netpass-devel Mailing List for NetPass (Page 10)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: Matt <mt...@us...> - 2005-06-14 21:12:20
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17558 Modified Files: index.mhtml Log Message: Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/index.mhtml,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- index.mhtml 13 Jun 2005 15:17:36 -0000 1.10 +++ index.mhtml 14 Jun 2005 21:12:07 -0000 1.11 @@ -53,7 +53,7 @@ foreach my $nw (@$networks) { my $sips = $np->cfg->getSnortSensors($nw); - return 0 unless (defined $sips) && (ref($sips) eq 'HASH'); + next unless (defined $sips) && (ref($sips) eq 'HASH'); map($sensors->{$_} = $sips->{$_}, keys(%$sips)); } |
|
From: Matt <mt...@us...> - 2005-06-14 21:09:50
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16266 Modified Files: network.mhtml Log Message: Index: network.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/network.mhtml,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- network.mhtml 8 Jun 2005 16:35:42 -0000 1.10 +++ network.mhtml 14 Jun 2005 21:09:41 -0000 1.11 @@ -107,6 +107,60 @@ -bsw => $BSW); push @setResults, "Failed to set 'switches': $rv" if $rv; + foreach my $ak ( keys %ARGS ) { + if ($ak =~ /^(\w+):(\S+)$/) { + my $section = $1; + my $var = $2; + + if ($section eq "policy") { + if ($ARGS{"override:$var"}) { + $np->cfg->policy(-key => $var, -network => $network, + -val => $ARGS{$ak}); + } else { + my $rv2 = $np->cfg->removePolicy(-key => $var, + -location => 'network', + -network => $network); + $rv .= " $rv2" if ($rv2); + } + } + + if ($section eq "snort") { + if ($var eq 'mode' && $ARGS{"override:mode"}) { + $np->cfg->snort(-key => 'mode', + -network => $network, + -val => $ARGS{$ak}) + if ($ARGS{$ak} =~ /^(enabled|disabled|not_really)$/); + } elsif ($var =~ /^rorw_(.+)$/ && $ARGS{"override:servers"}) { + my $v = $1; + $np->cfg->snort(-key => $v, + -sval => 'servers', + -network => $network, + -val => $ARGS{$ak}) + if ($ARGS{$ak} =~ /^(ro|rw)$/ && !exists $ARGS{"snort:delete_$v"}); + } elsif ($var eq 'addnewsensor' && defined $ARGS{'snort:addnewsensor'} && + $ARGS{"override:servers"}) { + if ($ARGS{'snort:newport'} =~ /^\d+$/ && + $ARGS{'snort:newrorw'} =~ /^(ro|rw)$/ && + $ARGS{'snort:newsensor'} =~ /^\w*\.*\w*\.*\w+\.\w+$/) { + my $v = $ARGS{'snort:newsensor'}.':'.$ARGS{'snort:newport'}; + $np->cfg->snort(-key => $v, + -sval => 'servers', + -network => $network, + -val => $ARGS{'snort:newrorw'}); + } + } elsif ($var =~ /^delete_(.+)$/ && defined $ARGS{$ak} && $ARGS{"override:servers"}) { + my $v = $1; + $np->cfg->snort(-key => $v, -sval => 'servers', -network => $network, -del => 1); + } + + if ($ARGS{"override:mode"} eq "" || $ARGS{"override:servers"} eq "") { + $np->cfg->snort(-key => 'mode', -network => $network, -del => 1); + $np->cfg->snort(-key => 'servers' , -network => $network, -del => 1); + } + } + } + } + $np->cfg->save(-user => $whoami) if ($#setResults == -1); } @@ -248,7 +302,10 @@ % $m->comp('/Admin/TableEditPolicy', %ARGS, 'tableName' => 'Network General Settings for '.$network.$ngtxt, % 'showDefault' => 1, 'formatFor' => 'network', % 'network' => $network, 'suppressKeys' => { 'PID_DIR' => 1, 'BASE_DIR' => 1 } ); +% $m->comp('/Admin/FormNPSnort', %ARGS, 'network' => $network, 'formatFor' => 'network', +% 'showDefault' => 1); % } + </td></tr> </table> </form> |
|
From: Matt <mt...@us...> - 2005-06-14 21:09:15
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15812 Modified Files: FormNPApi Log Message: Index: FormNPApi =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPApi,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- FormNPApi 14 Jun 2005 20:30:48 -0000 1.5 +++ FormNPApi 14 Jun 2005 21:09:05 -0000 1.6 @@ -4,28 +4,13 @@ $submit => ''; </%args> -<%perl> -sub getnpapivalue { - my $val = shift; - - if ($np->cfg->{'cfg'}->exists('npapi') && - $np->cfg->{'cfg'}->obj('npapi')->exists($val)) { - return $np->cfg->{'cfg'}->obj('npapi')->value($val); - } - - return ""; -} -</%perl> - <TABLE WIDTH=800 class="expandable" ID="npapiConfig" CELLSPACING=2 CELLPADDING=2> <THEAD> <TR><TH onclick="showHideObj2(getElementById('npapiConfig').tBodies[0]);" COLSPAN=2>NetPass API</TH></TR> </THEAD> <TBODY> -<TR><TD CLASS='left'>Port</TD><TD CLASS='right'><input type="text" name="npapi:port" value="<%getnpapivalue('port')%>" size="25 -" /></TD></TR> -<TR><TD CLASS='left'>Secret</TD><TD CLASS='right'><input type="text" name="npapi:secret" value="<%getnpapivalue('secret')%>" size -="25"/></TD></TR> +<TR><TD CLASS='left'>Port</TD><TD CLASS='right'><input type="text" name="npapi:port" value="<%$np->cfg->npapiPort()%>" size="25" /></TD></TR> +<TR><TD CLASS='left'>Secret</TD><TD CLASS='right'><input type="text" name="npapi:secret" value="<%$np->cfg->npapiSecret()%>" size ="25"/></TD></TR> </TBODY> </TABLE> <BR> |
|
From: Matt <mt...@us...> - 2005-06-14 20:35:34
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28280 Modified Files: FormNPSnort Log Message: Index: FormNPSnort =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPSnort,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- FormNPSnort 12 Jun 2005 14:06:47 -0000 1.4 +++ FormNPSnort 14 Jun 2005 20:35:24 -0000 1.5 @@ -1,49 +1,25 @@ <%doc> </%doc> <%args> - $submit => ''; $network => ''; + $formatFor => ''; + $showDefault => 0; </%args> -<%perl> - if ($submit eq "Commit Changes") { - foreach my $nparg (keys %ARGS) { - my $var; - if ($nparg =~ /^snort:(.+)$/) { - $var = $1; - } else { - next; - } - - if ($var eq 'mode') { - $np->cfg->snort(-key => 'mode', -network => $network, -val => $ARGS{$nparg}) - if ($ARGS{$nparg} =~ /^(enabled|disabled|not_really)$/); - } elsif ($var =~ /^rorw_(.+)$/) { - my $v = $1; - $np->cfg->snort(-key => $v, -sval => 'servers', -network => $network, -val => $ARGS{$nparg}) - if ($ARGS{$nparg} =~ /^(ro|rw)$/ && !exists $ARGS{"snort:delete_$v"}); - } elsif ($var eq 'addnewsensor' && defined $ARGS{'snort:addnewsensor'}) { - if ($ARGS{'snort:newport'} =~ /^\d+$/ && - $ARGS{'snort:newrorw'} =~ /^(ro|rw)$/ && - $ARGS{'snort:newsensor'} =~ /^\w*\.*\w*\.*\w+\.\w+$/) { - my $v = $ARGS{'snort:newsensor'}.':'.$ARGS{'snort:newport'}; - $np->cfg->snort(-key => $v, -sval => 'servers', -network => $network, - -val => $ARGS{'snort:newrorw'}); - } - } elsif ($var =~ /^delete_(.+)$/ && defined $ARGS{$nparg} ) { - my $v = $1; - $np->cfg->snort(-key => $v, -sval => 'servers', -network => $network, -del => 1); - } - } - } - -</%perl> - <TABLE WIDTH=800 class="expandable" ID="snortConfig" CELLSPACING=2 CELLPADDING=2> -<THEAD> -<TR><TH onclick="showHideObj2(getElementById('snortConfig').tBodies[0]);" COLSPAN=2>Snort</TH></TR> -</THEAD> +% if ($formatFor eq "") { +<THEAD><TR> +<TH onclick="showHideObj2(getElementById('snortConfig').tBodies[0]);" COLSPAN=2>Snort</TH> +</TR></THEAD> <TBODY> +%} elsif ($formatFor eq "network") { +<THEAD><TR> +<TH onclick="showHideObj2(getElementById('snortConfig').tBodies[0]);" COLSPAN=5>Snort Settings for <%$network%></TH> +</TR></THEAD> +<TBODY> +<TR> +<TH>Option</TH><TH>Value</TH><TH>Override Default</TH><TH COLSPAN=2>Default Value</TH> +%} <TR><TD CLASS='left'>mode</TD> <TD CLASS='right'> <%$q->popup_menu ( @@ -51,7 +27,13 @@ -values => ['enabled', 'disabled', 'not_really'], -default => $np->cfg->snort(-key => 'mode', -network => $network) )%> -</TD></TR> +</TD> +% if ($formatFor eq "network" && $showDefault) { +<td class='center'><input type='checkbox' <%!$np->cfg->snortLocation(-key => 'mode', -network => $network, -location => $formatFor)? "" : "checked"%> name="override:mode"></td> +<td class='right'><%$np->cfg->snort(-key => 'mode')%></td> +<td class='left'>(<%join(',', @{$np->cfg->snortLocation(-key => 'mode', -network => $network)})%>)</td> +% } +</TR> <TR><TD CLASS='left'>Snort Sensors</TD> <TD CLASS='right' ALIGN=center> <TABLE WIDTH=80% BGCOLOR="#ffffff" CELLSPACING=2 CELLPADDING=2> @@ -87,7 +69,7 @@ print "<TD CLASS=\"gray\" ALIGN=center>"; print $q->textfield ( -name => "snort:newsensor", - -size => 40, + -size => 30, ); print "</TD><TD CLASS=\"gray\" ALIGN=center>"; print $q->textfield ( @@ -105,12 +87,47 @@ -name => "snort:addnewsensor", -label => " Add", ); - print "</TD>"; - print "</TR>"; + + print "</TD></TR></TABLE></TD>"; + + if ($formatFor eq "network" && $showDefault) { + my $c = !$np->cfg->snortLocation(-key => 'servers', -network => $network, -location => $formatFor) ? 0 : 1; + print "<TD CLASS='center'>"; + print $q->checkbox ( + -name => 'override:servers', + -label => "", + -checked => $c + ); + print "</TD>"; + my $h = $np->cfg->snort(-key => 'servers'); + </%perl> -</TABLE> -</TD></TR> +<TD CLASS="right" ALIGN=center VALIGN=top> +<TABLE WIDTH=80% BGCOLOR="#ffffff" CELLSPACING=2 CELLPADDING=2> +<TR> +<TD CLASS="gray" ALIGN=center>Sensor</TD> +<TD CLASS="gray" ALIGN=center>Port</TD> +<TD CLASS="gray" ALIGN=center>Mode</TD> +</TR> + +<%perl> + foreach my $s (keys %$h) { + my($server, $port) = split(/:/, $s); + print "<TR>"; + print "<TD CLASS=\"gray\" ALIGN=center>$server</TD>"; + print "<TD CLASS=\"gray\" ALIGN=center>$port</TD>"; + print "<TD CLASS=\"gray\" ALIGN=center>".$np->cfg->snort(-key => $s, -sval => 'servers'); + print "</TD></TR>"; + } + + print "</TABLE></TD>"; + +</%perl> + +<td class='left'>(<%join(',', @{$np->cfg->snortLocation(-key => 'servers', -network => $network)})%>)</td> +% } +</TR> </TBODY> </TABLE> <BR> |
|
From: Matt <mt...@us...> - 2005-06-14 20:34:27
