exit;
}
switch ($action) {
case 'delete_netgroup':
$name = explode(";", POST('name'));
foreach ($name as $netgroup_id) {
ossim_valid($netgroup_id, OSS_HEX, 'illegal:' . _('Network group'));
if (ossim_error()) {
$data['status'] = 'error';
$data['data'] = ossim_get_error_clean();
echo json_encode($data);
exit;
}
}
$db = new ossim_db();
$conn = $db->connect();
$data['status'] = 'OK';
$data['data'] = _('Network group removed successfully');
foreach ($name as $netgroup_id) {
if (Net_group::can_delete($conn, $netgroup_id)) {
Net_group::delete($conn, $netgroup_id);
Net_group_scan::delete($conn, $netgroup_id, 3001);
} else {
$data['status'] = 'error';
$data['data'] = _('Error! Network group could not be removed. This network group belongs to a policy');
}
}
$db->close();
break;
}
echo json_encode($data);
<?php
echo gettext("No");
?>
</a>
</p>
<?php
exit;
}
require_once 'ossim_db.inc';
require_once 'classes/Net_group.inc';
require_once 'classes/Net_group_scan.inc';
$db = new ossim_db();
$conn = $db->connect();
if (Net_group::can_delete($conn, $name)) {
Net_group::delete($conn, $name);
Net_group_scan::delete($conn, $name, 3001);
} else {
echo "ERROR_CANNOT";
}
$db->close($conn);
?>
<p> <?php
echo gettext("Network group deleted");
?>
</p>
<p><a href="netgroup.php"><?php
echo gettext("Back");
?>
</a></p>
<?php
function show_form()
{
global $sensor_list;
global $net_group_list;
global $host_group_list;
global $hosts_list;
global $nets_list;
global $conn;
global $sensor_index;
global $net_group_index;
global $host_group_index;
global $hosts_index;
global $nets_index;
$global_i = 0;
$num = count($sensor_list);
if ($num > 20) {
$cols = 5;
} else {
$cols = 3;
}
$rows = intval($num / $cols) + 1;
$num_ng = count($net_group_list);
if ($num_ng > 20) {
$cols = 5;
} else {
$cols = 3;
}
$rows_ng = intval($num_ng / $cols) + 1;
$num_hg = count($host_group_list);
if ($num_hg > 20) {
$cols = 5;
} else {
$cols = 3;
}
$rows_hg = intval($num_hg / $cols) + 1;
$num_hs = count($hosts_list);
if ($num_hs > 20) {
$cols = 5;
} else {
$cols = 3;
}
$rows_hs = intval($num_hs / $cols) + 1;
$num_ns = count($nets_list);
if ($num_ns > 20) {
$cols = 5;
} else {
$cols = 3;
}
$rows_ns = intval($num_ns / $cols) + 1;
if ($num_ns + $num_hs + $num_hg + $num_ng > 20) {
$cols_full = 5;
} else {
$cols_full = 3;
}
?>
<h3><center> <?php
echo _("Select sensors for this scan");
?>
</center></h3>
<ul>
<?php
$group_scan_list = Net_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS);
foreach ($group_scan_list as $group_scan) {
$net_group_sensors = Net_group::get_sensors($conn, $group_scan->get_net_group_name());
echo "\n<script>\n";
echo "var " . $group_scan->get_net_group_name() . " = true;\n";
echo "</script>\n";
$sensor_string = "";
foreach ($net_group_sensors as $ng_sensor => $name) {
if ($sensor_string == "") {
$sensor_string .= $sensor_index[$name];
} else {
$sensor_string .= "," . $sensor_index[$name];
}
}
$nets_string = "";
$nets = Net_group::get_networks($conn, $group_scan->get_net_group_name(), NESSUS);
foreach ($nets as $net) {
$name = $net->get_net_name();
if ($nets_string == "") {
$nets_string .= $nets_index[$name];
} else {
$nets_string .= "," . $nets_index[$name];
}
}
print "<li><a href=\"#\" onClick=\"return selectSomeNets('" . $group_scan->get_net_group_name() . "','" . $sensor_string . "','" . $nets_string . "');\">" . $group_scan->get_net_group_name() . "</a>";
}
$group_scan_list = Host_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS);
foreach ($group_scan_list as $group_scan) {
$host_group_sensors = Host_group::get_sensors($conn, $group_scan->get_host_group_name());
echo "\n<script>\n";
echo "var " . $group_scan->get_host_group_name() . " = true;\n";
