defined SideLinks from the sideLinks table in the database. +Returns a HASH ref containing the name/url pair on success or C<undef> on +failure. + +=cut + +sub getSideLinks { + my $self = shift; + my $q = qq{SELECT name, url FROM sideLinks}; + + my $hr = $self->{'dbh'}->selectall_hashref($q, "name"); + return undef unless (defined $hr && ref($hr) eq "HASH" ); + + return $hr; +} + +=head2 addSideLink(-name => $name, -url => $url) + +Add a sidelink to the database with name = $name and url = $url. +Returns true on success, C<undef> on failure. + +=cut + +sub addSideLink { + my $self = shift; + my $parms = parse_parms({ + -parms => \@_, + -required => [ qw(-name -url) ], + -defaults => { + -name => '', + -url => '' + } + } + ); + + return undef if !defined $parms; + my ($name, $url) = $parms->get('-name', '-url'); + + my $q = qq{INSERT INTO sideLinks VALUES(?,?)}; + my $sth = $self->{'dbh'}->prepare($q); + + return undef if !$sth->execute($name, $url); + $sth->finish; + return 1; +} + +=head2 delSideLink(-name => $name) + +Delete a sidelink from the database with name = $name. +Returns true on success, C<undef> on failure. + +=cut + +sub delSideLink { + my $self = shift; + my $parms = parse_parms({ + -parms => \@_, + -required => [ qw(-name) ], + -defaults => { + -name => '' + } + } + ); + + return undef if !defined $parms; + my ($name) = $parms->get('-name'); + + my $q = qq{DELETE FROM sideLinks WHERE name = ?}; + my $sth = $self->{'dbh'}->prepare($q); + + return undef if !$sth->execute($name); + $sth->finish; + return 1; +} =head2 requestMovePort(-switch => switch, -port => port, -vlan => <quarantine | unquarantine>) |
|
From: Matt <mt...@us...> - 2005-07-19 14:46:42
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21794 Added Files: DisplaySideLinks Log Message: --- NEW FILE: DisplaySideLinks --- <%doc> </%doc> <%args> </%args> <%perl> my $sidelinks = $np->db->getSideLinks(); if (!defined $sidelinks || ref($sidelinks) ne 'HASH') { print $q->p({-class=>'error'}, "Unable to retrieve Sidelinks"); return; } foreach my $name (sort keys %$sidelinks) { my $url = $sidelinks->{$name}->{'url'}; $url = 'http://'.$url if ($url !~ /^http/); printf("<a class=\"sbLinks\" href=\"%s\" title=\"\">%s</a><br>", $url, $name); } </%perl> |
|
From: Matt <mt...@us...> - 2005-07-19 14:46:00
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21637 Modified Files: autohandler Log Message: Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/autohandler,v retrieving revision 1.15 retrieving revision 1.16 diff -u -d -r1.15 -r1.16 --- autohandler 15 Jul 2005 20:28:33 -0000 1.15 +++ autohandler 19 Jul 2005 14:45:52 -0000 1.16 @@ -61,10 +61,10 @@ <a class="sbLinks" href="/Admin/audit.mhtml" title="">Audit Logs</a><br> <a class="sbLinks" href="/Admin/reports.mhtml" title="">Reports</a><br> </DIV> -<DIV class='sbText'><a href="/addsidelink.mhtml">Logs and Reports</a></DIV> +<DIV class='sbText'><a href="/Admin/addsidelink.mhtml">User Links</a></DIV> <DIV class='indent' style='border-bottom: solid 1px white;'> -%# $m->comp("/Admin/DisplaySideLinks"); -</div> +%$m->comp("/Admin/DisplaySideLinks"); +</DIV> <P><P> <BR><H6><I><%join('.', (split(/\./, hostname))[0,1])%></I></H6> |
|
From: Matt <mt...@us...> - 2005-07-19 14:45:30
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21547 Added Files: addsidelink.mhtml Log Message: --- NEW FILE: addsidelink.mhtml --- <%doc> # $Header: /cvsroot/netpass/NetPass/www/htdocs/Admin/addsidelink.mhtml,v 1.1 2005/07/19 14:45:20 mtbell Exp $ # (c) 2004 University at Buffalo. # Available under the "Artistic License" # http://www.gnu.org/licenses/license-list.html#ArtisticLicense </%doc> <%args> $action => ''; $sidelinks => ''; $name => ''; $url => ''; </%args> <script><!-- setWhereAmI('AddSideLinks'); --></script> <%perl> my @rwGroups = ('Admin', 'QuarAdmin'); my ($rw, $aclGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ @rwGroups ]); print $q->h2("Modify Side Links"); print $q->start_form(-method=>"POST", -action => "addsidelink.mhtml"); my $defname = ""; my $defurl = ""; if ($action eq '>>') { if ($sidelinks eq '') { print $q->p({-class => "error"}, "No sidelink selected"); return; } my $tsl = $np->db->getSideLinks(); my $rv = $np->db->delSideLink(-name => $sidelinks); print $q->p({-class => "error"}, "Unable to delete sidelink $name") if !$rv; $defname = $sidelinks; $defurl = $tsl->{$sidelinks}->{'url'}; } elsif ($action eq '<<') { if ($name eq '' || $url eq '') { print $q->p({-class => "error"}, "Cannot add sidelink Undefined field"); return; } my $rv = $np->db->addSideLink(-name => $name, -url => $url); print $q->p({-class => "error"}, "Unable to add sidelink $name") if !$rv; } my $sl = $np->db->getSideLinks(); </%perl> <table cellpadding=2 cellspacing=2 border=0> <tr> <th colspan=3>Modify Side Links</th> </tr><tr> <td class='gray'> <%perl> print $q->scrolling_list( -name => 'sidelinks', -size => 8, -values => [sort keys %$sl], -style => "width:150px", ); </%perl> </td> <td class='gray'> <%perl> print $q->submit( -name => 'action', -value => '>>' ); print $q->br(); print $q->submit( -name => 'action', -value => '<<' ); </%perl> </td> <td class='gray'> <%perl> print "Name<BR>"; print $q->textfield( -name => 'name', -size => 25, -default => $defname ); print $q->br().$q->br(); print "Url<BR>"; print $q->textfield( -name => 'url', -size => 25, -default => $defurl, ); </%perl> </td> </tr> </table> <%perl> print $q->end_form(); </%perl> |
|
From: Matt B. <mt...@os...> - 2005-07-18 21:53:21
|
its something i am working on now, its mainly a table used to store user defined side links for the sidebar in the admin web interface. -Matt On Mon, 18 Jul 2005, Robert Vance wrote: > Matt wrote: > > Update of /cvsroot/netpass/NetPass/install.d > > In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32015 > > > > Modified Files: > > tables.sql > > Log Message: > > Hey guys, whats up the sideLinks? > > rev > > > ------------------------------------------------------- > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > _______________________________________________ > Netpass-devel mailing list > Net...@li... > https://lists.sourceforge.net/lists/listinfo/netpass-devel > > |
|
From: Robert V. <re...@no...> - 2005-07-18 21:12:33
|
Matt wrote: > Update of /cvsroot/netpass/NetPass/install.d > In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32015 > > Modified Files: > tables.sql > Log Message: Hey guys, whats up the sideLinks? rev |
|
From: Matt <mt...@us...> - 2005-07-18 13:23:40
|
Update of /cvsroot/netpass/NetPass/install.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32015 Modified Files: tables.sql Log Message: Index: tables.sql =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/tables.sql,v retrieving revision 1.16 retrieving revision 1.17 diff -u -d -r1.16 -r1.17 --- tables.sql 2 May 2005 17:06:25 -0000 1.16 +++ tables.sql 18 Jul 2005 13:23:31 -0000 1.17 @@ -121,6 +121,12 @@ PRIMARY KEY (rowid) ) ENGINE=NDBCLUSTER; +CREATE TABLE sideLinks ( + name VARCHAR(24) NOT NULL, + url VARCHAR(255) NOT NULL, + PRIMARY KEY (name) +) ENGINE=NDBCLUSTER; + CREATE INDEX clientHistory_idx1 ON clientHistory (macAddress); CREATE INDEX clientHistory_idx2 ON clientHistory (dt); |
|
From: jeff m. <jef...@us...> - 2005-07-15 20:28:43