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27879 Modified Files: FormNPPolicy Log Message: Index: FormNPPolicy =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPPolicy,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- FormNPPolicy 8 Jun 2005 12:12:07 -0000 1.1 +++ FormNPPolicy 14 Jun 2005 20:34:17 -0000 1.2 @@ -4,34 +4,6 @@ $submit => ''; </%args> -<%perl> - -my $restartnetpass = 0; -my $restarthttpd = 0; - -if ($submit eq 'Commit Changes') { - foreach my $ak ( keys %ARGS ) { - if ($ak =~ /^(\S+):(\S+)$/) { - my $section = $1; - my $var = $2; - - if ($section eq "policy") { - if ($var =~ /^PID_DIR|BASE_DIR$/) { - $restartnetpass = 1; - $restarthttpd = 1; - } - $np->cfg->policy(-key => $var, -val => $ARGS{$ak}); - } - - } - } - - $np->db->reqAppAction('netpass', 'restart', '') if ($restartnetpass); - $np->db->reqAppAction('httpd', 'restart', '') if ($restarthttpd); -} - -</%perl> - <TABLE WIDTH=800 ID="policyConfig" class="expandable" CELLSPACING=2 CELLPADDING=2> <THEAD> <TR><TH onclick="showHideObj2(getElementById('policyConfig').tBodies[0]);" COLSPAN=2>General (Global)</TH></TR> |
|
From: Matt <mt...@us...> - 2005-06-14 20:32:41
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27175 Modified Files: FormNPNessus Log Message: Index: FormNPNessus =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPNessus,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- FormNPNessus 8 Jun 2005 12:11:41 -0000 1.1 +++ FormNPNessus 14 Jun 2005 20:32:33 -0000 1.2 @@ -4,26 +4,6 @@ $submit => ''; </%args> -<%perl> -my $restartnessus = 0; - -if ($submit eq 'Commit Changes') { - foreach my $ak ( keys %ARGS ) { - if ($ak =~ /^(\S+):(\S+)$/) { - my $section = $1; - my $var = $2; - - if ($section eq "nessus") { - $np->cfg->nessus(-key => $var, -val => $ARGS{$ak}); - $restartnessus = 1; - } - } - } - - $np->db->reqAppAction('nessusd', 'restart', '') if ($restartnessus); -} -</%perl> - <TABLE WIDTH=800 class="expandable" ID="nessusConfig" CELLSPACING=2 CELLPADDING=2> <THEAD> <TR><TH onclick="showHideObj2(getElementById('nessusConfig').tBodies[0]);" COLSPAN=2>Nessus</TH></TR> |
|
From: Matt <mt...@us...> - 2005-06-14 20:31:51
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26389 Modified Files: FormNPDb Log Message: Index: FormNPDb =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPDb,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- FormNPDb 8 Jun 2005 12:11:17 -0000 1.1 +++ FormNPDb 14 Jun 2005 20:31:27 -0000 1.2 @@ -4,30 +4,6 @@ $submit => ''; </%args> -<%perl> -my $restartnetpass = 0; - -if ($submit eq 'Commit Changes') { - foreach my $ak ( keys %ARGS ) { - if ($ak =~ /^(\S+):(\S+)$/) { - my $section = $1; - my $var = $2; - - if ($section eq "database") { - my $db = "database"; - if (!$np->cfg->{'cfg'}->exists('database')) { - $np->cfg->{'cfg'}->$db({}); - } - $np->cfg->{'cfg'}->obj('database')->$var($ARGS{$ak}); - $restartnetpass = 1; - } - } - } - - $np->db->reqAppAction('netpass', 'restart', '') if ($restartnetpass); -} -</%perl> - <TABLE WIDTH=800 CLASS="expandable" ID="databaseConfig" CELLSPACING=2 CELLPADDING=2> <THEAD> <TR><TH ONCLICK="showHideObj2(getElementById('databaseConfig').tBodies[0]);" COLSPAN=2>Database</TH></TR> |
|
From: Matt <mt...@us...> - 2005-06-14 20:31:13
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26168 Modified Files: FormNPApi Log Message: Index: FormNPApi =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPApi,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- FormNPApi 8 Jun 2005 12:18:27 -0000 1.4 +++ FormNPApi 14 Jun 2005 20:30:48 -0000 1.5 @@ -5,23 +5,6 @@ </%args> <%perl> - if ($submit eq "Commit Changes") { - - foreach my $nparg (keys %ARGS) { - my $var; - if ($nparg =~ /^npapi:(\w+)$/) { - $var = $1; - } else { - next; - } - - if (!$np->cfg->{'cfg'}->exists('npapi')) { - $np->cfg->{'cfg'}->npapi({}); - } - $np->cfg->{'cfg'}->obj('npapi')->$var($ARGS{"npapi:$var"}); - } - } - sub getnpapivalue { my $val = shift; |
|
From: Matt <mt...@us...> - 2005-06-14 20:30:04
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25534 Modified Files: Config.pm Log Message: Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.49 retrieving revision 1.50 diff -u -d -r1.49 -r1.50 --- Config.pm 12 Jun 2005 14:29:50 -0000 1.49 +++ Config.pm 14 Jun 2005 20:29:54 -0000 1.50 @@ -558,6 +558,7 @@ $self->reloadIfChanged(); $pvar =~ tr [A-Z] [a-z]; # because of AutoLowerCase + $sval =~ tr [A-Z] [a-z]; # because of AutoLowerCase # if network looks like an IP, figure out which <network> clause # applies. else we assume network is a group name (if it's defined @@ -567,97 +568,125 @@ $nw = $self->getMatchingNetwork(-ip => $nw); } - # get config object for snort - my $cobj; - - if (recur_exists ($self->{'cfg'}, "network", $nw, "snort")) { - $cobj = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); - } - - # if the network has a group name, check the group - - if (!$cobj) { - my $netgroup = ""; - if (recur_exists ($self->{'cfg'}, "network", $nw, "group")) { - $netgroup = $self->{'cfg'}->obj('network')->obj($nw)->value('group'); - $netgroup =~ s/\s/\%20/g; # Config::General bug workaround - # reported 3-may-2005 (see once more below!) - $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug - # reported 3-may-2005 - - if (recur_exists ($self->{'cfg'}, "group", $netgroup, "snort")) { - $cobj = $self->{'cfg'}->obj('group')->obj($netgroup)->obj('snort'); + if ($del == 1) { + my $cobj; + if ($nw =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/) { + if (! recur_exists ($self->{'cfg'}, "network", $nw)) { + return undef; #"nosuch network"; } - } - } - - # if the above didnt work, perhaps we were given a group name + $cobj = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); + } elsif ($nw ne "") { + $nw =~ s/\s/\%20/g; # Config::General bug workaround + # reported 3-may-2005 + $nw =~ tr [A-Z] [a-z]; # another Config::General bug - if (!$cobj) { - my $netgroup = $nw; - $netgroup =~ s/\s/\%20/g; # Config::General bug workaround - $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug - if (recur_exists($self->{'cfg'}, "group", $netgroup)) { - if (recur_exists($self->{'cfg'}, 'group', $netgroup, 'snort')) { - $cobj = $self->{'cfg'}->obj('group')->obj($netgroup)->obj('snort'); + if (! recur_exists ($self->{'cfg'}, "group", $nw)) { + return undef; #"nosuch group"; } - } - } - - # finally, look in the global snort - if (!$cobj) { - $cobj = $self->{'cfg'}->obj('snort') - if (recur_exists ($self->{'cfg'}, "snort")); - } + $cobj = $self->{'cfg'}->obj('group')->obj($nw)->obj('snort'); + } else { + $cobj = $self->{'cfg'}->obj('snort'); + } - return undef if !defined $cobj && !defined $val; + return 0 unless defined $cobj; - if ($del && defined $cobj) { if (defined $sval) { $cobj->obj($sval)->delete($pvar) if (recur_exists($cobj, $sval, $pvar)); } else { $cobj->delete($pvar) if $cobj->exists($pvar); } return 1; - } elsif ( !defined $val && defined $cobj) { + } elsif ( !defined $val) { + # get config object for snort + my $cobj; + + my @var; + push @var, $sval if $sval ne ""; + push @var, $pvar; + + if (recur_exists ($self->{'cfg'}, "network", $nw, "snort", @var)) { + $cobj = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); + } + + # if the network has a group name, check the group + + if (!$cobj) { + my $netgroup = ""; + if (recur_exists ($self->{'cfg'}, "network", $nw, "group")) { + $netgroup = $self->{'cfg'}->obj('network')->obj($nw)->value('group'); + $netgroup =~ s/\s/\%20/g; # Config::General bug workaround + # reported 3-may-2005 (see once more below!) + $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug + # reported 3-may-2005 + + if (recur_exists ($self->{'cfg'}, "group", $netgroup, "snort", @var)) { + $cobj = $self->{'cfg'}->obj('group')->obj($netgroup)->obj('snort'); + } + } + } + + # if the above didnt work, perhaps we were given a group name + + if (!$cobj) { + my $netgroup = $nw; + $netgroup =~ s/\s/\%20/g; # Config::General bug workaround + $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug + if (recur_exists($self->{'cfg'}, "group", $netgroup)) { + if (recur_exists($self->{'cfg'}, 'group', $netgroup, 'snort', @var)) { + $cobj = $self->{'cfg'}->obj('group')->obj($netgroup)->obj('snort'); + } + } + } + + # finally, look in the global snort + + if (!$cobj) { + $cobj = $self->{'cfg'}->obj('snort') + if (recur_exists ($self->{'cfg'}, "snort", @var)); + } + + return 0 unless defined $cobj; + if ($sval) { return $cobj->obj($sval)->value($pvar) if recur_exists($cobj, $sval, $pvar); } else { return $cobj->value($pvar) if $cobj->exists($pvar); } } elsif ( defined $val) { - if (!defined $cobj) { - # this means we need to put in a <snort> entry + my $cobj; - if ($nw =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/) { - # add snort to network + # determine if we need to add a <snort> clause + if ($nw =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/) { + # add snort to network - if (! recur_exists ($self->{'cfg'}, "network", $nw)) { - return undef; #"nosuch network"; - } + if (! recur_exists ($self->{'cfg'}, "network", $nw)) { + return undef; #"nosuch network"; + } - $self->{'cfg'}->obj('network')->obj($nw)->snort({}); - $cobj = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); - } elsif ($nw ne "") { - # add <snort> to netgroup + $self->{'cfg'}->obj('network')->obj($nw)->snort({}) + unless recur_exists ($self->{'cfg'}, "network", $nw, "snort"); + $cobj = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); + } elsif ($nw ne "") { + # add <snort> to netgroup - $nw =~ s/\s/\%20/g; # Config::General bug workaround - # reported 3-may-2005 - $nw =~ tr [A-Z] [a-z]; # another Config::General bug + $nw =~ s/\s/\%20/g; # Config::General bug workaround + # reported 3-may-2005 + $nw =~ tr [A-Z] [a-z]; # another Config::General bug - if (! recur_exists ($self->{'cfg'}, "group", $nw)) { - return undef; #"nosuch group"; - } + if (! recur_exists ($self->{'cfg'}, "group", $nw)) { + return undef; #"nosuch group"; + } - $self->{'cfg'}->obj('group')->obj($nw)->snort({}); - $cobj = $self->{'cfg'}->obj('group')->obj($nw)->obj('snort'); - } else { - # add <snort> to global + $self->{'cfg'}->obj('group')->obj($nw)->snort({}) + unless recur_exists ($self->{'cfg'}, "group", $nw, "snort"); + $cobj = $self->{'cfg'}->obj('group')->obj($nw)->obj('snort'); + } else { + # add <snort> to global - $self->{'cfg'}->snort({}); - $cobj = $self->{'cfg'}->obj('snort'); - } + $self->{'cfg'}->snort({}) + unless recur_exists ($self->{'cfg'}, "snort"); + $cobj = $self->{'cfg'}->obj('snort'); } if ($sval) { if (recur_exists($cobj, $sval)) { @@ -676,6 +705,110 @@ return undef; } +=head2 snortLocation(-key => '', -sval => '', -network => '', -location => [''|first|global|group|network]) + +Check if a given snort variable is set in the specified location. If location +is '', then we return an ARRAY ref that contains the locations the given +variable was found in. Otherwise we return 0 or 1 based on whether or not +we found the variable in the specified location. + +If "first" is given as the location, then we'll start at the most specific scope possible +and work towards the most general scope. The first time we see the variable, we'll +return the scope that we are at. + +RETURNS + + 0 not found in specified location + 1 found in specified location + "network" found here "first" + "group" found here "first" + "global" found here "first" + ARRAYREF found in the following locations (may be empty) + "invalid parameters" routine called incorrectly + +=cut + +sub snortLocation { + my $self = shift; + my @var; + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-key -network -sval -location)], + -required => [qw(-key)], + -defaults => { -network => '', -sval => '', -location => '' } + } + ); + + if (!defined($parms)) { + return "invalid parameters ". Carp::longmess("invalid parameters ".Class::ParmList->error); + } + + my ($pvar, $nwOrig, $sval, $location) = $parms->get('-key', '-network', '-sval', '-location'); + + + $pvar =~ tr [A-Z] [a-z]; # AutoLowerCase + $sval =~ tr [A-Z] [a-z]; # AutoLowerCase + $nwOrig = "" if ($nwOrig eq "default"); + + my $rv = []; + my $nw = $self->getMatchingNetwork(-ip => $nwOrig); + + push @var, $sval if $sval ne ""; + push @var, $pvar; + + if ($nw && ($nw ne "none")) { + return 0 + if ($location eq "network" && !recur_exists($self->{'cfg'}, 'network', + $nw, 'snort', @var)); + + if (recur_exists($self->{'cfg'}, 'network', $nw, 'snort', @var)) { + return 1 if ($location eq "network"); + return "network" if ($location eq "first"); + push @$rv, "network"; + } + + # if this network is part of a netgroup, check there too + + my $ng = $self->getNetgroup(-network => $nw); + if ($ng) { + $ng =~ s/\s/%20/g; + $ng =~ tr [A-Z] [a-z]; + push @$rv, "group" + if (recur_exists($self->{'cfg'}, 'group', $ng, 'snort', @var)); + } + } + else { + # perhaps this is a netgroup? + my $nw2 = $nwOrig; + $nw2 =~ s/\s/%20/g; # Config::General bug + $nw2 =~ tr [A-Z] [a-z]; # Config::General bug + + if (($location eq "group") && !recur_exists($self->{'cfg'}, 'group', + $nw2, 'snort', @var)) { + return 0; + } + + if (recur_exists($self->{'cfg'}, 'group', $nw2, 'snort', @var)) { + return 1 if ($location eq "group"); + return "group" if ($location eq "first"); + push @$rv, "group"; + } + } + + + return 0 + if ($location eq "global" && !recur_exists($self->{'cfg'}, 'snort', @var)); + + if (recur_exists($self->{'cfg'}, 'snort', @var)) { + return 1 if ($location eq "global"); + return "global" if ($location eq "first"); + push @$rv, "global"; + } + + return $rv; +} + =head2 $bool = $cfg-E<gt>snortEnabled(network) Determines snort status on the specified network, returns either @@ -1325,11 +1458,11 @@ } if ( recur_exists ($self->{'cfg'}, "network", $nw, "policy", $pvar) ) { - _log("DEBUG", "nw=$nw set network policy for $pvar\n") if $self->debug; $oldvalue = $self->{'cfg'}->obj('network')->obj($nw)->obj('policy')->value($pvar); - $self->{'cfg'}->obj('network')->obj($nw)->obj('policy')->$pvar($val); - return $oldvalue; } + _log("DEBUG", "nw=$nw set network policy for $pvar\n") if $self->debug; + $self->{'cfg'}->obj('network')->obj($nw)->obj('policy')->$pvar($val); + return $oldvalue; } elsif ($nw ne "") { # set the <group> policy |
|
From: Matt <mt...@us...> - 2005-06-14 16:38:36
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32639 Modified Files: gencfg.mhtml Log Message: Index: gencfg.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/gencfg.mhtml,v retrieving revision 1.18 retrieving revision 1.19 diff -u -d -r1.18 -r1.19 --- gencfg.mhtml 8 Jun 2005 12:12:26 -0000 1.18 +++ gencfg.mhtml 14 Jun 2005 16:38:26 -0000 1.19 @@ -34,6 +34,67 @@ return; } +my $restartnetpass = 0; +my $restarthttpd = 0; +my $restartnessus = 0; + +if ($submit eq 'Commit Changes') { + foreach my $ak ( keys %ARGS ) { + if ($ak =~ /^(\w+):(\S+)$/) { + my $section = $1; + my $var = $2; + + if ($section eq "policy") { + if ($var =~ /^PID_DIR|BASE_DIR$/) { + $restartnetpass = 1; + $restarthttpd = 1; + } + $np->cfg->policy(-key => $var, -val => $ARGS{$ak}); + } elsif ($section eq "nessus") { + $np->cfg->nessus(-key => $var, -val => $ARGS{$ak}); + $restartnessus = 1; + } elsif ($section eq "database") { + my $db = "database"; + if (!$np->cfg->{'cfg'}->exists('database')) { + $np->cfg->{'cfg'}->$db({}); + } + $np->cfg->{'cfg'}->obj('database')->$var($ARGS{$ak}); + $restartnetpass = 1; + } elsif ($section eq "npapi") { + if (!$np->cfg->{'cfg'}->exists('npapi')) { + $np->cfg->{'cfg'}->npapi({}); + } + $np->cfg->{'cfg'}->obj('npapi')->$var($ARGS{"npapi:$var"}); + } elsif ($section eq "snort") { + if ($var eq 'mode') { + $np->cfg->snort(-key => 'mode', -val => $ARGS{$ak}) + if ($ARGS{$ak} =~ /^(enabled|disabled|not_really)$/); + } elsif ($var =~ /^rorw_(.+)$/) { + my $v = $1; + $np->cfg->snort(-key => $v, -sval => 'servers', -val => $ARGS{$ak}) + if ($ARGS{$ak} =~ /^(ro|rw)$/ && !exists $ARGS{"snort:delete_$v"}); + } elsif ($var eq 'addnewsensor' && defined $ARGS{'snort:addnewsensor'}) { + if ($ARGS{'snort:newport'} =~ /^\d+$/ && + $ARGS{'snort:newrorw'} =~ /^(ro|rw)$/ && + $ARGS{'snort:newsensor'} =~ /^\w*\.*\w*\.*\w+\.\w+$/) { + my $v = $ARGS{'snort:newsensor'}.':'.$ARGS{'snort:newport'}; + $np->cfg->snort(-key => $v, -sval => 'servers', -val => $ARGS{'snort:newrorw'}); + } + } elsif ($var =~ /^delete_(.+)$/ && defined $ARGS{$ak}) { + my $v = $1; + $np->cfg->snort(-key => $v, -sval => 'servers', -del => 1); + } + } + } + } + + $np->db->reqAppAction('netpass', 'restart', '') if ($restartnetpass); + $np->db->reqAppAction('httpd', 'restart', '') if ($restarthttpd); + $np->db->reqAppAction('nessusd', 'restart', '') if ($restartnessus); + + $np->cfg->save(-user => $m->session->{'username'}); +} + print $q->start_form(-method => "POST"); </%perl> @@ -52,10 +113,6 @@ $m->comp('/Admin/FormNPApi', 'submit' => $submit, %ARGS); $m->comp('/Admin/FormNPDb', 'submit' => $submit, %ARGS); -if ($submit eq 'Commit Changes') { - $np->cfg->save(-user => $m->session->{'username'}); -} - print $q->end_form(); </%perl> |
|
From: Matt <mt...@us...> - 2005-06-13 15:17:45
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13898 Modified Files: index.mhtml Log Message: Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/index.mhtml,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- index.mhtml 1 May 2005 13:03:11 -0000 1.9 +++ index.mhtml 13 Jun 2005 15:17:36 -0000 1.10 @@ -53,7 +53,7 @@ foreach my $nw (@$networks) { my $sips = $np->cfg->getSnortSensors($nw); - print return unless (defined $sips) && (ref($sips) eq 'HASH'); + return 0 unless (defined $sips) && (ref($sips) eq 'HASH'); map($sensors->{$_} = $sips->{$_}, keys(%$sips)); } |
|
From: Matt <mt...@us...> - 2005-06-12 14:29:59
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv2796 Modified Files: Config.pm Log Message: Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.48 retrieving revision 1.49 diff -u -d -r1.48 -r1.49 --- Config.pm 12 Jun 2005 14:05:00 -0000 1.48 +++ Config.pm 12 Jun 2005 14:29:50 -0000 1.49 @@ -9,7 +9,7 @@ require Carp; require Config::General; -use lib qw(/opt/netpass/lib); + use Data::Dumper; use FileHandle; use NetPass::LOG qw(_log _cont); |
|
From: Matt <mt...@us...> - 2005-06-12 14:06:59
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21929 Modified Files: FormNPSnort Log Message: Index: FormNPSnort =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPSnort,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- FormNPSnort 8 Jun 2005 12:17:05 -0000 1.3 +++ FormNPSnort 12 Jun 2005 14:06:47 -0000 1.4 @@ -7,13 +7,6 @@ <%perl> if ($submit eq "Commit Changes") { - - my $c = getconfigobj($network); - if (!defined $c) { - # error - return; - } - foreach my $nparg (keys %ARGS) { my $var; if ($nparg =~ /^snort:(.+)$/) { @@ -23,64 +16,27 @@ } if ($var eq 'mode') { - if ($ARGS{$nparg} =~ /^(enabled|disabled|not_really)$/) { - $c->mode($ARGS{$nparg}); - } + $np->cfg->snort(-key => 'mode', -network => $network, -val => $ARGS{$nparg}) + if ($ARGS{$nparg} =~ /^(enabled|disabled|not_really)$/); } elsif ($var =~ /^rorw_(.+)$/) { my $v = $1; - if ($c->exists('servers') && $c->obj('servers')->exists($v) && - $ARGS{$nparg} =~ /^(ro|rw)$/) { - $c->obj('servers')->$v($ARGS{$nparg}); - } - + $np->cfg->snort(-key => $v, -sval => 'servers', -network => $network, -val => $ARGS{$nparg}) + if ($ARGS{$nparg} =~ /^(ro|rw)$/ && !exists $ARGS{"snort:delete_$v"}); } elsif ($var eq 'addnewsensor' && defined $ARGS{'snort:addnewsensor'}) { - - if (!$c->exists('servers')) { - $c->servers({}); - } if ($ARGS{'snort:newport'} =~ /^\d+$/ && $ARGS{'snort:newrorw'} =~ /^(ro|rw)$/ && $ARGS{'snort:newsensor'} =~ /^\w*\.*\w*\.*\w+\.\w+$/) { my $v = $ARGS{'snort:newsensor'}.':'.