echo "</script>\n";
$sensor_string = "";
foreach ($host_group_sensors as $hg_sensor) {
$name = $hg_sensor->get_sensor_name();
if ($sensor_string == "") {
$sensor_string .= $sensor_index[$name];
} else {
$sensor_string .= "," . $sensor_index[$name];
}
}
$hosts_string = "";
$hosts = Host_group::get_hosts($conn, $group_scan->get_host_group_name(), NESSUS);
foreach ($hosts as $host) {
$name = $host->get_host_name($conn);
if ($hosts_string == "") {
$hosts_string .= $hosts_index[$name];
} else {
$hosts_string .= "," . $hosts_index[$name];
}
}
print "<li><a href=\"#\" onClick=\"return selectSomeHosts('" . $group_scan->get_host_group_name() . "','" . $sensor_string . "','" . $hosts_string . "');\">" . $group_scan->get_host_group_name() . "</a>";
}
?>
</ul>
<form action="<?php
echo $_SERVER["SCRIPT_NAME"];
?>
" method="POST">
<p>
<?php
echo _("Please adjust incident creation threshold, incidents will only be created for vulnerabilities whose risk level exceeds the threshold.");
?>
<br/>
<?php
echo _("It is recommended to set a high level at the beginning in order to concentrate on more critical vulnerabilities first, lowering it after having solved/tagged them as false positivies.");
?>
<br/>
<?php
echo _("Threshold configuration can be found at Configuration->Main, \"vulnerability_incident_threshold\".");
?>
<?php
echo _("Current risk threshold is:");
?>
<b>
<?php
require_once 'ossim_conf.inc';
$conf = $GLOBALS["CONF"];
print $conf->get_conf("vulnerability_incident_threshold");
?>
</b>
</p>
<h4><center> (<?php
echo _("Empty means all");
?>
) </center></h4>
<center><a href="#" onClick="return selectAll();"><?php
echo _("Select / Unselect all");
?>
</a></center>
<br/>
<table width="100%" border="0" align="center"><tr><td>
<input type="radio" name="groupType" value="sensor" checked onClick="selectGroup('sensor');"> Sensor
<input type="radio" name="groupType" value="host" onClick="selectGroup('host');"> NetGroup / Nets / HostGroup / Hosts
</td></tr>
<tr><td>
<div id="rowSensor">
<table width="100%" align="left" border="0"><tr>
<?php
for ($i = 1; $i <= $rows; $i++) {
?>
<?php
for ($a = 0; $a < $cols && $global_i < $num; $a++) {
$sensor = $sensor_list[$global_i];
echo "<td width=\"" . intval(100 / $cols) . "%\">";
$all['sensors'][] = "sensor" . $global_i;
?>
<div align="left">
<input align="left" type="checkbox" id="<?php
echo "sensor" . $global_i;
?>
" name="<?php
echo "sensor" . $global_i;
?>
"
value="<?php
echo $sensor->get_ip();
?>
" /><?php
echo $sensor->get_name();
?>
</div></td>
<?php
$global_i++;
}
echo "</tr>\n";
?>
<?php
}
echo "</table>\n";
?>
</div>
<div id="rowHost" style="display: none">
<table width="100%" align="left" border="0">
<tr>
<th colspan="3">NetGroups</th></tr><tr>
<?php
$global_ng = 0;
for ($i = 1; $i <= $rows_ng; $i++) {
?>
<?php
for ($a = 0; $a < $cols_full && $global_ng < $num_ng; $a++) {
$netgroup = $net_group_list[$global_ng];
echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
$all['netgroups'][] = "netgroup" . $global_ng;
?>
<div align="left">
<input align="left" type="checkbox" id="<?php
echo "netgroup" . $global_ng;
?>
" name="netgroupList[]"
value="<?php
echo $netgroup->get_name();
?>
" /><?php
echo $netgroup->get_name($conn);
?>
</div></td>
<?php
$global_ng++;
}
echo "</tr>\n";
?>
<tr>
<?php
}
?>
<th colspan="3">HostGroups</th></tr><tr>
<?php
$global_hg = 0;
for ($i = 1; $i <= $rows_hg; $i++) {
for ($a = 0; $a < $cols_full && $global_hg < $num_hg; $a++) {
$hostgroup = $host_group_list[$global_hg];
echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
$all['hostgroups'][] = "hostgroup" . $global_hg;
?>
<div align="left">
<input align="left" type="checkbox" id="<?php