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26596 Modified Files: autohandler Log Message: sidelink editor, take 1 Index: autohandler =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/autohandler,v retrieving revision 1.14 retrieving revision 1.15 diff -u -d -r1.14 -r1.15 --- autohandler 3 Jun 2005 16:59:55 -0000 1.14 +++ autohandler 15 Jul 2005 20:28:33 -0000 1.15 @@ -57,10 +57,14 @@ <a class="sbLinks" href="/Admin/Editor/" title="">Message Editor</a><br> </DIV> <DIV class='sbText'>Logs and Reports</DIV> -<DIV class='indent' style='border-bottom: solid 1px white;'> +<DIV class='indent'> <a class="sbLinks" href="/Admin/audit.mhtml" title="">Audit Logs</a><br> <a class="sbLinks" href="/Admin/reports.mhtml" title="">Reports</a><br> </DIV> +<DIV class='sbText'><a href="/addsidelink.mhtml">Logs and Reports</a></DIV> +<DIV class='indent' style='border-bottom: solid 1px white;'> +%# $m->comp("/Admin/DisplaySideLinks"); +</div> <P><P> <BR><H6><I><%join('.', (split(/\./, hostname))[0,1])%></I></H6> |
|
From: Matt <mt...@us...> - 2005-07-14 15:46:38
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32671 Modified Files: API.pm Log Message: Index: API.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/API.pm,v retrieving revision 1.22 retrieving revision 1.23 diff -u -d -r1.22 -r1.23 --- API.pm 14 Jul 2005 15:35:18 -0000 1.22 +++ API.pm 14 Jul 2005 15:46:25 -0000 1.23 @@ -226,8 +226,8 @@ =head2 $rv = getRegisterInfo(-secret => secret -mac => mac, -macs => [], -ip => ip, -ips => []) -This routine is basically a NetPass::API wrapper to DB::getRegisterInfo, for information -regarding arguments see DB::getRegisterInfo. +This routine is basically a NetPass::API wrapper to NetPass::DB::getRegisterInfo, +for information regarding arguments see DB::getRegisterInfo. =cut @@ -242,6 +242,23 @@ return $np->db->getRegisterInfo(@$args); } +=head2 $rv = addSnortRuleEntry(-secret => $secret -rule => $rule -user => $user -desc => $desc) + +This routine is basically a NetPass::API wrapper to NetPass::DB::addSnortRuleEntry, +for information regarding arguments see NetPass::DB::addSnortRuleEntry. + +=cut + +sub addSnortRuleEntry { + my $self = shift; + my $np = $::np; + + my($secret, $args) = $self->$get_secret_from_args(@_); + return undef if $secret eq ""; + return undef unless ($self->$check_soap_auth($secret)); + + return $np->db->addSnortRuleEntry(@$args); +} =head2 my $results = quarantineByIP(-secret => $secret, -ip => $ip, -id => $id, -type => $type, -time => $time) |
|
From: Matt <mt...@us...> - 2005-07-14 15:35:27
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30159 Modified Files: API.pm Log Message: Index: API.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/API.pm,v retrieving revision 1.21 retrieving revision 1.22 diff -u -d -r1.21 -r1.22 --- API.pm 13 Jul 2005 15:35:25 -0000 1.21 +++ API.pm 14 Jul 2005 15:35:18 -0000 1.22 @@ -41,6 +41,27 @@ return ($their_secret eq $my_secret) ? 1 : 0; }; +my $get_secret_from_args = sub { + my $self = shift; + my @args = @_; + my $secret; + + if (ref($args[0]) eq 'HASH') { + return undef if ($#args > 0 || !exists $args[0]->{'-secret'}); + $secret = $args[0]->{'-secret'}; + delete $args[0]->{'-secret'}; + } else { + my $i; + my $j; + for ($i = 0; $i <= $#args; $i++) { + last if ($args[$i] eq '-secret'); + } + ($j, $secret) = splice(@args, $i, 2); + } + + return ($secret, \@args); +}; + =head2 $rule = getSnortPCAPFilter(-secret => $secret, -sensor => $hostname -ignorequar => [1|0]) Get the necessary pcap rules for the particular sensor. Argument @@ -58,6 +79,7 @@ my $parms = parse_parms({ -parms => \@_, -legal => [ qw(-secret -sensor -ignorequar) ], + -required => [ qw(-secret -sensor) ], -defaults => { -secret => '', -sensor => '', -ignorequar => 0, @@ -116,7 +138,8 @@ my $parms = parse_parms({ -parms => \@_, - -legal => [ qw(-secret -type -ignorequarrule) ], + -legal => [ qw(-secret -type) ], + -required => [ qw(-secret -type) ], -defaults => { -secret => '', -type => '', } @@ -201,6 +224,24 @@ return \@snortnws; } +=head2 $rv = getRegisterInfo(-secret => secret -mac => mac, -macs => [], -ip => ip, -ips => []) + +This routine is basically a NetPass::API wrapper to DB::getRegisterInfo, for information +regarding arguments see DB::getRegisterInfo. + +=cut + +sub getRegisterInfo { + my $self = shift; + my $np = $::np; + + my($secret, $args) = $self->$get_secret_from_args(@_); + return undef if $secret eq ""; + return undef unless ($self->$check_soap_auth($secret)); + + return $np->db->getRegisterInfo(@$args); +} + =head2 my $results = quarantineByIP(-secret => $secret, -ip => $ip, -id => $id, -type => $type, -time => $time) @@ -224,6 +265,7 @@ my $parms = parse_parms({ -parms => \@_, -legal => [ qw(-secret -type -id -ip -time) ], + -required => [ qw(-secret -type -id -ip -time) ], -defaults => { -secret => '', -type => '', -id => '', |
|
From: Matt <mt...@us...> - 2005-07-13 15:36:13
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8811 Modified Files: quarantine_host.pl Log Message: Index: quarantine_host.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/quarantine_host.pl,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- quarantine_host.pl 20 Apr 2005 04:24:19 -0000 1.3 +++ quarantine_host.pl 13 Jul 2005 15:36:04 -0000 1.4 @@ -57,15 +57,18 @@ my $id = (); my $type = (); +my $time = (); if ($opts{'t'} =~ /\,/ || $opts{'i'} =~ /\,/) { @$id = split(',', $opts{'i'}); @$type = split(',', $opts{'t'}); + $time = [map(time(), @$type)]; die "Number of types doesnt correspond with the number of ids" if ($#$id != $#$type); } else { $id = $opts{'i'}; $type = $opts{'t'}; + $time = time(); } my $soap = createSoapConnection($opts{'s'}); @@ -76,6 +79,7 @@ -secret => $secret, -ip => $ip, -type => $type, + -time => $time, -id => $id)->result}; die "Unable to quarantine $ip" unless defined $res; |
|
From: Matt <mt...@us...> - 2005-07-13 15:35:39
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8479 Modified Files: API.pm Log Message: Index: API.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/API.pm,v retrieving revision 1.20 retrieving revision 1.21 diff -u -d -r1.20 -r1.21 --- API.pm 3 Jun 2005 19:06:59 -0000 1.20 +++ API.pm 13 Jul 2005 15:35:25 -0000 1.21 @@ -41,14 +41,71 @@ return ($their_secret eq $my_secret) ? 1 : 0; }; -=head2 $aref = getSnortRules(-secret => $secret, -type => $type = <enabled | disabled | all> - -ignorequarrule => 0|1) +=head2 $rule = getSnortPCAPFilter(-secret => $secret, -sensor => $hostname -ignorequar => [1|0]) + +Get the necessary pcap rules for the particular sensor. Argument +-ignorequar will append the necessary vlan rules to exclude quarantine +vlans if true. Returns a string of the rule on success, C<undef> on failure. + +=cut + +sub getSnortPCAPFilter { + my $self = shift; + my $np = $::np; + my $nws = (); + my @pcap; + + my $parms = parse_parms({ + -parms => \@_, + -legal => [ qw(-secret -sensor -ignorequar) ], + -defaults => { -secret => '', + -sensor => '', + -ignorequar => 0, + } + }); + + return "invalid params\n".Carp::longmess(Class::ParmList->error) if (!defined($parms)); + my ($secret, $sensor, $ignorequar) = $parms->get('-secret', '-sensor', '-ignorequar'); + + return undef unless ($self->$check_soap_auth($secret)); + + if ($sensor !~ /^\w*\.*\w*\.*\w+\.\w+:\d+$/) { + _log("ERROR", "Incorrect sensor format $sensor"); + return undef; + } + + $nws = $np->cfg->getNetworks(); + if (!defined($nws) || ref($nws) ne 'ARRAY') { + _log("ERROR", "Unable to retrieve list of networks"); + return undef; + } + + foreach my $net (@$nws) { + next unless $np->cfg->snortEnabled($net) =~ /^(enabled|not_really)$/; + my $nets = $np->cfg->getSnortSensors($net); + next unless defined $nets && ref($nets) eq 'HASH'; + + if (exists $nets->{$sensor}) { + my $r = "("; + if ($ignorequar) { + my $qvlan = $np->cfg->quarantineVlan($net); + $r .= "not vlan $qvlan and" if $qvlan =~ /^\d+$/; + } + + $r .