$ARGS{'snort:newport'}; - $c->obj('servers')->$v($ARGS{'snort:newrorw'}); + $np->cfg->snort(-key => $v, -sval => 'servers', -network => $network, + -val => $ARGS{'snort:newrorw'}); } - } elsif ($var =~ /^delete_(.+)$/ && defined $ARGS{$nparg} ) { my $v = $1; - if ($c->obj('servers')->exists($v)) { - $c->obj('servers')->delete($v); - } + $np->cfg->snort(-key => $v, -sval => 'servers', -network => $network, -del => 1); } } } -sub getsnortvalue { - my $val = shift; - my $network = shift; - - my $c = getconfigobj($network); - return "" unless defined $c; - - if ($c->exists($val)) { - return $c->value($val); - } - - return ""; -} - -sub getconfigobj { - my $network = shift; - - if (defined $network && $np->cfg->{'cfg'}->exists($network) && - $np->cfg->{'cfg'}->obj($network)->exists('snort')) { - return $np->cfg->{'cfg'}->obj($network)->obj('snort'); - } elsif ($np->cfg->{'cfg'}->exists('snort')) { - return $np->cfg->{'cfg'}->obj('snort'); - } - - return undef; -} - </%perl> <TABLE WIDTH=800 class="expandable" ID="snortConfig" CELLSPACING=2 CELLPADDING=2> @@ -93,7 +49,7 @@ <%$q->popup_menu ( -name => 'snort:mode', -values => ['enabled', 'disabled', 'not_really'], - -default => getsnortvalue('mode', $network) + -default => $np->cfg->snort(-key => 'mode', -network => $network) )%> </TD></TR> <TR><TD CLASS='left'>Snort Sensors</TD> @@ -107,28 +63,25 @@ </TR> <%perl> - my $c = getconfigobj($network); - - if (defined $c && $c->exists('servers')) { - foreach my $s ($c->keys('servers')) { - my($server, $port) = split(/:/, $s); - print "<TR>"; - print "<TD CLASS=\"gray\" ALIGN=center>$server</TD>"; - print "<TD CLASS=\"gray\" ALIGN=center>$port</TD>"; - print "<TD CLASS=\"gray\" ALIGN=center>"; - print $q->popup_menu ( - -name => "snort:rorw_$s", - -values => ['ro', 'rw'], - -default => $c->obj('servers')->value($s) - ); - print "</TD>"; - print "<TD CLASS=\"gray\" ALIGN=left>"; - print $q->checkbox ( - -name => "snort:delete_$s", - -label => " Delete", - ); - print "</TD></TR>"; - } + my $h = $np->cfg->snort(-key => 'servers', -network => $network); + foreach my $s (keys %$h) { + my($server, $port) = split(/:/, $s); + print "<TR>"; + print "<TD CLASS=\"gray\" ALIGN=center>$server</TD>"; + print "<TD CLASS=\"gray\" ALIGN=center>$port</TD>"; + print "<TD CLASS=\"gray\" ALIGN=center>"; + print $q->popup_menu ( + -name => "snort:rorw_$s", + -values => ['ro', 'rw'], + -default => $np->cfg->snort(-key => $s, -sval => 'servers', -network => $network) + ); + print "</TD>"; + print "<TD CLASS=\"gray\" ALIGN=left>"; + print $q->checkbox ( + -name => "snort:delete_$s", + -label => " Delete", + ); + print "</TD></TR>"; } print "<TR>"; print "<TD CLASS=\"gray\" ALIGN=center>"; |
|
From: Matt <mt...@us...> - 2005-06-12 14:05:10
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21182 Modified Files: Config.pm Log Message: Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.47 retrieving revision 1.48 diff -u -d -r1.47 -r1.48 --- Config.pm 8 Jun 2005 16:35:41 -0000 1.47 +++ Config.pm 12 Jun 2005 14:05:00 -0000 1.48 @@ -9,7 +9,7 @@ require Carp; require Config::General; - +use lib qw(/opt/netpass/lib); use Data::Dumper; use FileHandle; use NetPass::LOG qw(_log _cont); @@ -487,6 +487,195 @@ return undef; } +=head2 $val = snort(-key => $key, -network => $nw, -val => $value, -sval => $subvalue, -del => 0|1 ) + +FETCHING SNORT SETTINGS + +=over 4 + +Given a key (a snort variable name) and optionally a -sval subvalue return the associated value +or undef if the variable doesnt exist in the C<netpass.conf> E<lt>snortE<gt> section. + +Networks can have E<lt>snortE<gt> sections too. If we're given a network, +we'll search there first. If we don't find anything useful, we'll try the network's +group and finally the global snort section. + +=back + +SETTING SNORT SETTINGS + +=over 4 + +If a -val and optionally a -sval is given, the snort variable will be set instead of +fetched. If no network is specified, the global snort section is set. If a network +is specified, the specific snort section for the network is set. If a groupname is +given, the specific snort section for that group is set. + +=back + +DELETE SNORT SETTINGS + +=over 4 + +If a -key and optionally a -sval is given when -del is true the associated value of +-key will be deleted. + +=back + + +RETURN VALUES + +=over 4 + + value (even undef) on successful fetch or set + +=back + +=cut + +sub snort { + my $self = shift; + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-key -network -val -sval -del)], + -required => [qw(-key)], + -defaults => { -network => '', -val => undef, -sval => undef, -del => 0} + } + ); + + if (!defined($parms)) { + _log("ERROR", Carp::longmess("invalid parameters ".Class::ParmList->error)."\n"); + return undef; + } + + my ($pvar, $nw, $val, $sval, $del) = $parms->get('-key', '-network', '-val', '-sval', '-del'); + + $del = 0 if $del != 1; + $nw = "" if ($nw eq "default"); + $nw ||= ""; + + $self->reloadIfChanged(); + + $pvar =~ tr [A-Z] [a-z]; # because of AutoLowerCase + + # if network looks like an IP, figure out which <network> clause + # applies. else we assume network is a group name (if it's defined + # at all) + + if ($nw =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/) { + $nw = $self->getMatchingNetwork(-ip => $nw); + } + + # get config object for snort + my $cobj; + + if (recur_exists ($self->{'cfg'}, "network", $nw, "snort")) { + $cobj = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); + } + + # if the network has a group name, check the group + + if (!$cobj) { + my $netgroup = ""; + if (recur_exists ($self->{'cfg'}, "network", $nw, "group")) { + $netgroup = $self->{'cfg'}->obj('network')->obj($nw)->value('group'); + $netgroup =~ s/\s/\%20/g; # Config::General bug workaround + # reported 3-may-2005 (see once more below!) + $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug + # reported 3-may-2005 + + if (recur_exists ($self->{'cfg'}, "group", $netgroup, "snort")) { + $cobj = $self->{'cfg'}->obj('group')->obj($netgroup)->obj('snort'); + } + } + } + + # if the above didnt work, perhaps we were given a group name + + if (!$cobj) { + my $netgroup = $nw; + $netgroup =~ s/\s/\%20/g; # Config::General bug workaround + $netgroup =~ tr [A-Z] [a-z]; # another Config::General bug + if (recur_exists($self->{'cfg'}, "group", $netgroup)) { + if (recur_exists($self->{'cfg'}, 'group', $netgroup, 'snort')) { + $cobj = $self->{'cfg'}->obj('group')->obj($netgroup)->obj('snort'); + } + } + } + + # finally, look in the global snort + + if (!$cobj) { + $cobj = $self->{'cfg'}->obj('snort') + if (recur_exists ($self->{'cfg'}, "snort")); + } + + return undef if !defined $cobj && !defined $val; + + if ($del && defined $cobj) { + if (defined $sval) { + $cobj->obj($sval)->delete($pvar) if (recur_exists($cobj, $sval, $pvar)); + } else { + $cobj->delete($pvar) if $cobj->exists($pvar); + } + return 1; + } elsif ( !defined $val && defined $cobj) { + if ($sval) { + return $cobj->obj($sval)->value($pvar) if recur_exists($cobj, $sval, $pvar); + } else { + return $cobj->value($pvar) if $cobj->exists($pvar); + } + } elsif ( defined $val) { + if (!defined $cobj) { + # this means we need to put in a <snort> entry + + if ($nw =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/) { + # add snort to network + + if (! recur_exists ($self->{'cfg'}, "network", $nw)) { + return undef; #"nosuch network"; + } + + $self->{'cfg'}->obj('network')->obj($nw)->snort({}); + $cobj = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); + } elsif ($nw ne "") { + # add <snort> to netgroup + + $nw =~ s/\s/\%20/g; # Config::General bug workaround + # reported 3-may-2005 + $nw =~ tr [A-Z] [a-z]; # another Config::General bug + + if (! recur_exists ($self->{'cfg'}, "group", $nw)) { + return undef; #"nosuch group"; + } + + $self->{'cfg'}->obj('group')->obj($nw)->snort({}); + $cobj = $self->{'cfg'}->obj('group')->obj($nw)->obj('snort'); + } else { + # add <snort> to global + + $self->{'cfg'}->snort({}); + $cobj = $self->{'cfg'}->obj('snort'); + } + } + if ($sval) { + if (recur_exists($cobj, $sval)) { + $cobj->obj($sval)->$pvar($val); + } else { + $cobj->$sval({}); + $cobj->obj($sval)->$pvar($val); + } + return 1; + } else { + $cobj->$pvar($val); + return 1; + } + } + + return undef; +} + =head2 $bool = $cfg-E<gt>snortEnabled(network) Determines snort status on the specified network, returns either @@ -500,18 +689,10 @@ $self->reloadIfChanged(); - if (recur_exists($self->{'cfg'}, 'network', $nw, 'snort', 'mode')) { - my $s = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort')->value('mode'); - return $s if ($s =~ /^(enabled|disabled|not_really)$/i); - return 0; - } - - if (recur_exists($self->{'cfg'}, 'snort', 'mode')) { - my $s = $self->{'cfg'}->obj('snort')->value('mode'); - return $s if ($s =~ /^(enabled|disabled|not_really)$/i); - return 0; - } + my $s = $self->snort(-key => 'mode', -network => $nw); + return 0 unless defined $s; + return $s if ($s =~ /^(enabled|disabled|not_really)$/i); return 0; } @@ -531,25 +712,15 @@ $self->reloadIfChanged(); return undef unless ($self->snortEnabled($nw) =~ /^(enabled|not_really)$/); - if (recur_exists($self->{'cfg'}, 'network', $nw, 'snort', 'servers')) { - my $s = $self->{'cfg'}->obj('network')->obj($nw)->obj('snort'); - foreach ($s->keys('servers')) { - my $v = $s->obj('servers')->value($_); - $sensors->{$_} = ($v =~ /rw|ro/) ? $v : 'ro'; - } - return $sensors; - } - - if (recur_exists($self->{'cfg'}, 'snort', 'servers')) { - my $s = $self->{'cfg'}->obj('snort'); - foreach ($s->keys('servers')) { - my $v = $s->obj('servers')->value($_); - $sensors->{$_} = ($v =~ /rw|ro/) ? $v : 'ro'; - } - return $sensors; - } + my $s = $self->snort(-key => 'servers', -network => $nw); + return undef if (!defined $s && ref($s) ne 'HASH'); + + foreach (keys %$s) { + my $v = $self->snort(-key => $_, -sval => 'servers', -network => $nw); + $sensors->{$_} = ($v =~ /rw|ro/) ? $v : 'ro'; + } - return undef; + return $sensors; } =head2 my $qvlan = $cfg-E<gt>quarantineVlan(network) |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:46:10