echo "hostgroup" . $global_hg;
?>
" name="hostgroupList[]"
value="<?php
echo $hostgroup->get_name();
?>
" /><?php
echo $hostgroup->get_name($conn);
?>
</div></td>
<?php
$global_hg++;
}
echo "</tr>\n";
?>
<tr>
<?php
}
?>
<th colspan="3">Nets</th></tr><tr>
<?php
$global_ns = 0;
for ($i = 1; $i <= $rows_ns; $i++) {
?>
<?php
for ($a = 0; $a < $cols_full && $global_ns < $num_ns; $a++) {
$nets = $nets_list[$global_ns];
echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
$all['nets'][] = "net" . $global_ns;
?>
<div align="left">
<input align="left" type="checkbox" id="<?php
echo "net" . $global_ns;
?>
" name="netList[]"
value="<?php
echo $nets->get_name();
?>
" /><?php
echo $nets->get_name($conn);
?>
</div></td>
<?php
$global_ns++;
}
echo "</tr>\n";
?>
<tr>
<?php
}
?>
<th colspan="3">Hosts</th></tr><tr>
<?php
$global_hs = 0;
for ($i = 1; $i <= $rows_hs; $i++) {
?>
<?php
for ($a = 0; $a < $cols_full && $global_hs < $num_hs; $a++) {
$hosts = $hosts_list[$global_hs];
echo "<td width=\"" . intval(100 / $cols_full) . "%\">";
$all['hosts'][] = "host" . $global_hs;
?>
<div align="left">
<input align="left" type="checkbox" id="<?php
echo "host" . $global_hs;
?>
" name="hostList[]"
value="<?php
echo $hosts->get_host_ip();
?>
" /><?php
echo $hosts->get_name($conn);
?>
</div></td>
<?php
$global_hs++;
}
echo "</tr>\n";
?>
<?php
}
echo "</table>\n";
?>
</div>
</td></tr></table>
<br>
<center>
<input type="hidden" name="nsensors" value="<?php
echo $global_i;
?>
" />
<input type="Submit" class="button" value="<?php
echo _("Submit");
?>
">
</center>
</form>
<center><a href="index.php"> <?php
echo gettext("Back");
?>
</a></center>
<script>
var check_sensors = true;
var check_nethost = true;
var scanType = 'sensor';
function selectAll()
{
if (scanType == 'sensor') {
<?php
if (count($all['sensors']) != 0) {
foreach ($all['sensors'] as $id) {
?>
document.getElementById('<?php
echo $id;
?>
').checked = check_sensors;
<?php
}
}
?>
check_sensors = check_sensors == false ? true : false;
}
else {
<?php
if (count($all['netgroups']) != 0) {
foreach ($all['netgroups'] as $id) {
?>
document.getElementById('<?php
echo $id;
?>
').checked = check_nethost;
<?php
}
}
?>
<?php
if (count($all['hostgroups']) != 0) {
foreach ($all['hostgroups'] as $id) {
?>
document.getElementById('<?php
echo $id;
?>
').checked = check_nethost;
<?php
}
}
?>
<?php
if (count($all['nets']) != 0) {
foreach ($all['nets'] as $id) {
?>
document.getElementById('<?php
echo $id;
?>
').checked = check_nethost;
<?php
}
}
?>
<?php
if (count($all['hosts']) != 0) {
foreach ($all['hosts'] as $id) {
?>
document.getElementById('<?php
echo $id;
?>
').checked = check_nethost;
<?php
}
}
?>
check_nethost = check_nethost == false ? true : false;
}
return false;
}
function selectSomeNets(name, identifiersSensors, identifiersNets)
{
if (identifiersSensors.length != 0) {
arrayOfStringsSensor = identifiersSensors.split(",");
for (var i=0; i < arrayOfStringsSensor.length; i++) {
document.getElementById("sensor" + arrayOfStringsSensor[i]).checked = window[name];
}
}
if (identifiersNets.length != 0) {
arrayOfStringsNets = identifiersNets.split(",");
for (var i=0; i < arrayOfStringsNets.length; i++) {
document.getElementById("net" + arrayOfStringsNets[i]).checked = window[name];
}
}
window[name] = window[name] == false ? true : false;
return false;
}
function selectSomeHosts(name, identifiersSensors, identifiersHosts)
{
if (identifiersSensors.length != 0) {
arrayOfStringsSensor = identifiersSensors.split(",");
for (var i=0; i < arrayOfStringsSensor.length; i++) {
document.getElementById("sensor" + arrayOfStringsSensor[i]).checked = window[name];
}
}
if (identifiersHosts.length != 0) {
arrayOfStringsHosts = identifiersHosts.split(",");