= " src net $net)"; + push @pcap, $r; + } + } + + return join(' or ', @pcap); +} + +=head2 $aref = getSnortRules(-secret => $secret, -type => $type = <enabled | disabled | all>) + Retrieve snort rules registered in the NetPass database. Arguments include a secret, type either return all enabled rules, all disabled rules, or all -rules. Argument ignorequarrule will prepend vlan filtering rules to filter -quarantine traffic from being monitored by snort. Returns an C<array reference> -on success, C<undef> on failure. +rules. Returns an C<array reference> on success, C<undef> on failure. =cut @@ -62,30 +119,17 @@ -legal => [ qw(-secret -type -ignorequarrule) ], -defaults => { -secret => '', -type => '', - -ignorequarrule => 0, } }); return "invalid params\n".Carp::longmess(Class::ParmList->error) if (!defined($parms)); - my ($secret, $type, $ignorequarrule) = $parms->get('-secret', '-type', '-ignorequarrule'); + my ($secret, $type) = $parms->get('-secret', '-type'); return undef unless ($self->$check_soap_auth($secret)); return undef unless ($type =~ /^(enabled|disabled|all)$/); - my $network = $np->cfg->getNetworks(); - return undef unless (defined ($network)); - _log("DEBUG", "retrieving snort rules"); - if ($ignorequarrule) { - foreach my $nw (@$network) { - my $qvlan = $np->cfg->quarantineVlan($nw); - next unless defined $qvlan; - push @aref, sprintf("pass tcp any any -> any any (vlan:%d;)\n", $qvlan); - - } - } - my $rules = $np->db->getSnortRules($type); _log("ERROR", "Unable to retrieve rules from database") unless defined($rules); @@ -114,16 +158,20 @@ return $np->cfg->snortEnabled($nw); } -=head2 my $networks = snortEnabledNetworks($secret) +=head2 my $networks = snortEnabledNetworks($secret, $sensor) -Get all the networks snort is enabled on. Returns an ARRAY ref of -all the snort enabled networks on success, C<undef> on failure. +Get all the networks snort is enabled on. If $sensor is defined +as hostname:port of a configured snort sensor all the networks +that particular sensor is enabled on is returned as an ARRAY +ref. Returns an ARRAY ref of all the snort enabled networks on +success, C<undef> on failure. =cut sub snortEnabledNetworks { my $self = shift; my $secret = shift; + my $sensor = shift; my $np = $::np; my $nws = (); @@ -137,24 +185,34 @@ return undef; } + if ($sensor !~ /^\w*\.*\w*\.*\w+\.\w+:\d+$/) { + _log("ERROR", "Incorrect sensor format $sensor"); + return undef; + } + foreach my $net (@$nws) { - push(@snortnws, $net) if ($np->cfg->snortEnabled($net) =~ /^(enabled|not_really)$/); + next unless $np->cfg->snortEnabled($net) =~ /^(enabled|not_really)$/; + my $nets = $np->cfg->getSnortSensors($net); + next unless defined $nets && ref($nets) eq 'HASH'; + next unless exists $nets->{$sensor}; + push @snortnws, $net; } return \@snortnws; } -=head2 my $results = quarantineByIP(-secret => $secret, -ip => $ip, -id => $id, -type => $type) +=head2 my $results = quarantineByIP(-secret => $secret, -ip => $ip, -id => $id, -type => $type, -time => $time) Arguments to this function include a secret key, ip address to be -quarantined, an id associated to either a Nessus or Snort ID, and -a type corresponding to what exactly quarantined this ip. The type -and id flags can also be ARRAY references for multiple id's with -their corresponding types, however there must be an equal number -of elements in each of the ARRAY or an error will occur. This -function returns either C<quarantined> if the ip as been quarantined, -C<nothing> if nothing has been done or C<undef> on failure. +quarantined, an id associated to either a Nessus or Snort ID, +a type corresponding to what exactly quarantined this ip, and a timestamp +when the incident occured. The type, id, and time variables can also be +ARRAY references for multiple id's with their corresponding types and +timestamps, however there must be an equal number of elements in each +of the arrays or an error will occur. This function returns either +C<quarantined> if the ip as been quarantined, C<nothing> if nothing +has been done or C<undef> on failure. =cut @@ -165,7 +223,7 @@ my @msgs; my $parms = parse_parms({ -parms => \@_, - -legal => [ qw(-secret -type -id -ip) ], + -legal => [ qw(-secret -type -id -ip -time) ], -defaults => { -secret => '', -type => '', -id => '', @@ -174,21 +232,21 @@ }); return "invalid params\n".Carp::longmess(Class::ParmList->error) if (!defined($parms)); - my ($secret, $type, $id, $ip) = $parms->get('-secret', '-type', '-id', '-ip'); + my ($secret, $type, $id, $ip, $time) = $parms->get('-secret', '-type', '-id', '-ip', '-time'); return undef unless ($self->$check_soap_auth($secret)); - if (ref($type) eq 'ARRAY' && ref($id) eq 'ARRAY') { + if (ref($type) eq 'ARRAY' && ref($id) eq 'ARRAY' && ref($time) eq 'ARRAY') { $arrays = 1; } - if (!$arrays && (ref($type) eq 'ARRAY' || ref($id) eq 'ARRAY')) { + if (!$arrays && (ref($type) eq 'ARRAY' || ref($id) eq 'ARRAY' || ref($time) eq 'ARRAY')) { _log("ERROR", "Invalid Paramaters passed"); return undef; } - if ($arrays && $#$type != $#$id) { - _log("ERROR", "LIST Paramaters type and id do not have the same number of elements"); + if ($arrays && ($#$type != $#$id || $#$type != $#$time)) { + _log("ERROR", "LIST Paramaters type, id, and time do not have the same number of elements"); return undef; } @@ -218,11 +276,29 @@ if ($arrays) { for (my $i = 0; $i <= $#$type; $i++) { - push @msgs, sprintf("%s quarantine of %s %s for violation of %d plugin.", - $type->[$i], $ip, $mac, $id->[$i]); + my $t = "Unknown"; + $t = localtime($time->[$i]) if $time->[$i] =~ /^\d+$/; + + if ($mode eq "not_really") { + push @msgs, sprintf("%s report-only for violation of %d plugin at %s.", + $type->[$i], $id->[$i], $t); + } else { + push @msgs, sprintf("%s quarantine for violation of %d plugin at %s.", + $type->[$i], $id->[$i], $t); + + } } } else { - push @msgs, "$type quarantine of $ip $mac for violation of $id plugin."; + my $t = "Unknown"; + $t = localtime($time) if $time =~ /^\d+$/; + + if ($mode eq "not_really") { + push @msgs, sprintf("%s report-only for violation of %d plugin at %s", + $type, $id, $t); + } else { + push @msgs, sprintf("%s quarantine for violation of %d plugin at %s.", + $type, $id, $t); + } } $np->db->audit ( |
|
From: jeff m. <jef...@us...> - 2005-06-23 20:21:27
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4657/www/htdocs/OSSTemplate/js Modified Files: common.js debug.js ldap.js radius.js Log Message: bug fixes to userform, arp table searching (osx), ldap ui, auth.mhtml ui Index: debug.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/debug.js,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- debug.js 8 Jun 2005 16:44:38 -0000 1.11 +++ debug.js 23 Jun 2005 20:21:10 -0000 1.12 @@ -45,7 +45,8 @@ //return; } - if (DBGLEVEL) + if (DBGLEVEL) { dbgwin = window.open("about:blank", "DEBUGOUTPUT", - "resizable,width=400,height=400,scrollbars"); + "resizable,width=400,height=400,scrollbars"); + } } Index: ldap.