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10442/www/htdocs/OSSTemplate/js Modified Files: network.js Log Message: trim some debugging Index: network.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/network.js,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- network.js 8 Jun 2005 16:35:42 -0000 1.6 +++ network.js 8 Jun 2005 16:46:01 -0000 1.7 @@ -203,24 +203,19 @@ var servs = document.getElementById('switches'); if (servs && o && o.value != "") { var exists = false; - dbg(1, RN + ": everythings OK"); for(var i = 0 ; i < servs.options.length ; i++) { if (servs.options[i].value == o.value) exists = true; } if (!exists) { - dbg(1, RN + ": doesnt exist"); var no = new Option(o.value, o.value, false, false); servs.options[servs.options.length] = no; unHighLightList("switches"); servs.options[servs.options.length-1].selected = true; servs.selectedIndex = servs.options.length-1; - dbg(1, RN + ": calling sort"); sortList("switches"); } else { dbg (1, RN + ": switch already exists: " + o.value); } - dbg(1, RN + ": resetting input field"); - dbg(1, RN + ": " + o.value + " reset"); o.value = 'Add Switch...'; } else { dbg(1, RN + ": somethings wrong"); |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:44:46
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9613/www/htdocs/OSSTemplate/js Modified Files: debug.js Log Message: disable debugging Index: debug.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/debug.js,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- debug.js 8 Jun 2005 16:35:42 -0000 1.10 +++ debug.js 8 Jun 2005 16:44:38 -0000 1.11 @@ -1,4 +1,4 @@ -var DBGLEVEL = 1; +var DBGLEVEL = 0; var dbgwin; var browserType_IE = 0; |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:56
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634/www/htdocs/Admin/Editor Modified Files: edit.mhtml index.mhtml Log Message: bug fixes to editor, auth methods UI feature Index: edit.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor/edit.mhtml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- edit.mhtml 27 Apr 2005 03:54:08 -0000 1.4 +++ edit.mhtml 8 Jun 2005 16:35:42 -0000 1.5 @@ -28,6 +28,9 @@ my ($isRO, $roGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ @roGroups ]); my ($isRW, $rwGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ @rwGroups ]); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); +my ($allMyRO, $allMyRW); +($junk, $allMyRO) = $m->comp('/Admin/MemberOf', 'acl' => [ @roGroups ]); +($junk, $allMyRW) = $m->comp('/Admin/MemberOf', 'acl' => [ @rwGroups ]); if ($isRW) { $readOnly = ""; @@ -49,15 +52,19 @@ } my $pageList = $np->db->getPageList(); -my %allGroups = map { $_ => $_ } @{$pageList->{'group'}}; +my %allGroups = map { $_ => $_ } 'default', @{$pageList->{'group'}}, @{$np->cfg->getNetgroups()}; -if (! $isRoot) { - %allGroups = map {$_ => $_} (@$rwGroups); -} +print "You have permission to <B>edit</B> the messages in the following groups: ", join(', ', @$allMyRW), "<BR>" + if ($#{$allMyRW} > -1); </%perl> +<P> +"Default" means "all groups". Note that even though all groups appear in the dropdown menu, +you will only be allowed to save changes to pages in the groups you have +permissions for. This is enforced when you click "Save Changes/Copy". +<P> <script type="text/javascript"> _editor_url = "/Admin/Editor/htmlarea"; _editor_lang = "en"; Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor/index.mhtml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- index.mhtml 27 Apr 2005 03:54:08 -0000 1.5 +++ index.mhtml 8 Jun 2005 16:35:42 -0000 1.6 @@ -13,6 +13,7 @@ $search => ''; $group => ''; $submit => ''; +$del => ''; </%args> @@ -21,6 +22,10 @@ --></script> <%perl> +use Data::Dumper; + +$name = pop @$name if (ref($name) eq "ARRAY"); +$group = pop @$group if (ref($group) eq "ARRAY"); print $q->h2("Message Editor"); @@ -49,29 +54,16 @@ my $pageList = $np->db->getPageList(); -my %allGroups = map { $_ => $_ } @{$pageList->{'group'}}; - - -if (! $isRoot) { - # 'default' is added so you can at least see the default - # messages (assuming you dont have any default perms). - # we won't allow you to edit them tho. - - %allGroups = map {$_ => $_} ('default', @$allMyRO, @$allMyRW); -} +my %allGroups = map { $_ => $_ } 'default', @{$pageList->{'group'}}, @{$np->cfg->getNetgroups()}; print "You have permission to <B>edit</B> the messages in the following groups: ", join(', ', @$allMyRW), "<BR>" if ($#{$allMyRW} > -1); -print "You have permission to <B>view</B> the messages in the following groups: "; - -if ($#{$allMyRO} > -1) { - print join(', ', @$allMyRO); - print ", default" if (grep !/^default$/, @$allMyRO); - print "<BR>"; -} else { - print "default<BR>"; -} +print qq{<P> +"Default" means "all groups". Note that even though all groups appear in the dropdown menu, +you will only be allowed to save changes to edit pages in the groups you have +permissions for. If you want to use one of the 'default' pages as a starting point, +'edit' it and then change the group that it is in and click 'Save Copy'.<P>}; print $q->table({-border=>0, -width=>600}, @@ -97,6 +89,7 @@ $q->td({-class=>"gray"}, $q->popup_menu( -name => "group", + -default => $group, -values => [ sort keys %allGroups ] ) ) @@ -113,11 +106,34 @@ ); -return if(!$submit && !$search); +return if(!$submit && !$search && !$del); -if($submit) { - my $rv = savePage($allMyRW, $name, $group, $ta, ($submit eq " Save Copy ")); - print $q->p({-class=>'error'}, $rv); +if ($submit) { + if ( ($name =~ /;/) || ($group =~ /;/) ) { + print $q->p({-class => 'error'}, "Name and/or group can not contain semi-colons."); + } else { + my $rv = savePage($allMyRW, $name, $group, $ta, ($submit eq " Save Copy "), $isRoot); + print $q->p({-class=>'error'}, $rv); + } +} + + +if ($del ne '') { + if ($del !~ /;/) { + print "<P class='error'>Delete parse error.</P>"; + } else { + my ($dN, $dG) = split(/;/, $del); + if ($isRoot || grep /^$dG$/, @$rwGroups) { + my $rv = $np->db->delPage(-name => $dN, -group => $dG); + if ($rv) { + print "<P class='error'>Couldn't delete page $dN from $dG - $rv</P>"; + } else { + $np->db->audit( -user => $m->session->{'username'}, + -severity => "ALERT", -ip => $ENV{'REMOTE_ADDR'}, + -msg => [ "MessageEdit: deleted page $dN from $dG" ]); + } + } + } } my $pl = $np->db->getPageList(-name => $name, -group => $group); @@ -130,25 +146,26 @@ </%perl> <h4>Your search returned <%$count%> result(s)</h4> % if ($count) { - <table> <tr><th>Name</th><th>Group</th><th colspan=3>Operation</th></tr> % for(my $row = 0 ; $row <= $#{$pl->{'name'}} ; $row++) { % $class = ($class eq "")?"gray":""; -% my $rwHref = "edit.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; -% my $roHref = "view.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; +% my $rwHref = "edit.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; +% my $delHref = "index.mhtml?del=1&name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; +% my $roHref = "view.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; % my $delLink = ""; <tr class="<%$class%>"> <td width='50%'><%$pl->{'name'}->[$row]%></td> <td width='25%'><%$pl->{'group'}->[$row]%></td> -% if (grep /^$pl->{'group'}->[$row]$/, @$rwGroups) { - <td width='8%'><a href="<%$rwHref%>">[ edit ]</a></td> - <td width='8%'><a href="">[ del ]</a></td> + <td width='8%'><a href="<%$rwHref%>">[ edit ]</a></td> +% if ($isRoot || grep /^$pl->{'group'}->[$row]$/, @$rwGroups) { + <td width='8%'> +<button class='href' name='del' value='<%$pl->{'name'}->[$row]%>;<%$pl->{'group'}->[$row]%>'>[ del ]</button> +</td> % } else { <td width='8%'> </td> - <td width='8%'> </td> % } <td width='8%'><a href="<%$roHref%>">[ view ]</a></td> </tr> @@ -169,14 +186,15 @@ my $group = shift; my $content = shift; my $noupdate = shift; + my $isRoot = shift; # enforce permissions - if (grep /^$group$/, @$rw) { + if ($isRoot || grep /^$group$/, @$rw) { $np->db->audit( - -user => $m->session->{'username'}, - -msg => [ "MessageEdit: $name ($group) editted" ]); + -user => $m->session->{'username'}, -ip => $ENV{'REMOTE_ADDR'}, + -msg => [ "MessageEdit: $name ($group) edited" ]); my $rv = $np->db->setPage(-name => $name, -group => $group, -content => $content, -noupdate => $noupdate); @@ -191,7 +209,7 @@ # else you dont have permission $np->db->audit( -user => $m->session->{'username'}, -severity => "ALERT", - -msg => [ "tried to edit $name ($group) but doesnt have permission to do so" ]); + -msg => [ "MessageEdit: tried to edit $name ($group) but doesnt have permission to do so" ]); return "You dont have the appropriate permissions to edit this message."; } |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:51
