For what it's worth. I have installed phpip and iphawk to evaluate tools for managing our IP space. We thought that the combination of the two would be a good package so I made some slight modifications to the phpip database (added a few fields to a table) and then modified iphawk (http://sourceforge.net/projects/iphawk/) to submit its data to the phpip database instead of its own.
This auto-populates the phpip database with the last ping time of an ip, the DNS and reverse DNS lookups when in the phpip application. It also highlights the reverse dns when it doesn't match dns entries. The highlighted color of the last ping field also changes the longer it has been since it was pingable.
I'm noting this here since it doesn't look like there has been any activity on the iphawk project in quite some time. If you (mearls) would like my modifications, I'll be happy to send them although they are fairly simple.
Thanks,
Ron.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
So sorry about no response. I don't remember ever seeing an email notification and I didn't monitor this thread. Here's a screen shot that shows what I did:
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I searched on the project page but I think we do not have rights to upload anything here and again there is no activity on this project since long :-( !!
Will it be possible for you to mail me the modified "tar package" , my email ID is prasadpkulkarni@hotmail.com
Thanks in advance!!!
Prasad.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Yes, I'll send you the tgz file. There are a number of modifications that you'll need to make to get the package to work. First add these fields to the addresses table in the database:
After the db changes, you'll need to modify the …/includes/database.php to match your database information.
The hawk settings are in the hawk_daemon directory. There is an HQ directory in there with a hawk.conf file that will need to be modified with your settings/networks/password etc. What I did is break out each of our sites into a separate directory (HQ is the only one included) and have a separate job to walk through the networks of each site. I then created a respawn entry in /etc/inittab to call the particular hawk (site) instance. The main thing to watch for here is that the pid file is specific to each inittab entry.
There are a few things that I would change about this but haven't worked on. I'd change hawk from walking through the network and pinging each ip individually to using fping and be able to check the whole network at once which would be much faster. Also, I'd have hawk determine the networks it needs to check based on what networks are configured in phpip so I wouldn't have to make config changes in two places.
Once you get this working, there are a few special entries that I use in some of the fields in a phpip entry that change the displayed color etc. If you change the deviceCustom3 field to something like router or static or dhcp, the color will change on the entry to match the legend as seen in the screen shot. Look at the display.php file for all the possibilities. I also added a few customizations in deviceCustom2 field for unpingable and nodns entries. These are also listed in the display.php file. I use these customizations for reports that I run against the database to see what IP's are used but have no dns or have dns but no description etc. I can get you those scripts if you want later.
Ron.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
As an update, I've modified hawk so it now uses fping to get ping results for a network at a time instead of walking through each IP individually. This dramatically sped up the amount of time it takes to get through all the networks. I've also modified hawk to get its list of networks to ping from the phpip database instead of configuring it manually. This way, when you add another network within the phpip interface, hawk will pick up those differences on its next run without further intervention.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have a quick question - is there any way by which the scanned IP will resolve the WINS name rather than DNS name ,since we do not have PTR for all the IP's.
Thanks & regards,
Prasad.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Another slight update. I had to remove a prefix from my configuration and then ended up wanting to re-add it. The problem is that once you remove the prefix, it doesn't show back up on the list of prefixes that are available to add. The remove doesn't just change the specific prefix view from a 1 to 0, it actually removes it from the network. This is a 1-line change.
Change this line from:
$CidrRemove = mysql_query("DELETE FROM `net_ips` WHERE `netaddress` = '$prefixremove'");
to:
$CidrRemove = mysql_query("UPDATE `net_ips` SET `view` = '0' WHERE `netaddress` = '$prefixremove'");
The IP's that are part of the prefix that is removed are unaffected and will still have their associated data if/when they are re-added.
One other item that I've not decided on is when you remove a CIDR address as a whole. Currently it removes from the database the CIDR, any prefixes under it, as well as all IP's associated with that CIDR. My thought is that if one is mistakenly removed, all the associated data is lost. Should this be the case or should it just remove the CIDR and leave the prefixes/IP's?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I've got an archive file with what I'm currently running (database configuration stripped out), an sql file of my database schema, and an /etc/inittab entry to run the scheduled ping sweep. It'd be nice if I could just attach it to this message. Does anyone have a good location to post?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
For what it's worth. I have installed phpip and iphawk to evaluate tools for managing our IP space. We thought that the combination of the two would be a good package so I made some slight modifications to the phpip database (added a few fields to a table) and then modified iphawk (http://sourceforge.net/projects/iphawk/) to submit its data to the phpip database instead of its own.
This auto-populates the phpip database with the last ping time of an ip, the DNS and reverse DNS lookups when in the phpip application. It also highlights the reverse dns when it doesn't match dns entries. The highlighted color of the last ping field also changes the longer it has been since it was pingable.
I'm noting this here since it doesn't look like there has been any activity on the iphawk project in quite some time. If you (mearls) would like my modifications, I'll be happy to send them although they are fairly simple.
Thanks,
Ron.