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/ldap.js,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- ldap.js 8 Jun 2005 16:35:42 -0000 1.1 +++ ldap.js 23 Jun 2005 20:21:10 -0000 1.2 @@ -1,13 +1,90 @@ // when the ldap server field changes, // do a submit to refresh the page +function ldap_xh_results_getLDAP(r, prefix) { + var RN = "ldap_xh_results_getLDAP"; + + var sf = document.getElementById(prefix + "ldapBase"); + if (!sf) return; + + var ra = r.split(/\s+/); + var i = 0; + while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } + if (ra[i] == "OK") { + sf.value = ra[2]; + sf = document.getElementById(prefix + "ldapFilter"); + if (sf) sf.value = ra[3]; + sf = document.getElementById(prefix + "ldapPasswordField"); + if (sf) sf.value = ra[4]; + } else { + alert("failed to getSecret " + r); + } +} + +function ldap_xh_results_setLDAP(r, prefix) { + var RN = "ldap_xh_results_setLDAP"; + + var ra = r.split(/\s+/); + var i = 0; + while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } + if (ra[i] == "OK") { + alert("LDAP setting changed"); + } else { + alert("failed to set LDAP setting " + r); + } +} + function ldap_onchange_ldapServer(prefix) { var RN = "ldap_onchange_ldapServer"; dbg (1, RN); var o = document.getElementById(prefix + 'ldapServer'); + var gotOne = false; for (var i = 1 ; i < o.options.length ; i++) { - if (o.options[i].selected) - document.forms[0].submit(); + if (o.options[i].selected) { + gotOne = true; + xh_post("/Admin/cmd/getLDAP.mhtml?server=" + + o.options[i].value, "ldap_xh_results_getLDAP", prefix); + } + } + if (!gotOne) ldap_clear_fields(prefix); +} + +function ldap_onblur_ldapBase(prefix) { + var RN = "ldap_onblur_ldapBase"; + dbg (1, RN); + var s = document.getElementById(prefix + 'ldapServer'); + var f = document.getElementById(prefix + 'ldapBase'); + if (f && s && (f.value != '') && (s.selectedIndex > 0)) { + xh_post("/Admin/cmd/setLDAP.mhtml?server=" + + s.options[s.selectedIndex].value + + "&base=" + f.value, + "ldap_xh_results_setLDAP", prefix); + } +} + +function ldap_onblur_ldapFilter(prefix) { + var RN = "ldap_onblur_ldapFilter"; + dbg (1, RN); + var s = document.getElementById(prefix + 'ldapServer'); + var f = document.getElementById(prefix + 'ldapFilter'); + if (f && s && (f.value != '') && (s.selectedIndex > 0)) { + xh_post("/Admin/cmd/setLDAP.mhtml?server=" + + s.options[s.selectedIndex].value + + "&filter=" + f.value, + "ldap_xh_results_setLDAP", prefix); + } +} + +function ldap_onblur_ldapPasswordField(prefix) { + var RN = "ldap_onblur_ldapPasswordField"; + dbg (1, RN); + var s = document.getElementById(prefix + 'ldapServer'); + var f = document.getElementById(prefix + 'ldapPasswordField'); + if (f && s && (f.value != '') && (s.selectedIndex > 0)) { + xh_post("/Admin/cmd/setLDAP.mhtml?server=" + + s.options[s.selectedIndex].value + + "&passwordField=" + f.value, + "ldap_xh_results_setLDAP", prefix); } } @@ -20,7 +97,7 @@ } function ldap_onblur_addServer(prefix) { - var RN = "ldap_onfocus_addServer"; + var RN = "ldap_onblur_addServer"; dbg (1, RN); var o = document.getElementById(prefix + 'ldapAddServer'); var l = document.getElementById(prefix + 'ldapServer'); Index: radius.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/radius.js,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- radius.js 8 Jun 2005 16:35:42 -0000 1.1 +++ radius.js 23 Jun 2005 20:21:10 -0000 1.2 @@ -1,13 +1,64 @@ // when the radius server field changes, // do a submit to refresh the page +function radius_xh_results_getSecret(r, prefix) { + var RN = "radius_xh_results_getSecret"; + + var sf = document.getElementById(prefix + "radiusSecret"); + if (!sf) return; + + var ra = r.split(/\s+/); + var i = 0; + while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } + if (ra[i] == "OK") { + sf.value = ra[2]; + } else { + alert("failed to getSecret " + r); + } +} + +function radius_xh_results_setSecret(r, prefix) { + var RN = "radius_xh_results_setSecret"; + + var ra = r.split(/\s+/); + var i = 0; + while (i < ra.length && ra[i] != "OK" && ra[i] != "NOK") { i++ } + if (ra[i] == "OK") { + alert("secret changed"); + } else { + alert("failed to setSecret " + r); + } +} + function radius_onchange_radiusServer(prefix) { var RN = "radius_onchange_radiusServer"; dbg (1, RN); var o = document.getElementById(prefix + 'radiusServer'); + var gotOne = false; for (var i = 1 ; i < o.options.length ; i++) { - if (o.options[i].selected) - document.forms[0].submit(); + if (o.options[i].selected) { + gotOne = true; + xh_post("/Admin/cmd/getRadiusSecret.mhtml?server=" + + o.options[i].value, "radius_xh_results_getSecret", prefix); + } + } + if (!gotOne) { + var sf = document.getElementById(prefix + "radiusSecret"); + sf.value = ''; + } +} + +function radius_onblur_radiusSecret(prefix) { + var RN = "radius_onblur_radiusSecret"; + dbg (1, RN); + var sc = document.getElementById(prefix + 'radiusSecret'); + var sv = document.getElementById(prefix + 'radiusServer'); + + if ( sc && sv && (sc.value != '') && (sv.selectedIndex > 0) ) { + xh_post("/Admin/cmd/setRadiusSecret.mhtml?server=" + + sv.options[sv.selectedIndex].value + + "&secret=" + sc.value, + "radius_xh_results_setSecret", prefix); } } @@ -34,8 +85,8 @@ o.value = 'Add Server...'; } -function radius_onclick_delServer() { - var RN = "radius_onfocus_addServer"; +function radius_onclick_delServer(prefix) { + var RN = "radius_onclick_delServer"; dbg (1, RN); var o = document.getElementById(prefix + 'radiusServer'); if (o) { @@ -50,3 +101,4 @@ var o = document.getElementById(prefix + 'radiusSecret'); if (o) o.value = ''; } + Index: common.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/common.js,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- common.js 8 Jun 2005 16:35:42 -0000 1.3 +++ common.js 23 Jun 2005 20:21:10 -0000 1.4 @@ -1,4 +1,13 @@ +function xh_post(url, callback, arg) { + xmlhttp.open("GET", url + "&printable=2"); + xmlhttp.onreadystatechange = + eval("x = function() {if (xmlhttp.readyState == 4) {" + + callback + "(xmlhttp.responseText, " + + '"' + arg + '"' + ");}}"); + xmlhttp.send(null); +} + function adjust_onClick(obj, fn) { if (browserType_IE) { obj.onclick = eval("x=function(e){"+fn+"}"); @@ -78,6 +87,7 @@ var acl = document.getElementById(oname); if (acl) { + //acl.selectedIndex = -1; for(var i = 0 ; i < acl.options.length ; i++) { if (item) { if (item == acl.options[i].value) @@ -85,7 +95,6 @@ } else { acl.options[i].selected = false; } - acl.selectedIndex = -1; } } else { dbg (1, RN + ": error cant find " + oname + " object"); @@ -95,9 +104,10 @@ function highLightList(oname, item) { var RN = "highLightList"; - + dbg(1, RN + "(" + oname + ", " + item + ")" ); var acl = document.getElementById(oname); if (acl) { + acl.selectedIndex = -1; for(var i = 1 ; i < acl.options.length ; i++) { if (item) { if (acl.options[i].value == item) @@ -106,7 +116,6 @@ else { acl.options[i].selected = true; } - acl.selectedIndex = -1; } } else { dbg (1, RN + ": error cant find " + oname + " object"); @@ -140,3 +149,4 @@ dbg (1, RN + ": error cant find " + oname + " object"); } } + |
|
From: jeff m. <jef...@us...> - 2005-06-23 20:21:24
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4657/www/htdocs/Admin/cmd Added Files: getLDAP.mhtml getRadiusSecret.mhtml setLDAP.mhtml setRadiusSecret.mhtml Log Message: bug fixes to userform, arp table searching (osx), ldap ui, auth.mhtml ui --- NEW FILE: setLDAP.mhtml --- <%doc> </%doc> <%args> $server => ''; $base => ''; $filter => ''; $passwordField => ''; </%args> <%perl> use URI; # validate perms my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if ($isRoot && $server) { my $ri = $np->cfg->setLDAP(-server => $server, -base => $base, -filter => $filter, -passwordField => $passwordField); if ($ri) { print "NOK $ri\n"; } else { my $rv = $np->cfg->save(-user => $m->session->{'username'}); _log("DEBUG", $m->session->{'username'}." updated ldap settings for $server\n"); if ($rv) { print "NOK $rv\n"; } else { print "OK\n"; } } } else { print "NOK permission denied\n"; } </%perl> --- NEW FILE: setRadiusSecret.mhtml --- <%doc> </%doc> <%args> $server => ''; $secret => ''; </%args> <%perl> # validate perms my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if ($isRoot && $server) { my $rv = $np->cfg->setRadius(-server => $server, -secret => $secret); if ($rv) { print "NOK $rv\n"; } else { $rv = $np->cfg->save(-user => $m->session->{'username'}); _log("DEBUG", $m->session->{'username'}." updated radius secret for $server\n"); if ($rv) { print "NOK $rv\n"; } else { print "OK\n"; } } } else { print "NOK permission denied\n"; } </%perl> --- NEW FILE: getLDAP.mhtml --- <%doc> </%doc> <%args> $server => ''; </%args> <%perl> use URI; # validate perms my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if ($isRoot && $server) { my $ri = $np->cfg->getLDAP($server); if (ref($ri) eq "HASH") { print "OK ", join(' ', URI->new($ri->{'base'})->canonical(), URI->new($ri->{'filter'})->canonical(), URI->new($ri->{'passwordField'})->canonical() ), "\n"; } else { print "NOK getLDAP() failed: $ri\n" if (ref($ri) ne "ARRAY"); } } else { print "NOK permission denied\n"; } </%perl> --- NEW FILE: getRadiusSecret.mhtml --- <%doc> </%doc> <%args> $server => ''; </%args> <%perl> use URI; # validate perms my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if ($isRoot && $server) { my $ri = $np->cfg->getRadius($server); if (ref($ri) eq "HASH") { print "OK ", URI->new($ri->{'secret'})->canonical(), "\n"; } else { print "NOK getRadius() failed: $ri\n" if (ref($ri) ne "ARRAY"); } } else { print "NOK permission denied\n"; } </%perl> |