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634/www/htdocs/OSSTemplate/js Modified Files: common.js debug.js network.js Added Files: ldap.js radius.js Log Message: bug fixes to editor, auth methods UI feature Index: debug.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/debug.js,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- debug.js 2 Jun 2005 19:10:13 -0000 1.9 +++ debug.js 8 Jun 2005 16:35:42 -0000 1.10 @@ -1,4 +1,4 @@ -var DBGLEVEL = 0; +var DBGLEVEL = 1; var dbgwin; var browserType_IE = 0; --- NEW FILE: ldap.js --- // when the ldap server field changes, // do a submit to refresh the page function ldap_onchange_ldapServer(prefix) { var RN = "ldap_onchange_ldapServer"; dbg (1, RN); var o = document.getElementById(prefix + 'ldapServer'); for (var i = 1 ; i < o.options.length ; i++) { if (o.options[i].selected) document.forms[0].submit(); } } function ldap_onfocus_addServer(prefix) { var RN = "ldap_onfocus_addServer"; dbg (1, RN); var o = document.getElementById(prefix + 'ldapAddServer'); if (o && o.value == "Add Server...") o.value = ''; } function ldap_onblur_addServer(prefix) { var RN = "ldap_onfocus_addServer"; dbg (1, RN); var o = document.getElementById(prefix + 'ldapAddServer'); var l = document.getElementById(prefix + 'ldapServer'); if (o && l && o.value) { var oo = new Option (o.value, o.value, false, false); l.options[l.options.length] = oo; unHighLightList(prefix + 'ldapServer'); sortList(prefix + 'ldapServer'); ldap_clear_fields(prefix); } o.value = 'Add Server...'; } function ldap_onclick_delServer() { var RN = "ldap_onfocus_addServer"; dbg (1, RN); var o = document.getElementById(prefix + 'ldapServer'); if (o) { for (var i = o.options.length-1 ; i > 0 ; i--) { if (o.options[i].selected) o.options[i] = undefined; } } } function ldap_clear_fields(prefix) { var o = document.getElementById(prefix + 'ldapBase'); if (o) o.value = ''; o = document.getElementById(prefix + 'ldapFilter'); if (o) o.value = ''; o = document.getElementById(prefix + 'ldapPasswordField'); if (o) o.value = ''; } Index: common.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/common.js,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- common.js 4 May 2005 20:22:18 -0000 1.2 +++ common.js 8 Jun 2005 16:35:42 -0000 1.3 @@ -36,11 +36,17 @@ } function sortList(ln) { + var RN = "sortList"; + if (ln) { var l = document.getElementById(ln); if (l && l.options.length) { var oa = new Array(); for (var i = 1 ; i < l.options.length ; i++) { + var si = oa.selectedIndex; + var sv = undefined; + if (si > -1) + sv = oa.options[si].value; oa[oa.length] = new Option( l.options[i].text, l.options[i].value, l.options[i].defaultSelected, @@ -56,6 +62,9 @@ oa[i].defaultSelected, oa[i].selected) ; + if (oa[i].value == sv) { + l.selectedIndex = i; + } } } } @@ -65,15 +74,18 @@ function unHighLightList(oname, item) { var RN = "unHighLightList"; + dbg(1, RN); + var acl = document.getElementById(oname); if (acl) { for(var i = 0 ; i < acl.options.length ; i++) { - if (i && item) { + if (item) { if (item == acl.options[i].value) acl.options[i].selected = false; } else { acl.options[i].selected = false; } + acl.selectedIndex = -1; } } else { dbg (1, RN + ": error cant find " + oname + " object"); @@ -83,7 +95,7 @@ function highLightList(oname, item) { var RN = "highLightList"; - + var acl = document.getElementById(oname); if (acl) { for(var i = 1 ; i < acl.options.length ; i++) { @@ -94,6 +106,7 @@ else { acl.options[i].selected = true; } + acl.selectedIndex = -1; } } else { dbg (1, RN + ": error cant find " + oname + " object"); --- NEW FILE: radius.js --- // when the radius server field changes, // do a submit to refresh the page function radius_onchange_radiusServer(prefix) { var RN = "radius_onchange_radiusServer"; dbg (1, RN); var o = document.getElementById(prefix + 'radiusServer'); for (var i = 1 ; i < o.options.length ; i++) { if (o.options[i].selected) document.forms[0].submit(); } } function radius_onfocus_addServer(prefix) { var RN = "radius_onfocus_addServer"; dbg (1, RN); var o = document.getElementById(prefix + 'radiusAddServer'); if (o && o.value == "Add Server...") o.value = ''; } function radius_onblur_addServer(prefix) { var RN = "radius_onfocus_addServer"; dbg (1, RN); var o = document.getElementById(prefix + 'radiusAddServer'); var l = document.getElementById(prefix + 'radiusServer'); if (o && l && o.value) { var oo = new Option (o.value, o.value, false, false); l.options[l.options.length] = oo; unHighLightList(prefix + 'radiusServer'); sortList(prefix + 'radiusServer'); radius_clear_fields(prefix); } o.value = 'Add Server...'; } function radius_onclick_delServer() { var RN = "radius_onfocus_addServer"; dbg (1, RN); var o = document.getElementById(prefix + 'radiusServer'); if (o) { for (var i = o.options.length-1 ; i > 0 ; i--) { if (o.options[i].selected) o.options[i] = undefined; } } } function radius_clear_fields(prefix) { var o = document.getElementById(prefix + 'radiusSecret'); if (o) o.value = ''; } Index: network.js =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/js/network.js,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- network.js 2 Jun 2005 20:02:27 -0000 1.5 +++ network.js 8 Jun 2005 16:35:42 -0000 1.6 @@ -82,6 +82,7 @@ nw.options[nw.options.length] = no; unHighLightList("network"); nw.options[nw.options.length-1].selected = true; + nw.selectedIndex = nw.options.length; sortList("network"); } else { dbg (1, RN + ": network already exists: " + o.value); @@ -134,6 +135,7 @@ servs.options[servs.options.length] = no; unHighLightList("haNPServers"); servs.options[servs.options.length-1].selected = true; + servs.selectedIndex = servs.options.length; sortList("haNPServers"); } else { dbg (1, RN + ": server already exists: " + o.value); @@ -201,25 +203,33 @@ var servs = document.getElementById('switches'); if (servs && o && o.value != "") { var exists = false; + dbg(1, RN + ": everythings OK"); for(var i = 0 ; i < servs.options.length ; i++) { if (servs.options[i].value == o.value) exists = true; } if (!exists) { + dbg(1, RN + ": doesnt exist"); var no = new Option(o.value, o.value, false, false); servs.options[servs.options.length] = no; unHighLightList("switches"); servs.options[servs.options.length-1].selected = true; + servs.selectedIndex = servs.options.length-1; + dbg(1, RN + ": calling sort"); sortList("switches"); } else { dbg (1, RN + ": switch already exists: " + o.value); } + dbg(1, RN + ": resetting input field"); + dbg(1, RN + ": " + o.value + " reset"); + o.value = 'Add Switch...'; + } else { + dbg(1, RN + ": somethings wrong"); } - if (o) o.value = "Add Switch..."; return false; } function network_onfocus_addSwitch(o) { - var RN = "network_onblur_addSwitch"; + var RN = "network_onfocus_addSwitch"; dbg(1, RN); if (o && o.value == "Add Switch...") o.value = ''; } |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:51
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634/www/htdocs/Admin Modified Files: auth.mhtml netgroups.mhtml network.mhtml Log Message: bug fixes to editor, auth methods UI feature Index: network.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/network.mhtml,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- network.mhtml 2 Jun 2005 19:04:54 -0000 1.9 +++ network.mhtml 8 Jun 2005 16:35:42 -0000 1.10 @@ -37,10 +37,10 @@ $garpNumber => 3; $switches => []; $BSW => ''; + $delNetwork => ''; </%args> <%perl> use Data::Dumper; - #print "<PRE>", Dumper(\%ARGS), "</PRE>"; my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if (!$isRoot) { @@ -54,15 +54,31 @@ use Sys::Hostname; my $ng; +my $WH = "--Select a Network--"; +my $WH2 = "----------------------"; my @setResults = (); -if ( ($submitButton eq "Commit Changes") && $network ) { +# XX is cfg locked? +# XX audit + +my $rv; + +if ( ($delNetwork eq "Delete Network") && $network && ($network ne $WH) ) { + _log("DEBUG", $whoami. " is deleting $network"); + $rv = $np->cfg->delNetwork(-network => $network); + if ($rv) { + push @setResults, "Failed to delete network $network - $rv"; + } else { + $np->cfg->save(-user => $whoami); + } +} + +if ( ($submitButton eq "Commit Changes") && $network && ($network ne $WH) ) { _log("DEBUG", $m->session->{'username'}. " is updating $network $secondaryRedirector\n"); - my $rv; $rv = $np->cfg->setNetwork(-network => $network, -comment => $comment, -interface => $interface, @@ -97,12 +113,12 @@ $garpDelay ||= 5; $garpNumber ||= 3; -if ($network && $np->cfg->garp($network)) { +if ($network && ($network ne $WH) && $np->cfg->garp($network)) { $garpDelay = $np->cfg->garp($network, 'delay'); $garpNumber = $np->cfg->garp($network, 'number'); } -if ($network) { +if ($network && ($network ne $WH)) { $qvid = $np->cfg->quarantineVlan($network); $uqvid = $np->cfg->nonquarantineVlan($network); $interface = $np->cfg->getInterface($network); @@ -112,7 +128,7 @@ $switches = $np->cfg->getSwitches($network); $BSW = $np->cfg->getBSW($network); } -if ($network && $np->cfg->ha($network)) { +if ($network && ($network ne $WH) && $np->cfg->ha($network)) { $primaryRedirector = $np->cfg->primary_redirector($network); $secondaryRedirector = $np->cfg->secondary_redirector($network); $haNPServers = $np->cfg->ha_servers($network); @@ -132,9 +148,7 @@ my $_ng = $np->cfg->getNetgroup(-network => $nw); push @$allNetgroups, $_ng if ($_ng ne "") && (!grep(/^$_ng$/, @$allNetgroups)); } -$m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'addNetwork', 'submitButton' ], 'init' => 0); -my $WH = "--Select a Network--"; -my $WH2 = "----------------------"; +$m->comp('/Admin/LockConfig', 'enableWhenLocked' => [ 'addNetwork', 'submitButton', 'delNetwork' ], 'init' => 0); </%perl> @@ -175,6 +189,7 @@ <td class='selector'> <input id='addNetwork' name='addNetwork' size=20 value='Add Network...' disabled onblur='network_onblur_addNetwork(this);' onfocus='network_onfocus_addNetwork(this);'> + <input id='delNetwork' name='delNetwork' value='Delete Network' type='submit' disabled> </td> <td class='selector'> <input type='submit' onclick='network_onclick_submitButton();' Index: auth.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/auth.mhtml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- auth.mhtml 3 Jun 2005 19:41:22 -0000 1.4 +++ auth.mhtml 8 Jun 2005 16:35:42 -0000 1.5 @@ -63,11 +63,8 @@ )%> </TD></TR> <TR><TD colspan=2 align='right'> -% if ($ca eq "NetPass::Auth::Radius") { % $m->comp('/Admin/FormAuthRadius', %ARGS); -% } elsif ($ca eq "NetPass::Auth::LDAP") { % $m->comp('/Admin/FormAuthLDAP', %ARGS); -% } </tD></TR> <TR> <TD CLASS='left'>Admin Auth Method</TD> Index: netgroups.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/netgroups.mhtml,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- netgroups.mhtml 17 May 2005 20:34:28 -0000 1.6 +++ netgroups.mhtml 8 Jun 2005 16:35:42 -0000 1.7 @@ -91,6 +91,11 @@ my $WH = "-" x 20; if ($submitButton eq 'Commit Changes') { + if ($netgroups =~ /;/) { + print "<P class='error'>Netgroup name can not contain semi-colons</P>"; + goto show_form; + } + if (! grep(/^$netgroups$/, @$allNetgroups) ) { # add the netgroup because we don't already know about it @@ -190,6 +195,7 @@ print "<P class='error'>Netgroup Configuration Saved.</P>"; } } +show_form:; </%perl> <form method="post"> |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:51