for (var i=0; i < arrayOfStringsHosts.length; i++) {
document.getElementById("host" + arrayOfStringsHosts[i]).checked = window[name];
}
}
window[name] = window[name] == false ? true : false;
return false;
}
function selectGroup(category)
{
if (category == 'sensor') {
document.getElementById("rowHost").style.display = 'none';
document.getElementById("rowSensor").style.display = 'block';
} else {
document.getElementById("rowHost").style.display = 'block';
document.getElementById("rowSensor").style.display = 'none';
}
scanType = category;
}
</script>
</body>
</html>
<?php
}
$cols = 3;
}
$rows_hs = intval($num_hs / $cols) + 1;
$num_ns = count($nets_list);
if ($num_ns > 20) {
$cols = 5;
} else {
$cols = 3;
}
$rows_ns = intval($num_ns / $cols) + 1;
if ($num_ns + $num_hs + $num_hg + $num_ng > 20) {
$cols_full = 5;
} else {
$cols_full = 3;
}
$group_scan_list = Net_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS);
foreach ($group_scan_list as $group_scan) {
$net_group_sensors = Net_group::get_sensors($conn, $group_scan->get_net_group_name());
echo "\n<script>\n";
echo "var " . $group_scan->get_net_group_name() . " = true;\n";
echo "</script>\n";
$sensor_string = "";
foreach ($net_group_sensors as $ng_sensor => $name) {
if ($sensor_string == "") {
$sensor_string .= $sensor_index[$name];
} else {
$sensor_string .= "," . $sensor_index[$name];
}
}
$nets_string = "";
$nets = Net_group::get_networks($conn, $group_scan->get_net_group_name(), NESSUS);
}
ossim_valid($nessus_action, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Nessus action"));
ossim_valid($net_group_name, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("Net group name"));
ossim_valid($order, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("Order"));
ossim_valid($page, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("page"));
ossim_valid($rp, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("rp"));
ossim_valid($search, OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("search"));
ossim_valid($field, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("field"));
if (ossim_error()) {
die(ossim_error());
}
$db = new ossim_db();
$conn = $db->connect();
if (!empty($nessus_action) and !empty($net_group_name)) {
if ($nessus_action == "toggle") {
$nessus_action = ($scan_list = Net_group_scan::get_list($conn, "WHERE net_group_name = '{$net_group_name}' AND plugin_id = 3001")) ? "disable" : "enable";
}
if ($nessus_action == "enable") {
Net_group::enable_nessus($conn, $net_group_name);
} elseif ($nessus_action = "disable") {
Net_group::disable_nessus($conn, $net_group_name);
}
}
if (empty($order)) {
$order = "name";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$where = "";
if (!empty($search) && !empty($field)) {
$where = "name LIKE '%{$search}%'";
</head>
<body>
<?php
if (POST('insert') && empty($data['data']['id'])) {
if ($data['status'] == 'error') {
$txt_error = "<div>" . _("The following errors occurred") . ":</div>\n \t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $validation_errors) . "</div>";
$config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => false), 'style' => 'width: 80%; margin: 20px auto; text-align: left;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
exit;
}
$db = new ossim_db();
$conn = $db->connect();
Net_group::update($conn, $id, $ctx, $ngname, $rrd_profile, $networks, $descr);
Net_group_scan::delete($conn, $id, 3001);
$db->close();
Util::memcacheFlush();
?>
<script type='text/javascript'>
if (!parent.is_lightbox_loaded(window.name))
{
document.location.href="netgroup.php?msg=created";
}
else
{
document.location.href="netgroup_form.php?id=<?php
echo $id;
?>
&msg=saved";