|
From: jeff m. <jef...@us...> - 2005-06-23 20:21:24
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4657/www/htdocs/Admin Modified Files: auth.mhtml user.mhtml Log Message: bug fixes to userform, arp table searching (osx), ldap ui, auth.mhtml ui Index: user.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/user.mhtml,v retrieving revision 1.23 retrieving revision 1.24 diff -u -d -r1.23 -r1.24 --- user.mhtml 4 May 2005 20:22:17 -0000 1.23 +++ user.mhtml 23 Jun 2005 20:21:09 -0000 1.24 @@ -228,7 +228,6 @@ print "</PRE>" if $D; } - $np->db->setUsersAndGroups(-userhash => $uh, -whoami => $m->session->{'username'}, -ip => $ENV{'REMOTE_ADDR'}); @@ -246,7 +245,7 @@ <script language="JavaScript"> DBG_init(); var whoami = "<%$whoami%>"; -var usingAuthDB = <%$usingAuthDB%>; +var usingAuthDB = <%$usingAuthDB ? $usingAuthDB : 0%>; var userhash = { <%perl> my ($comma1, $comma2, $comma3) = ("", "", ""); Index: auth.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/auth.mhtml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- auth.mhtml 8 Jun 2005 16:35:42 -0000 1.5 +++ auth.mhtml 23 Jun 2005 20:21:09 -0000 1.6 @@ -1,21 +1,29 @@ <%doc> </%doc> <%args> - $auth_method => ''; - $admin_auth_method => ''; - $radiusServer => ''; - $radiusSecret => ''; - $admin_radiusServer => ''; - $admin_radiusSecret => ''; + $auth_method => ''; + $admin_auth_method => ''; + $radiusServer => ''; + $delRadiusServer => ''; + + $adminradiusServer => ''; + $admindelRadiusServer => ''; + $submitButton => ''; + $ldapServer => ''; - $admin_ldapServer => ''; + $delLdapServer => ''; + $adminldapServer => ''; + $admindelLdapServer => ''; + $ldapBase => ''; - $admin_ldapBase => ''; + $adminldapBase => ''; + $ldapFilter => ''; - $admin_ldapFilter => ''; + $adminldapFilter => ''; + $ldapPasswordField => ''; - $admin_ldapPasswordField => ''; + $adminldapPasswordField => ''; </%args> <%perl> my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); @@ -26,25 +34,69 @@ my @err; my $WH = "----------------------"; -my $aa = $np->cfg->policy(-key => 'ADMIN_AUTH_METHOD'); -my $ca = $np->cfg->policy(-key => 'AUTH_METHOD'); +my $aa = $admin_auth_method || $np->cfg->policy(-key => 'ADMIN_AUTH_METHOD'); +my $ca = $auth_method || $np->cfg->policy(-key => 'AUTH_METHOD'); +my $rv; +my $whoami = $m->session->{'username'}; $m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'submitButton' ], 'init' => 0); my $lstat = $np->db->isConfigLocked(); if ($submitButton eq "Commit Changes") { + _log("DEBUG", "$whoami is changing system auth settings\n"); + # set global policy AUTH_METHOD + + $np->cfg->policy(-key => 'AUTH_METHOD', -val => $auth_method); + # set global policy ADMIN_AUTH_METHOD - # if radiusServer && secret == "" then remove $radiusServer - # if radiusServer && secret then set secret + + $np->cfg->policy(-key => 'ADMIN_AUTH_METHOD', -val => $admin_auth_method); + + # if radiusServer && delRadiusServer then remove $radiusServer + + if ( ($auth_method eq "NetPass::Auth::Radius") && ($radiusServer ne "") && + ($delRadiusServer eq "Delete Server") ) { + $rv = $np->cfg->setRadius(-server => $radiusServer); + push @err, $rv if ($rv); + } + + if ( ($admin_auth_method eq "NetPass::Auth::Radius") && ($adminradiusServer ne "") && + ($admindelRadiusServer eq "Delete Server") ) { + $rv = $np->cfg->setRadius(-server => $adminradiusServer); + push @err, $rv if ($rv); + } + + # if ldapServer && delLdapServer then del + + if ( ($auth_method eq "NetPass::Auth::LDAP") && ($ldapServer ne "") && + ($delLdapServer eq "Delete Server") ) { + _log("DEBUG", "$whoami is deleting ldap server $ldapServer"); + $rv = $np->cfg->setLDAP(-server => $ldapServer); + push @err, $rv if ($rv); + } + + if ( ($admin_auth_method eq "NetPass::Auth::LDAP") && ($adminldapServer ne "") && + ($admindelLdapServer eq "Delete Server") ) { + $rv = $np->cfg->setLDAP(-server => $adminldapServer); + _log("DEBUG", "$whoami is deleting ldap server $adminldapServer"); + push @err, $rv if ($rv); + } + + $np->cfg->save(-user => $whoami); } </%perl> <script language='JavaScript'><!-- var pageDirty = false; setWhereAmI('Authentication > Methods'); +DBG_init(); --></script> +<script src="/resources/js/common.js" type="text/javascript"></script> +<script src="/resources/js/radius.js" type="text/javascript"></script> +<script src="/resources/js/ldap.js" type="text/javascript"></script> +<form method="post"> <input type='submit' name='submitButton' id='submitButton' value='Commit Changes'><P> <TABLE WIDTH=800 ID="authMethods" CELLSPACING=2 CELLPADDING=2> @@ -57,21 +109,24 @@ <TD CLASS='right'> <%$q->popup_menu ( -name => 'auth_method', - -default => $ca, + -default => $auth_method || $ca, -values => [ 'NetPass::Auth::DB' , 'NetPass::Auth::Radius', 'NetPass::Auth::LDAP', 'NetPass::Auth::Unix' ] )%> </TD></TR> <TR><TD colspan=2 align='right'> +% if ($ca eq "NetPass::Auth::Radius") { % $m->comp('/Admin/FormAuthRadius', %ARGS); +% } elsif ($ca eq "NetPass::Auth::LDAP") { % $m->comp('/Admin/FormAuthLDAP', %ARGS); +% } </tD></TR> <TR> <TD CLASS='left'>Admin Auth Method</TD> <TD CLASS='right'> <%$q->popup_menu ( -name => 'admin_auth_method', - -default => $aa, + -default => $admin_auth_method || $aa, -values => [ 'NetPass::Auth::DB' , 'NetPass::Auth::Radius', 'NetPass::Auth::LDAP', 'NetPass::Auth::Unix' ] )%> @@ -84,7 +139,7 @@ % } </tD></TR> </table> - +</form> <%perl> @@ -108,3 +163,4 @@ } </%perl> + |
|
From: jeff m. <jef...@us...> - 2005-06-23 20:21:23
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4657/www/components/Admin Modified Files: FormAuthLDAP FormAuthRadius Log Message: bug fixes to userform, arp table searching (osx), ldap ui, auth.mhtml ui Index: FormAuthRadius =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormAuthRadius,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- FormAuthRadius 8 Jun 2005 16:35:41 -0000 1.2 +++ FormAuthRadius 23 Jun 2005 20:21:08 -0000 1.3 @@ -6,42 +6,35 @@ $prefix => ''; $server => ''; </%args> -<script language='JavaScript'> -var <%$prefix%>radiusSecrets = new Object(); <%perl> my $rs_ = $np->cfg->getRadius(); my $rs = (ref($rs_) eq "ARRAY") ? $rs_ : []; my $WH = "----------------"; my $ml = length($WH); + foreach my $server (@$rs) { $ml = ($ml > length($server)) ? $ml : length($server); - my $sh = $np->cfg->getRadius($server); - if (ref($sh) eq "HASH") { - print qq{//$server\n}; - print qq{${prefix}radiusSecrets['$server'] = '$sh->{secret}';\n}; - } } $ml = int($ml * 1.5); $WH = "-" x $ml; </%perl> -</script> <table border=0 id='<%$prefix%>FormAuthRadius'> <tr><th>Radius Servers</th><th colspan=2>Options</th></tr> <tr><td><%$q->scrolling_list(-id => $prefix.'radiusServer', -name => $prefix.'radiusServer', - -onchange => 'radius_onchange_radiusServer();' + -onchange => "radius_onchange_radiusServer('$prefix');", -size => 4, -values => [ $WH, @$rs ])%><BR> - <input size=16 id='radiusAddServer' name='radiusAddServer' - onfocus='radius_onfocus_addServer('<%$prefix%>');' - onblur='radius_onblur_addServer('<%$prefix%>');' + <input size=16 