|
Update of /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/css In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634/www/htdocs/OSSTemplate/css Modified Files: site.css Log Message: bug fixes to editor, auth methods UI feature Index: site.css =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/OSSTemplate/css/site.css,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- site.css 2 Jun 2005 19:04:54 -0000 1.9 +++ site.css 8 Jun 2005 16:35:42 -0000 1.10 @@ -233,3 +233,11 @@ TABLE#switchConfig TR.vlanmapRow { } + +BUTTON.href { + cursor: hand; + cursor: pointer; + color: #1178BC; + border: none; + background: none; +} |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:50
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634/lib/NetPass Modified Files: Config.pm DB.pm Log Message: bug fixes to editor, auth methods UI feature Index: Config.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/Config.pm,v retrieving revision 1.46 retrieving revision 1.47 diff -u -d -r1.46 -r1.47 --- Config.pm 3 Jun 2005 19:41:22 -0000 1.46 +++ Config.pm 8 Jun 2005 16:35:41 -0000 1.47 @@ -761,6 +761,46 @@ return 0; } +=head2 $cfg-E<gt>delNetwork(-network => '') + +Given a network, delete it from the config. + +RETURNS + +0 on success +"no such network" no such network +"..." on failure + +=cut + + +sub delNetwork { + my $self = shift; + + my $parms = parse_parms({ + -parms => \@_, + -legal => [qw(-network)], + -required => [qw(-network)], + -defaults => { -network => '' } + } + ); + + if (!defined($parms)) { + return "invalid parameters: ".Carp::longmess("invalid parameters ".Class::ParmList->error); + } + + my ($network) = $parms->get('-network'); + + $self->reloadIfChanged(); + + if( $self->{'cfg'}->obj('network')->exists($network) ) { + $self->{'cfg'}->obj('network')->delete($network); + return 0; + } + + return "no such network"; +} + =head2 $cfg-E<gt>setHA(-network => '', -enabled => 0|1, -primary => '', -secondary => '', -virtualip => '', -servers => []) Enable, disable and set High Availability related info. All parameters are required except for 'secondary'. Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.45 retrieving revision 1.46 diff -u -d -r1.45 -r1.46 --- DB.pm 2 Jun 2005 20:34:49 -0000 1.45 +++ DB.pm 8 Jun 2005 16:35:41 -0000 1.46 @@ -1720,12 +1720,12 @@ Example $dbh->audit(-mac => 112233445566, -ip => '1.2.3.4', -user => 'foo', - "this user", "did something"); + -msg => ["this user", "did something"]); results in "this user did something" being inserted. $dbh->audit(-mac => 112233445566, -ip => '1.2.3.4', -user => 'foo', - "this user %s something", "did"); + -msg => ["this user %s something", "did"]); results in "this user did something" being inserted. @@ -1786,7 +1786,7 @@ if (! $self->{'dbh'}->do($sql) ) { - _log "ERROR", "failed to submit audit entry ".$self->{'dbh'}->errstr." ($sql)\n"; + _log("ERROR", "failed to submit audit entry ".$self->{'dbh'}->errstr." ($sql)\n"); return 0; } |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:50
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634/www/components/Admin Modified Files: FormAuthLDAP FormAuthRadius Log Message: bug fixes to editor, auth methods UI feature Index: FormAuthRadius =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormAuthRadius,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- FormAuthRadius 3 Jun 2005 19:41:22 -0000 1.1 +++ FormAuthRadius 8 Jun 2005 16:35:41 -0000 1.2 @@ -4,7 +4,10 @@ </%doc> <%args> $prefix => ''; + $server => ''; </%args> +<script language='JavaScript'> +var <%$prefix%>radiusSecrets = new Object(); <%perl> my $rs_ = $np->cfg->getRadius(); my $rs = (ref($rs_) eq "ARRAY") ? $rs_ : []; @@ -12,15 +15,34 @@ my $ml = length($WH); foreach my $server (@$rs) { $ml = ($ml > length($server)) ? $ml : length($server); + my $sh = $np->cfg->getRadius($server); + if (ref($sh) eq "HASH") { + print qq{//$server\n}; + print qq{${prefix}radiusSecrets['$server'] = '$sh->{secret}';\n}; + } } $ml = int($ml * 1.5); $WH = "-" x $ml; </%perl> -<table border=0> -<tr><th>Radius Servers</th><th>Secret</th></tr> +</script> +<table border=0 id='<%$prefix%>FormAuthRadius'> +<tr><th>Radius Servers</th><th colspan=2>Options</th></tr> <tr><td><%$q->scrolling_list(-id => $prefix.'radiusServer', -name => $prefix.'radiusServer', - -size => 4, -values => [ $WH, @$rs ])%></td> - <td><input size=16 id='<%$prefix%>radiusSecret'></td> + -onchange => 'radius_onchange_radiusServer();' + -size => 4, -values => [ $WH, @$rs ])%><BR> + <input size=16 id='radiusAddServer' name='radiusAddServer' + onfocus='radius_onfocus_addServer('<%$prefix%>');' + onblur='radius_onblur_addServer('<%$prefix%>');' + value="Add Server..." + > + <input type='submit' onclick='radius_onclick_delServer(); return false;' + value='Delete Server'> + </td> + <td align='right' valign='top'>Secret:</td> + <td align='left' valign='top'> + <input size=16 id='<%$prefix%>radiusSecret'><BR> + + </td> </tr> </table> Index: FormAuthLDAP =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormAuthLDAP,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- FormAuthLDAP 3 Jun 2005 19:41:47 -0000 1.1 +++ FormAuthLDAP 8 Jun 2005 16:35:41 -0000 1.2 @@ -4,7 +4,12 @@ </%doc> <%args> $prefix => ''; + $server => ''; </%args> +<script language='JavaScript'> +var <%$prefix%>ldapBase = new Object(); +var <%$prefix%>ldapFilter = new Object(); +var <%$prefix%>ldapPField = new Object(); <%perl> my $rs_ = $np->cfg->getLDAP(); my $rs = (ref($rs_) eq "ARRAY") ? $rs_ : []; @@ -16,13 +21,28 @@ $ml = int($ml * 1.5); $WH = "-" x $ml; </%perl> -<table border=0> +</script> + +<table border=0 id='<%$prefix%>FormAuthLDAP'> <tr><th>LDAP Servers</th><th>Options</th></tr> -<tr><td><%$q->scrolling_list(-id => $prefix.'ldapServer', -name => $prefix.'ldapServer', - -size => 4, -values => [ $WH, @$rs ])%></td> - <td><input size=16 id='<%$prefix%>ldapBase'> - <input size=16 id='<%$prefix%>ldapFilter'> - <input size=16 id='<%$prefix%>ldapPasswordField'> +<tr><td align='center' valign='top'> + <%$q->scrolling_list(-id => $prefix.'ldapServer', -name => $prefix.'ldapServer', + -onchange => 'ldap_onchange_ldapServer();', + -size => 4, -values => [ $WH, @$rs ])%><BR> + <input size=16 id='ldapAddServer' name='ldapAddServer' + onfocus='ldap_onfocus_addServer('<%$prefix%>');' + onblur='ldap_onblur_addServer('<%$prefix%>');' + value="Add Server..." + > + <input type='submit' onclick='ldap_onclick_delServer(); return false;' + value='Delete Server'> + </td> + <td align='right' valign='top'> + <table border='0'> + <tr><td align='right' valign='top'>Base:</td><td align='left' valign='top'><input size=16 id='<%$prefix%>ldapBase'></td></tr> + <tr><td align='right' valign='top'>Filter:</td><td align='left' valign='top'><input size=16 id='<%$prefix%>ldapFilter'></td></tr> + <tr><td align='right' valign='top'>Password Field:</td><td align='left' valign='top'><input size=16 id='<%$prefix%>ldapPasswordField'></td></tr> + </table> </td> </tr> </table> |
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:50
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634 Modified Files: MANIFEST Log Message: bug fixes to editor, auth methods UI feature Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.47 retrieving revision 1.48 diff -u -d -r1.47 -r1.48 --- MANIFEST 8 Jun 2005 12:17:29 -0000 1.47 +++ MANIFEST 8 Jun 2005 16:35:40 -0000 1.48 @@ -16,26 +16,23 @@ bin/interfacecfg.pl bin/macscan.pl bin/moveport.pl -bin/myresetport.pl bin/npportcache.pl bin/nessus.pl -bin/npapid.pl +bin/coconf.pl bin/portmover-restart.sh +bin/resetport.pl bin/proc_counter.pl bin/portmover.pl +bin/npapid.pl bin/resetport-restart.sh -bin/resetport.pl -bin/resetport3.pl -bin/resetportpool.pl +bin/ciconf.pl bin/rm_stale_cookies.pl -bin/quarantine_host.pl bin/import_snort_rules.pl bin/getresults.pl -bin/ciconf.pl -bin/coconf.pl +bin/quarantine_host.pl bin/lsconf.pl -bin/npsubagent.pl bin/rogue-dhcp-detect.pl +bin/npsubagent.pl bin/npurlfilter.pl doc/cron.monthly/mysql_binlog_rotate doc/logrotate.d/apache @@ -43,12 +40,18 @@ doc/lvs/setup.txt doc/lvs/getint.c doc/lvs/lvs-netpass.patch -doc/dhcprelay.patch -doc/appstart +doc/website/supequip.html +doc/website/index.html +doc/website/install.html +doc/website/site.css +doc/website/deploy.html +doc/website/roadmap.html +doc/insert_docs_from_ascit.pl doc/Netpass_Overview.txt doc/add_new_network -doc/insert_docs_from_ascit.pl +doc/appstart doc/create_tables.sql +doc/dhcprelay.patch doc/groups.txt doc/popvlanmap.pl doc/mysql.txt @@ -56,73 +59,64 @@ doc/perlmods doc/user_overview.txt doc/squidguard.txt -doc/website/img/arrows.png -doc/website/img/arrows.svg -doc/website/img/arrows.xcf -doc/website/img/index.html -doc/website/deploy.html -doc/website/index.html -doc/website/install.html -doc/website/roadmap.html -doc/website/site.css -doc/website/supequip.html -doc/mysqlcluster.txt doc/apachehowto.txt +doc/mysqlcluster.txt doc/nessus-install.txt doc/npsnort.txt doc/netpass-install.sxw doc/snort-2.3.3-vlan.patch