Very interesting approach, can you forward over some screen shots.
I, effectively, this feature is very interesting, can you post additionnal detail in order to test that.
Thanks.
Can I get the Modified package for testing please !!
Thanks
So sorry about no response. I don't remember ever seeing an email notification and I didn't monitor this thread. Here's a screen shot that shows what I did:
rbpeters -That's really nice , I am looking for something like this ..which actually scans the network to give it's current status.
Can you please help me in configuring this ? I am very new to PHP scripting :-( !!
Regards,
Prasad.
Should be no problem but it would be easier if I could upload the package with all the file mods. Is there a place here for that?
Ron,
I searched on the project page but I think we do not have rights to upload anything here and again there is no activity on this project since long :-( !!
Will it be possible for you to mail me the modified "tar package" , my email ID is prasadpkulkarni@hotmail.com
Thanks in advance!!!
Prasad.
Yes, I'll send you the tgz file. There are a number of modifications that you'll need to make to get the package to work. First add these fields to the addresses table in the database:
lastping int(10)
hostname varchar(255)
reverse varchar(255)
After the db changes, you'll need to modify the …/includes/database.php to match your database information.
The hawk settings are in the hawk_daemon directory. There is an HQ directory in there with a hawk.conf file that will need to be modified with your settings/networks/password etc. What I did is break out each of our sites into a separate directory (HQ is the only one included) and have a separate job to walk through the networks of each site. I then created a respawn entry in /etc/inittab to call the particular hawk (site) instance. The main thing to watch for here is that the pid file is specific to each inittab entry.
There are a few things that I would change about this but haven't worked on. I'd change hawk from walking through the network and pinging each ip individually to using fping and be able to check the whole network at once which would be much faster. Also, I'd have hawk determine the networks it needs to check based on what networks are configured in phpip so I wouldn't have to make config changes in two places.
Once you get this working, there are a few special entries that I use in some of the fields in a phpip entry that change the displayed color etc. If you change the deviceCustom3 field to something like router or static or dhcp, the color will change on the entry to match the legend as seen in the screen shot. Look at the display.php file for all the possibilities. I also added a few customizations in deviceCustom2 field for unpingable and nodns entries. These are also listed in the display.php file. I use these customizations for reports that I run against the database to see what IP's are used but have no dns or have dns but no description etc. I can get you those scripts if you want later.
Ron.
Ron,
That's really great !! you took lot of efforts for this customization.
Thanks for giving the detail steps for this modification , I am now waiting for file 'tgz" to receive and make it work for my setup !!
Regards,
Prasad.
You should have the file already. I sent the message just after I posted. Let me know if you didn't get it and I'll send again.
Ron,
Unfortunately I didn't receive that file , could not reply you early since I am operating in different time zone.
Can you once again forward it to prasadpkulkarni@hotmail.com and CC to p_kulkarni27@yahoo.com
Thanks & regards,
Prasad.
As an update, I've modified hawk so it now uses fping to get ping results for a network at a time instead of walking through each IP individually. This dramatically sped up the amount of time it takes to get through all the networks. I've also modified hawk to get its list of networks to ping from the phpip database instead of configuring it manually. This way, when you add another network within the phpip interface, hawk will pick up those differences on its next run without further intervention.
Ron ,
Finally you did it !! it's good news.
so how can I get it ?
I have a quick question - is there any way by which the scanned IP will resolve the WINS name rather than DNS name ,since we do not have PTR for all the IP's.
Thanks & regards,
Prasad.
I can forward you the new hawk script.
Another slight update. I had to remove a prefix from my configuration and then ended up wanting to re-add it. The problem is that once you remove the prefix, it doesn't show back up on the list of prefixes that are available to add. The remove doesn't just change the specific prefix view from a 1 to 0, it actually removes it from the network. This is a 1-line change.
Change this line from:
$CidrRemove = mysql_query("DELETE FROM `net_ips` WHERE `netaddress` = '$prefixremove'");
to:
$CidrRemove = mysql_query("UPDATE `net_ips` SET `view` = '0' WHERE `netaddress` = '$prefixremove'");
The IP's that are part of the prefix that is removed are unaffected and will still have their associated data if/when they are re-added.
One other item that I've not decided on is when you remove a CIDR address as a whole. Currently it removes from the database the CIDR, any prefixes under it, as well as all IP's associated with that CIDR. My thought is that if one is mistakenly removed, all the associated data is lost. Should this be the case or should it just remove the CIDR and leave the prefixes/IP's?
I forgot to mention that the edit is within the file: prefix_remove.php
Made another small edit to the search page to add the DNS field as one of the options. Just ask if you'd like the change.
Hi Ron,
Could you possibly assist me getting this up and running with your modifications? I'll gladly send you an xmas present.
greggap@gmail.com
I've got an archive file with what I'm currently running (database configuration stripped out), an sql file of my database schema, and an /etc/inittab entry to run the scheduled ping sweep. It'd be nice if I could just attach it to this message. Does anyone have a good location to post?