id='<%$prefix%>radiusAddServer' name='<%$prefix%>radiusAddServer' + onfocus='radius_onfocus_addServer("<%$prefix%>");' + onblur='radius_onblur_addServer("<%$prefix%>");' value="Add Server..." > - <input type='submit' onclick='radius_onclick_delServer(); return false;' + <input type='submit' name="<%$prefix%>delRadiusServer" value='Delete Server'> </td> <td align='right' valign='top'>Secret:</td> <td align='left' valign='top'> - <input size=16 id='<%$prefix%>radiusSecret'><BR> - + <input size=16 id='<%$prefix%>radiusSecret' + onblur="radius_onblur_radiusSecret('<%$prefix%>');"><BR> </td> </tr> </table> Index: FormAuthLDAP =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormAuthLDAP,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- FormAuthLDAP 8 Jun 2005 16:35:41 -0000 1.2 +++ FormAuthLDAP 23 Jun 2005 20:21:08 -0000 1.3 @@ -6,10 +6,6 @@ $prefix => ''; $server => ''; </%args> -<script language='JavaScript'> -var <%$prefix%>ldapBase = new Object(); -var <%$prefix%>ldapFilter = new Object(); -var <%$prefix%>ldapPField = new Object(); <%perl> my $rs_ = $np->cfg->getLDAP(); my $rs = (ref($rs_) eq "ARRAY") ? $rs_ : []; @@ -21,27 +17,35 @@ $ml = int($ml * 1.5); $WH = "-" x $ml; </%perl> -</script> <table border=0 id='<%$prefix%>FormAuthLDAP'> <tr><th>LDAP Servers</th><th>Options</th></tr> <tr><td align='center' valign='top'> <%$q->scrolling_list(-id => $prefix.'ldapServer', -name => $prefix.'ldapServer', - -onchange => 'ldap_onchange_ldapServer();', + -onchange => "ldap_onchange_ldapServer('$prefix');", -size => 4, -values => [ $WH, @$rs ])%><BR> - <input size=16 id='ldapAddServer' name='ldapAddServer' - onfocus='ldap_onfocus_addServer('<%$prefix%>');' - onblur='ldap_onblur_addServer('<%$prefix%>');' + <input size=16 id='<%$prefix%>ldapAddServer' name='<%$prefix%>ldapAddServer' + onfocus='ldap_onfocus_addServer("<%$prefix%>");' + onblur='ldap_onblur_addServer("<%$prefix%>");' value="Add Server..." > - <input type='submit' onclick='ldap_onclick_delServer(); return false;' + <input type='submit' name='<%$prefix%>delLdapServer' value='Delete Server'> </td> <td align='right' valign='top'> <table border='0'> - <tr><td align='right' valign='top'>Base:</td><td align='left' valign='top'><input size=16 id='<%$prefix%>ldapBase'></td></tr> - <tr><td align='right' valign='top'>Filter:</td><td align='left' valign='top'><input size=16 id='<%$prefix%>ldapFilter'></td></tr> - <tr><td align='right' valign='top'>Password Field:</td><td align='left' valign='top'><input size=16 id='<%$prefix%>ldapPasswordField'></td></tr> + <tr><td align='right' valign='top'>Base:</td><td align='left' valign='top'><input size=16 + id='<%$prefix%>ldapBase' + onblur="ldap_onblur_ldapBase('<%$prefix%>');"> + </td></tr> + <tr><td align='right' valign='top'>Filter:</td><td align='left' valign='top'><input size=16 + id='<%$prefix%>ldapFilter' + onblur="ldap_onblur_ldapFilter('<%$prefix%>');"> + </td></tr> + <tr><td align='right' valign='top'>Password Field:</td><td align='left' valign='top'><input size=16 + id='<%$prefix%>ldapPasswordField' + onblur="ldap_onblur_ldapPassword('<%$prefix%>');"> + </td></tr> </table> </td> </tr> |
|
From: jeff m. <jef...@us...> - 2005-06-23 20:21:22
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4657/lib/NetPass Modified Files: Config.pm DB.pm Network.pm Log Message: bug fixes to userform, arp table searching (osx), ldap ui, auth.mhtml ui Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.50 retrieving revision 1.51 diff -u -d -r1.50 -r1.51 --- Config.pm 14 Jun 2005 20:29:54 -0000 1.50 +++ Config.pm 23 Jun 2005 20:21:07 -0000 1.51 @@ -1448,6 +1448,7 @@ _log("DEBUG", "nw=$nw examine network clause\n") if $self->debug; if (! recur_exists ($self->{'cfg'}, "network", $nw)) { + _log("DEBUG", "nw=$nw no such network\n"); return undef; #"nosuch network"; } @@ -2689,7 +2690,7 @@ base the search base filter the filter to use - passwordField the name of the password field + passwordfield the name of the password field RETURNS arrayref on success @@ -2703,9 +2704,9 @@ my $s = shift; $s ||= ""; if (recur_exists($self->{'cfg'}, "ldap", $s)) { - return { 'base' => $self->{'cfg'}->obj('radius')->obj($s)->value('base'), - 'filter' => $self->{'cfg'}->obj('radius')->obj($s)->value('filter'), - 'passwordField' => $self->{'cfg'}->obj('radius')->obj($s)->value('passwordField'), + return { 'base' => $self->{'cfg'}->obj('ldap')->obj($s)->value('base'), + 'filter' => $self->{'cfg'}->obj('ldap')->obj($s)->value('filter'), + 'passwordField' => $self->{'cfg'}->obj('ldap')->obj($s)->value('passwordfield'), }; } elsif (recur_exists($self->{'cfg'}, "ldap")) { @@ -2752,9 +2753,12 @@ $self->{'cfg'}->obj('ldap')->$server({}); } if ($base.$filter.$pfield ne "") { - $self->{'cfg'}->obj('ldap')->obj($server)->base($base); - $self->{'cfg'}->obj('ldap')->obj($server)->filter($filter); - $self->{'cfg'}->obj('ldap')->obj($server)->passwordField($pfield); + $self->{'cfg'}->obj('ldap')->obj($server)->base($base) + if ($base); + $self->{'cfg'}->obj('ldap')->obj($server)->filter($filter) + if ($filter); + $self->{'cfg'}->obj('ldap')->obj($server)->passwordfield($pfield) + if ($pfield); } else { $self->{'cfg'}->obj('ldap')->delete($server); Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.46 retrieving revision 1.47 diff -u -d -r1.46 -r1.47 --- DB.pm 8 Jun 2005 16:35:41 -0000 1.46 +++ DB.pm 23 Jun 2005 20:21:07 -0000 1.47 @@ -1475,14 +1475,15 @@ } } else { my $ugh = $self->getUserGroups($u); - if (!defined($ugh)) { + my $numGroups = keys %$ugh; + if ($numGroups == 0) { # user doesnt exist - $sql = "NSERT INTO users (username, groups) VALUES ("; + $sql = "INSERT INTO users (username, groups) VALUES ("; $sql .= $self->dbh->quote($u). ","; $sql .= $self->dbh->quote($groups). ")"; if (!$self->dbh->do($sql)) { _log("ERROR", "failed to add user: $u sql=$sql err=".$self->dbh->errstr); - return "db failured ".$self->dbh->errstr; + return "db failure ".$self->dbh->errstr; } _log ("INFO", qq{$whoami added user $u groups "$groups"}); $self->audit(-ip => $myip, -user => $whoami, -severity => 'ALERT', @@ -1491,7 +1492,6 @@ else { # user already exists - my $groups_orig = $self->composeGroupMembership($ugh); if ($groups ne $groups_orig) { $sql = qq{UPDATE users SET groups = }; Index: Network.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Network.pm,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- Network.pm 25 Oct 2004 17:48:25 -0000 1.4 +++ Network.pm 23 Jun 2005 20:21:08 -0000 1.5 @@ -258,10 +258,14 @@ if ($#matches == 0) { $matches[0] =~ /\($ip\)\s+at\s+(\S+)/; my $mac = $1; - $mac =~ s/\://g; + my $mac2 = ''; + foreach my $_mp (split(/:/, $mac)) { + $mac2 .= substr("00".$_mp, -2); + } $mac =~ tr [A-Z] [a-z]; + $mac2 =~ tr [A-Z] [a-z]; return undef if (!$ii && $mac =~ /incomplete/); - return $mac; + return $mac2; } my $macs = {}; @@ -272,10 +276,14 @@ if($l =~ /\(($ip)\)\s+at\s+(\S+)/) { my $ip = $1; my $mac = $2; + my $mac2 = ''; + foreach my $_mp (split(/:/, $mac)) { + $mac2 .= substr("00".$_mp, -2); + } $mac =~ tr [A-Z] [a-z]; - $mac =~ s/\://g; + $mac2 =~ tr [A-Z] [a-z]; next if (!$ii && $mac =~ /incomplete/); - $macs->{$ip} = $mac; + $macs->{$ip} = $mac2; } } return $macs; |
|
From: jeff m. <jef...@us...> - 2005-06-23 20:21:15