doc/ebtablesnmpsetup.txt -etc/oui.txt etc/netpass-example.conf +etc/oui.txt +install.d/logrotate.d/apache +install.d/logrotate.d/netpass +install.d/logrotate.d/snort +install.d/convertdb +install.d/install +install.d/install-test +install.d/packages +install.d/services +install.d/iptables.sh +install.d/spinner.pm +install.d/squid.conf +install.d/lvs +install.d/syslog.conf install.d/init.d/netpassha install.d/init.d/nessusd install.d/init.d/netpass install.d/init.d/npgarp -install.d/init.d/snortd -install.d/init.d/swatch install.d/init.d/apache +install.d/init.d/swatch install.d/init.d/mysqld +install.d/init.d/snortd install.d/init.d/ndbmgmd -install.d/testpm install.d/crontab.netpass -install.d/install -install.d/install-test -install.d/services -install.d/spinner.pm -install.d/syslog.conf -install.d/convertdb +install.d/httpd.conf install.d/fstab -install.d/packages -install.d/pages.sql -install.d/squid.conf install.d/swatch.conf +install.d/iptables-lvs.sh +install.d/pages.sql install.d/tables.sql -install.d/logrotate.d/snort -install.d/logrotate.d/apache -install.d/logrotate.d/netpass -install.d/lvs -install.d/iptables.sh install.d/ldirectord.cf -install.d/httpd.conf -install.d/iptables-lvs.sh +install.d/testpm install.d/snmptrapd +install.d/drop-tables.sql install.d/install-ipvs.sh +install.d/drop-indexes.sql install.d/sysconfig.snort install.d/create-indexes.sql -install.d/drop-indexes.sql -install.d/drop-tables.sql +lib/Bundle/NetPass/API.pm lib/Bundle/NetPass1.pm lib/Bundle/NetPass2.pm -lib/NetPass/WWW/Session.pm.file lib/NetPass/WWW/Session.pm.mysql +lib/NetPass/WWW/Session.pm.file lib/NetPass/Auth/Radius.pm lib/NetPass/Auth/DB.pm lib/NetPass/Auth/LDAP.pm lib/NetPass/Auth/Unix.pm lib/NetPass/Config.pm -lib/NetPass/API.pm lib/NetPass/DB.pm +lib/NetPass/API.pm lib/NetPass/LOG.pm lib/NetPass/Nessus.pm lib/NetPass/Network.pm @@ -138,25 +132,25 @@ lib/SNMP/Device/Asante.pm lib/SNMP/Device/BayStack.pm lib/SNMP/Device/BayStack3.pm +lib/SNMP/Device/Cisco.pm lib/SNMP/Device/HP.pm lib/SNMP/Device/HP_AS_HUB.pm -lib/SNMP/Device/Cisco.pm lib/SNMP/Device.pm lib/SNMP/driver2.pl lib/SNMP/driver3.pl lib/NetPass.pm lib/RUNONCE.pm -www/components/Admin/FormNPPolicy www/components/Admin/Login www/components/Admin/MemberOf -www/components/Admin/LockConfig -www/components/Admin/TableEditPolicy www/components/Admin/FormAuthLDAP +www/components/Admin/LockConfig www/components/Admin/FormAuthRadius +www/components/Admin/TableEditPolicy www/components/Admin/FormNPApi -www/components/Admin/FormNPSnort -www/components/Admin/FormNPNessus www/components/Admin/FormNPDb +www/components/Admin/FormNPNessus +www/components/Admin/FormNPPolicy +www/components/Admin/FormNPSnort www/components/Client/BeginScan www/components/Client/GetInfo www/components/Client/Login @@ -178,9 +172,9 @@ www/htdocs/Admin/Editor/edit.mhtml www/htdocs/Admin/Editor/index.mhtml www/htdocs/Admin/Editor/view.mhtml -www/htdocs/Admin/Scan/ids.mhtml www/htdocs/Admin/Scan/index.mhtml www/htdocs/Admin/Scan/info.mhtml +www/htdocs/Admin/Scan/ids.mhtml www/htdocs/Admin/reports/byclient.mhtml www/htdocs/Admin/reports/bynet.mhtml www/htdocs/Admin/reports/byos.mhtml @@ -195,14 +189,16 @@ www/htdocs/Admin/mr.mhtml www/htdocs/Admin/qc.mhtml www/htdocs/Admin/user.mhtml -www/htdocs/Admin/chpwd.mhtml -www/htdocs/Admin/clienthistory.mhtml www/htdocs/Admin/urlfilter.mhtml -www/htdocs/Admin/auth.mhtml -www/htdocs/Admin/help.mhtml -www/htdocs/Admin/netgroups.mhtml www/htdocs/Admin/network.mhtml +www/htdocs/Admin/clienthistory.mhtml www/htdocs/Admin/switch.mhtml +www/htdocs/Admin/help.mhtml +www/htdocs/Admin/chpwd.mhtml +www/htdocs/Admin/auth.mhtml +www/htdocs/Admin/cmd/lockcfg.mhtml +www/htdocs/Admin/cmd/setresult.mhtml +www/htdocs/Admin/netgroups.mhtml www/htdocs/OSSTemplate/css/OSSTemplate.css.cgi www/htdocs/OSSTemplate/css/.htaccess www/htdocs/OSSTemplate/css/calendar.css @@ -219,14 +215,16 @@ www/htdocs/OSSTemplate/images/ossLogo2.gif www/htdocs/OSSTemplate/images/progress.gif www/htdocs/OSSTemplate/js/OSSTemplate.js -www/htdocs/OSSTemplate/js/debug.js www/htdocs/OSSTemplate/js/userform.js +www/htdocs/OSSTemplate/js/debug.js +www/htdocs/OSSTemplate/js/netgroups.js www/htdocs/OSSTemplate/js/xmlhttp.js -www/htdocs/OSSTemplate/js/common.js +www/htdocs/OSSTemplate/js/ldap.js www/htdocs/OSSTemplate/js/lockcfg.js -www/htdocs/OSSTemplate/js/netgroups.js +www/htdocs/OSSTemplate/js/common.js www/htdocs/OSSTemplate/js/network.js www/htdocs/OSSTemplate/js/switch.js +www/htdocs/OSSTemplate/js/radius.js www/htdocs/OSSTemplate/.htaccess www/htdocs/load-test.mhtml www/htdocs/autohandler |
|
From: Matt <mt...@us...> - 2005-06-08 15:40:11
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7312 Modified Files: npsubagent.pl Log Message: Index: npsubagent.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/npsubagent.pl,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- npsubagent.pl 3 Jun 2005 15:16:53 -0000 1.5 +++ npsubagent.pl 8 Jun 2005 15:40:00 -0000 1.6 @@ -1,20 +1,81 @@ #!/usr/bin/perl -w +=head1 NAME + + npsubagent.pl + +=head1 SYNOPSIS + + npsubagent.pl <-o basoid> <-c brctl_cmd> <-m npvnat_macs> <-n npvnat_nummacs> <-t timeout> <-r refreshrate> <-b dev> traphost + -o baseoid snmp base oid + -m npvnat_macs the npvnat macs file in the /proc fs + -n npvnat_nummacs the npvnat nummacs file in the proc fs + -t timeout the amount of time to wait before sending a linkdown + trap for a mac disappearing from out mac table + -r refreshrate how often we will refresh our mac table + -b dev the name of the bridge device (default br0) + -h this message + + +=head1 DESCRIPTION + +This script is an snmp interface to ebtables with the npvnat module. + +=head1 AUTHOR + +Matt Bell <mt...@bu...> + +=head1 LICENSE + + (c) 2004 University at Buffalo. + Available under the "Artistic License" + http://www.gnu.org/licenses/license-list.html#ArtisticLicense + +=head1 REVISION + +=cut + use strict; +use Getopt::Std; +use Pod::Usage; use NetSNMP::agent (':all'); use NetSNMP::OID (':all'); use NetSNMP::ASN (':all'); use FileHandle; -use SNMP; -my $BASEOID = ".1.3.6.1.4.1.8072.9999.9999.7375"; -my $BRCTLCMD = "/usr/local/sbin/brctl showmacs br0 |"; +my %opts; +getopts('o:c:m:n:t:r:h', \%opts); + +my $TRAPHOST = shift; +pod2usage(2) if (!defined $TRAPHOST); +pod2usage(2) if exists $opts{'h'}; + +my $BASEOID = (exists $opts{'o'}) ? $opts{'o'} : ".1.3.6.1.4.1.8072.9999.9999.7375"; +my $REFRESHRATE = (exists $opts{'r'}) ? $opts{'r'} : 5; +my $TIMEOUT = (exists $opts{'t'}) ? $opts{'t'} : 3600; + my $PROCEBTMAC = "/proc/ebtables/npvnat/macs"; +if (exists $opts{'m'} && $opts{'m'} && -e $opts{'m'}) { + $PROCEBTMAC = $opts{'m'}; +} my $PROCEBTNMAC = "/proc/ebtables/npvnat/nummacs"; -my $REFRESHRATE = 5; # refresh rate -my $TIMEOUT = 3600; # 1hr -my $TRAPHOST = "npw2-d.cit.buffalo.edu"; -my $TRAPHOSTCOM = "50ohm"; +if (exists $opts{'n'} && $opts{'n'} && -e $opts{'n'}) { + $PROCEBTNMAC = $opts{'n'}; +} +my $BRCTLCMD = "/usr/local/sbin/brctl"; +if (exists $opts{'c'} && $opts{'c'} && -e $opts{'c'}) { + $BRCTLCMD = $opts{'c'}; +} +my $BRDEV = "br0"; +if (exists $opts{'b'} && $opts{'b'} && -e $opts{'b'}) { + $BRDEV = $opts{'b'}; +} + +die "ERROR, $PROCEBTMAC doesn't exist!" if (!-e $PROCEBTMAC); +die "ERROR, $PROCEBTNMAC doesn't exist!" if (!-e $PROCEBTNMAC); +die "ERROR, $BRCTLCMD doesn't exist!" if (!-e $BRCTLCMD); + +$BRCTLCMD .= " showmacs $BRDEV"; my $fh = new FileHandle(); my $mactable = {}; @@ -58,6 +119,7 @@ delete $mactable->{$m}; # send linkdown trap here... + sendTrap($mactable->{$m}{port}, 'down', $TRAPHOST); } foreach my $m (keys %$mactb) { @@ -72,7 +134,7 @@ $mactable->{$m}{lastseen} = $time; # send linkup trap here... - sendTrap($mactable->{$m}{port}, 'up', $TRAPHOST, $TRAPHOSTCOM); + sendTrap($mactable->{$m}{port}, 'up', $TRAPHOST); } $ltime += $REFRESHRATE; @@ -83,13 +145,12 @@ exit 0; sub sendTrap { - - my($port, $traptype, $traphost, $traphostcom) = @_; + my($port, $traptype, $traphost) = @_; my $enterpriseoid; my $generic; my $portoidbase = $BASEOID.'1'; -print "sending linkup trap\n"; + use Net::SNMP qw(:ALL); # # enterprise oids @@ -105,24 +166,29 @@ $generic = 2; } - my $snmp = new SNMP::Session( - DestHost => $traphost, - RemotePort => 162, - ); + my ($session, $error) = Net::SNMP->session( + -hostname => $traphost, + -port => SNMP_TRAP_PORT, + -community => 'public' + ); - if (!defined($snmp)) { + if (!defined($session)) { warn "Unable to connect to $traphost"; return -1; } -print "about to send trap\n"; - $snmp->trap ( - enterprise => $enterpriseoid, - agent => $traphost, - generic => $generic, - specific => 0, - [[$portoidbase, $port, 1]] - ); -print "trap sent\n"; + + my $res = $session->trap ( + -enterprise => $enterpriseoid, + -agentaddr => $traphost, + -generictrap => $generic, + -specifictrap => 0, + -varbindlist => [$portoidbase.'.'.$port, INTEGER, 1] + ); + + if (!defined $res) { + warn "Unable to send trap ".$session->error(); + return -1; + } return 1; } @@ -164,7 +230,7 @@ my $fh = new FileHandle; my %mtable; - $fh->open($BRCTLCMD) || return -1; + $fh->open("$BRCTLCMD |") || return -1; while (my $l = $fh->getline) { if ($l =~ /(\w{1,2}:\w{1,2}:\w{1,2}:\w{1,2}:\w{1,2}:\w{1,2})\s+no/) { my $m = lc($1); |
|
From: Matt <mt...@us...> - 2005-06-08 12:18:35
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24518 Modified Files: FormNPApi Log Message: Index: FormNPApi =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/FormNPApi,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- FormNPApi 8 Jun 2005 02:57:06 -0000 1.3 +++ FormNPApi 8 Jun 2005 12:18:27 -0000 1.4 @@ -20,7 +20,6 @@ } $np->cfg->{'cfg'}->obj('npapi')->$var($ARGS{"npapi:$var"}); } - $np->cfg->save(-user => $m->session->{'username'}); } sub getnpapivalue { |