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4657/doc Added Files: npinline-l2.txt npinline-l3.txt Log Message: bug fixes to userform, arp table searching (osx), ldap ui, auth.mhtml ui --- NEW FILE: npinline-l3.txt --- ON BOOT: if (config exists) { load config; parse; produce ebtables rules; load those rules; } else { set ebtables to bridge pkts thru unchanged; } WEB UI: configure vlan mappings. 128.205.10.131 1-1000:192/892:L2;1001-2000:195/895:L3 'commit changes' saves to config <vlanmap> does snmpset on 128.205.10.131 vlanmap snmpdaemon takes '1-1000:192/892:L2;1001-2000:195/895:L3' and writes to config. snmpdaemon parses that line, produces ebtables rules, loads those rules. "L2" is the default. if not specified, L2 is assumed. LOAD CONFIG: config = "1-1000:192/892:L2;1001-2000:195/895:L3" expand1 = "1,2,3,4 192 892" echo flush > /proc/npvnat/l2config echo $expand1 > /proc/npvnat/l2config (bc of "L2") ebtables --vlanid 192 -j npvnat-l2 ebtables --vlanid 892 -j npvnat-l2 expand2 = "1001,1002 195 895" echo flush > /proc/npvnat/l3config echo $expand2 > /proc/npvnat/l3config (bc of "L3") ebtables --vlanid 195 -j npvnat-l3 ebtables --vlanid 895 -j npvnat-l3 WHEN NEW IP APPEARS: (i.e. DIALUP) mac = aabbccddeeff (dialup server) ip = 128.205.193.100 npvnat-l3 grabs vlan & ipaddr from the pkt. ignores mac, irrelevant. if (ip !in hash) { malloc struct { init_vlan=193, remap_vlan=0 }; remap_vlan = lookupQuar(init_vlan); // 893 // struct { init_vlan=193, remap_vlan=893 }; hash{ip} = struct; } snmpdaemon sees IP appear by reading the hash table. snmpdaemon sends linkup (#4) trap for $IP NP SERVER: resetport gets trap for switch/IP determines that IP can be unquaratined ****** TDB requestPortMove($switch, $IP, 'unquarntine'); portmover picks up instructions, and does snmpset $switch $ip 193 BACK ON INLINE DEV snmpdaemon does: echo "$ip 193" > /proc/npvnat/set_vlan_l3 BACK IN KERNEL given IP from set_vlan, lookup hash record, set remap_vlan=193; --- NEW FILE: npinline-l2.txt --- ON BOOT: if (config exists) { load config; parse; produce ebtables rules; load those rules; } else { set ebtables to bridge pkts thru unchanged; } WEB UI: configure vlan mappings. 128.205.10.131 1-1000:192/892:L2;1001-2000:195/895:L3 'commit changes' saves to config <vlanmap> does snmpset on 128.205.10.131 vlanmap snmpdaemon takes '1-1000:192/892:L2;1001-2000:195/895:L3' and writes to config. snmpdaemon parses that line, produces ebtables rules, loads those rules. "L2" is the default. if not specified, L2 is assumed. LOAD CONFIG: config = "1-1000:192/892:L2;1001-2000:195/895:L3" expand1 = "1,2,3,4 192 892" echo flush > /proc/npvnat/l2config echo $expand1 > /proc/npvnat/l2config (bc of "L2") ebtables --vlanid 192 -j npvnat-l2 ebtables --vlanid 892 -j npvnat-l2 expand2 = "1001,1002 195 895" echo flush > /proc/npvnat/l3config echo $expand2 > /proc/npvnat/l3config (bc of "L3") ebtables --vlanid 195 -j npvnat-l3 ebtables --vlanid 895 -j npvnat-l3 WHEN NEW MAC APPEARS: mac = aabbccddeeff ip = 128.205.192.100 npvnat grabs mac & vlan & ipaddr from the pkt if (mac !in hash) { malloc struct { init_vlan=192, remap_vlan=0, ipaddr=128.205.192.100 }; remap_vlan = lookupQuar(init_vlan); // 892 // struct { init_vlan=192, remap_vlan=892, ipaddr=128.205.192.100 }; hash{mac} = struct; } snmpdaemon see mac appear by reading the hash table. assigns mac a virtual port by looking thru config and using the init_vlan. available ports for 192 are 1-1000. assigns port 1. snmpdaemon sends linkup trap for port #1 NP SERVER: resetport gets trap switch/port -> look in vlanmap find q/uq vlans looks in <networks> for network that matches q/uq vlans if (resetportEnabled(network)) { fetches macport table from $switch evaluates $mac; mac is OK requestPortMove($switch, $port, 'unquarntine'); } portmover picks up instructions, looks in vlanmap for UQ vlan and does snmpset $switch $port 192 BACK ON INLINE DEV snmpdaemon knows the macport mapping. looks up mac from that map and gets port. and does echo "$mac 192" > /proc/npvnat/set_vlan BACK IN KERNEL given mac from set_vlan, lookup hash record, set remap_vlan=192; |
|
From: Matt <mt...@us...> - 2005-06-14 21:57:50
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9227 Modified Files: netgroups.mhtml Log Message: Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- netgroups.mhtml 8 Jun 2005 16:35:42 -0000 1.7 +++ netgroups.mhtml 14 Jun 2005 21:57:31 -0000 1.8 @@ -167,7 +167,7 @@ $rv = ''; foreach my $ak ( keys %ARGS ) { - if ($ak =~ /^(\S+):(\S+)$/) { + if ($ak =~ /^(\w+):(\S+)$/) { my $section = $1; my $var = $2; @@ -181,7 +181,40 @@ -network => $netgroups); $rv .= " $rv2" if ($rv2); } - } + } elsif ($section eq "snort") { + if ($var eq 'mode' && $ARGS{"override:mode"}) { + $np->cfg->snort(-key => 'mode', + -network => $netgroups, + -val => $ARGS{$ak}) + if ($ARGS{$ak} =~ /^(enabled|disabled|not_really)$/); + } elsif ($var =~ /^rorw_(.+)$/ && $ARGS{"override:servers"}) { + my $v = $1; + $np->cfg->snort(-key => $v, + -sval => 'servers', + -network => $netgroups, + -val => $ARGS{$ak}) + if ($ARGS{$ak} =~ /^(ro|rw)$/ && !exists $ARGS{"snort:delete_$v"}); + } elsif ($var eq 'addnewsensor' && defined $ARGS{'snort:addnewsensor'} && + $ARGS{"override:servers"}) { + if ($ARGS{'snort:newport'} =~ /^\d+$/ && + $ARGS{'snort:newrorw'} =~ /^(ro|rw)$/ && + $ARGS{'snort:newsensor'} =~ /^\w*\.*\w*\.*\w+\.\w+$/) { + my $v = $ARGS{'snort:newsensor'}.':'.$ARGS{'snort:newport'}; + $np->cfg->snort(-key => $v, + -sval => 'servers', + -network => $netgroups, + -val => $ARGS{'snort:newrorw'}); + } + } elsif ($var =~ /^delete_(.+)$/ && defined $ARGS{$ak} && $ARGS{"override:servers"}) { + my $v = $1; + $np->cfg->snort(-key => $v, -sval => 'servers', -network => $netgroups, -del => 1); + } + + if ($ARGS{"override:mode"} eq "" || $ARGS{"override:servers"} eq "") { + $np->cfg->snort(-key => 'mode', -network => $netgroups, -del => 1); + $np->cfg->snort(-key => 'servers' , -network => $netgroups, -del => 1); + } + } } } @@ -225,6 +258,8 @@ <P> % if ($netgroups) { % $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Netgroup General Settings for '.$netgroups, 'network' => $netgroups, 'suppressKeys' => { 'PID_DIR' => 1, 'BASE_DIR' => 1 }, 'showDefault' => 1, 'formatFor' => 'group' ); +% $m->comp('/Admin/FormNPSnort', %ARGS, 'network' => $netgroups, 'formatFor' => 'group', +% 'showDefault' => 1); % } </form> |
|
From: Matt <mt...@us...> - 2005-06-14 21:42:32
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv2383 Modified Files: network.mhtml Log Message: Index: network.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/network.mhtml,v retrieving revision 1.11 retrieving revision 1.12 diff -u -d -r1.11 -r1.12 --- network.mhtml 14 Jun 2005 21:09:41 -0000 1.11 +++ network.mhtml 14 Jun 2005 21:42:24 -0000 1.12 @@ -122,9 +122,7 @@ -network => $network); $rv .= " $rv2" if ($rv2); } - } - - if ($section eq "snort") { + } elsif ($section eq "snort") { if ($var eq 'mode' && $ARGS{"override:mode"}) { $np->cfg->snort(-key => 'mode', -network => $network, @@ -302,6 +300,8 @@ % $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Network General Settings for '.$network.$ngtxt, % 'showDefault' => 1, 'formatFor' => 'network', % 'network' => $network, 'suppressKeys' => { 'PID_DIR' => 1, 'BASE_DIR' => 1 } ); + +</tr><tr><td colspan=3> % $m->comp('/Admin/FormNPSnort', %ARGS, 'network' => $network, 'formatFor' => 'network', % 'showDefault' => 1); % } |
|
From: Matt <mt...@us...> - 2005-06-14 21:41:19
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1398 Modified Files: FormNPSnort Log Message: Index: FormNPSnort =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPSnort,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- FormNPSnort 14 Jun 2005 20:35:24 -0000 1.5 +++ FormNPSnort 14 Jun 2005 21:41:08 -0000 1.6 @@ -12,23 +12,24 @@ <TH onclick="showHideObj2(getElementById('snortConfig').tBodies[0]);" COLSPAN=2>Snort</TH> </TR></THEAD> <TBODY> -%} elsif ($formatFor eq "network") { +%} elsif ($formatFor =~ /network|group/) { <THEAD><TR> <TH onclick="showHideObj2(getElementById('snortConfig').tBodies[0]);" COLSPAN=5>Snort Settings for <%$network%></TH> </TR></THEAD> <TBODY> <TR> <TH>Option</TH><TH>Value</TH><TH>Override Default</TH><TH COLSPAN=2>Default Value</TH> +</TR> %} <TR><TD CLASS='left'>mode</TD> <TD CLASS='right'> -<%$q->popup_menu ( - -name => 'snort:mode', - -values => ['enabled', 'disabled', 'not_really'], - -default => $np->cfg->snort(-key => 'mode', -network => $network) - )%> +%print $q->popup_menu ( +% -name => 'snort:mode', +% -values => ['enabled', 'disabled', 'not_really'], +% -default => $np->cfg->snort(-key => 'mode', -network => $network) +% ); </TD> -% if ($formatFor eq "network" && $showDefault) { +% if ($formatFor =~ /network|group/ && $showDefault) { <td class='center'><input type='checkbox' <%!$np->cfg->snortLocation(-key => 'mode', -network => $network, -location => $formatFor)? "" : "checked"%> name="override:mode"></td> <td class='right'><%$np->cfg->snort(-key => 'mode')%></td> <td class='left'>(<%join(',', @{$np->cfg->snortLocation(-key => 'mode', -network => $network)})%>)</td> @@ -90,7 +91,7 @@ print "</TD></TR></TABLE></TD>"; - if ($formatFor eq "network" && $showDefault) { + if ($formatFor =~ /network|group/ && $showDefault) { my $c = !$np->cfg->snortLocation(-key => 'servers', -network => $network, -location => $formatFor) ? 0 : 1; print "<TD CLASS='center'>"; print $q->checkbox ( @@ -130,4 +131,3 @@ </TR> </TBODY> </TABLE> -<BR> |
|
From: Matt <mt...@us...> - 2005-06-14 21:12:52
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17874 Modified Files: MANIFEST Log Message: Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.48 retrieving revision 1.49 diff -u -d -r1.48 -r1.49 --- MANIFEST 8 Jun 2005 16:35:40 -0000 1.48 +++ MANIFEST 14 Jun 2005 21:12:43 -0000 1.49 @@ -16,23 +16,26 @@ bin/interfacecfg.pl bin/macscan.pl bin/moveport.pl +bin/myresetport.pl bin/npportcache.pl bin/nessus.pl -bin/coconf.pl +bin/npapid.pl bin/portmover-restart.sh -bin/resetport.pl bin/proc_counter.pl bin/portmover.pl -bin/npapid.pl bin/resetport-restart.sh -bin/ciconf.pl +bin/resetport.pl +bin/resetport3.pl +bin/resetportpool.pl bin/rm_stale_cookies.pl +bin/quarantine_host.pl bin/import_snort_rules.pl bin/getresults.pl -bin/quarantine_host.pl +bin/ciconf.pl +bin/coconf.pl bin/lsconf.pl -bin/rogue-dhcp-detect.pl bin/npsubagent.pl +bin/rogue-dhcp-detect.pl bin/npurlfilter.pl doc/cron.monthly/mysql_binlog_rotate doc/logrotate.d/apache @@ -40,18 +43,12 @@ doc/lvs/setup.txt doc/lvs/getint.c doc/lvs/lvs-netpass.patch -doc/website/supequip.html -doc/website/index.html -doc/website/install.html -doc/website/site.css -doc/website/deploy.html -doc/website/roadmap.html -doc/insert_docs_from_ascit.pl +doc/dhcprelay.patch +doc/appstart doc/Netpass_Overview.txt doc/add_new_network -doc/appstart +doc/insert_docs_from_ascit.pl doc/create_tables.sql -doc/dhcprelay.patch doc/groups.txt doc/popvlanmap.pl doc/mysql.txt @@ -59,64 +56,73 @@ doc/perlmods doc/user_overview.txt doc/squidguard.txt -doc/apachehowto.txt +doc/website/img/arrows.png +doc/website/img/arrows.svg +doc/website/img/arrows.xcf +doc/website/img/index.html +doc/website/deploy.html +doc/website/index.html +doc/website/install.html +doc/website/roadmap.html +doc/website/site.css +doc/website/supequip.html doc/mysqlcluster.txt +doc/apachehowto.txt doc/nessus-install.txt doc/npsnort.txt doc/netpass-install.sxw doc/snort-2.3.3-vlan.patch doc/ebtablesnmpsetup.txt -etc/netpass-example.conf etc/oui.txt -install.d/logrotate.d/apache -install.d/logrotate.d/netpass -install.d/logrotate.d/snort -install.d/convertdb -install.d/install -install.d/install-test -install.d/packages -install.d/services -install.d/iptables.sh -install.d/spinner.pm -install.d/squid.conf -install.d/lvs -install.d/syslog.conf +etc/netpass-example.conf install.d/init.d/netpassha install.d/init.d/nessusd install.d/init.d/netpass install.d/init.d/npgarp -install.d/init.d/apache +install.d/init.d/snortd install.d/init.d/swatch +install.d/init.d/apache install.d/init.d/mysqld -install.d/init.d/snortd install.d/init.d/ndbmgmd +install.d/testpm install.d/crontab.netpass -install.d/httpd.conf +install.d/install +install.d/install-test +install.d/services +install.d/spinner.pm +install.d/syslog.conf +install.d/convertdb install.d/fstab -install.d/swatch.conf -install.d/iptables-lvs.sh +install.d/packages install.d/pages.sql +install.d/squid.conf +install.d/swatch.conf install.d/tables.sql +install.d/logrotate.d/snort +install.d/logrotate.d/apache +install.d/logrotate.d/netpass +install.d/lvs +install.d/iptables.sh install.d/ldirectord.cf -install.d/testpm +install.d/httpd.conf +install.d/iptables-lvs.sh install.d/snmptrapd -install.d/drop-tables.sql install.d/install-ipvs.sh -install.d/drop-indexes.sql install.d/sysconfig.snort install.d/create-indexes.sql -lib/Bundle/NetPass/API.pm +install.d/drop-indexes.sql +install.d/drop-tables.sql lib/Bundle/NetPass1.pm lib/Bundle/NetPass2.pm -lib/NetPass/WWW/Session.pm.mysql lib/NetPass/WWW/Session.pm.file +lib/NetPass/WWW/Session.pm.mysql lib/NetPass/Auth/Radius.pm lib/NetPass/Auth/DB.pm lib/NetPass/Auth/LDAP.pm lib/NetPass/Auth/Unix.pm lib/NetPass/Config.pm -lib/NetPass/DB.pm lib/NetPass/API.pm +lib/NetPass/DB.pm lib/NetPass/LOG.pm lib/NetPass/Nessus.pm lib/NetPass/Network.pm @@ -132,25 +138,25 @@ lib/SNMP/Device/Asante.pm lib/SNMP/Device/BayStack.pm lib/SNMP/Device/BayStack3.pm -lib/SNMP/Device/Cisco.pm lib/SNMP/Device/HP.pm lib/SNMP/Device/HP_AS_HUB.pm +lib/SNMP/Device/Cisco.pm lib/SNMP/Device.pm lib/SNMP/driver2.pl lib/SNMP/driver3.pl lib/NetPass.pm lib/RUNONCE.pm +www/components/Admin/FormNPPolicy www/components/Admin/Login www/components/Admin/MemberOf -www/components/Admin/FormAuthLDAP www/components/Admin/LockConfig -www/components/Admin/FormAuthRadius www/components/Admin/TableEditPolicy +www/components/Admin/FormAuthLDAP +www/components/Admin/FormAuthRadius www/components/Admin/FormNPApi -www/components/Admin/FormNPDb -www/components/Admin/FormNPNessus -www/components/Admin/FormNPPolicy www/components/Admin/FormNPSnort +www/components/Admin/FormNPNessus +www/components/Admin/FormNPDb www/components/Client/BeginScan www/components/Client/GetInfo www/components/Client/Login @@ -172,9 +178,9 @@ www/htdocs/Admin/Editor/edit.mhtml www/htdocs/Admin/Editor/index.mhtml www/htdocs/Admin/Editor/view.mhtml +www/htdocs/Admin/Scan/ids.mhtml www/htdocs/Admin/Scan/index.mhtml www/htdocs/Admin/Scan/info.mhtml -www/htdocs/Admin/Scan/ids.mhtml www/htdocs/Admin/reports/byclient.mhtml www/htdocs/Admin/reports/bynet.mhtml www/htdocs/Admin/reports/byos.mhtml @@ -189,16 +195,14 @@ www/htdocs/Admin/mr.mhtml www/htdocs/Admin/qc.mhtml www/htdocs/Admin/user.mhtml -www/htdocs/Admin/urlfilter.mhtml -www/htdocs/Admin/network.mhtml -www/htdocs/Admin/clienthistory.mhtml -www/htdocs/Admin/switch.mhtml -www/htdocs/Admin/help.mhtml www/htdocs/Admin/chpwd.mhtml +www/htdocs/Admin/clienthistory.mhtml +www/htdocs/Admin/network.mhtml +www/htdocs/Admin/urlfilter.mhtml www/htdocs/Admin/auth.mhtml -www/htdocs/Admin/cmd/lockcfg.mhtml -www/htdocs/Admin/cmd/setresult.mhtml +www/htdocs/Admin/help.mhtml www/htdocs/Admin/netgroups.mhtml +www/htdocs/Admin/switch.mhtml www/htdocs/OSSTemplate/css/OSSTemplate.css.cgi www/htdocs/OSSTemplate/css/.htaccess www/htdocs/OSSTemplate/css/calendar.css @@ -215,15 +219,15 @@ www/htdocs/OSSTemplate/images/ossLogo2.gif www/htdocs/OSSTemplate/images/progress.gif www/htdocs/OSSTemplate/js/OSSTemplate.js -www/htdocs/OSSTemplate/js/userform.js www/htdocs/OSSTemplate/js/debug.js -www/htdocs/OSSTemplate/js/netgroups.js +www/htdocs/OSSTemplate/js/userform.js www/htdocs/OSSTemplate/js/xmlhttp.js -www/htdocs/OSSTemplate/js/ldap.js -www/htdocs/OSSTemplate/js/lockcfg.js www/htdocs/OSSTemplate/js/common.js +www/htdocs/OSSTemplate/js/lockcfg.js +www/htdocs/OSSTemplate/js/netgroups.js www/htdocs/OSSTemplate/js/network.js www/htdocs/OSSTemplate/js/switch.js +www/htdocs/OSSTemplate/js/ldap.js www/htdocs/OSSTemplate/js/radius.js www/htdocs/OSSTemplate/.htaccess www/htdocs/load-test.mhtml |
