/**
* @covers Netmask\Netmask::getAll
*/
public function testGetAll()
{
$block = new Netmask('192.168.0.1/24');
$this->assertTrue(is_array($block->getAll()));
$this->assertEquals(254, count($block->getAll()));
$this->assertTrue(in_array('192.168.0.24', $block->getAll()));
}
static function getInstance()
{
if (empty(self::$instance)) {
self::$instance = new Netmask();
}
return self::$instance;
}
#!/usr/bin/php -q
<?php
set_time_limit(0);
if (!@$argc) {
die("<p>script can only be run from command line");
}
define('_ABSPATH', dirname(dirname(__FILE__)));
require_once _ABSPATH . '/confs/config-inc.php';
require_once _ABSPATH . '/lib/functions.php';
require_once _ABSPATH . '/lib/scan-maker.php';
require_once _ABSPATH . '/lib/Nessus.php';
require_once _ABSPATH . '/lib/IXR_Library.php';
require_once _ABSPATH . '/lib/Netmask.php';
$nes = new Nessus();
$_nm = new Netmask();
$client = getIXRClient();
define_syslog_variables();
@($profile_id = $argv[1]);
if ($profile_id == '') {
exit;
}
// Begin processing the scan
$machine_list = array();
$scanner_set = array();
$output = array();
$settings = array();
$reading_output = false;
$stopped = false;
$output = '';
$recipients = array();
/**
* Deeper scan of the whitelist to match entries
*
* A deeper whitelist scan is needed if the user
* has specified a range, CIDR block, vhost, etc,
* because these particular types could be stored
* in the whitelist in a number of ways. This
* method performs the deeper interrogation of the
* whitelist to try to definitively proove that
* a specified machine is or is not in the whitelist
*
* @param array $wl Whitelist to check for machines in
* @param array $machine_list List of questionable
* machines that need to be checked for in the
* whitelist
* @param array $ok_computers List of computers that
* have been deemed "ok", aka the user is
* allowed to scan them
*/
function whitelist_dig_deep_verify_nodes(&$wl, &$machine_list, &$ok_computers)
{
$_nm = Netmask::getInstance();
foreach ($machine_list as $key3 => $val3) {
foreach ($wl as $key4 => $val4) {
// If the entry is a cidr and the whitelist is a cidr
if (is_cidr($val4) && is_cidr($val3)) {
if ($_nm->match_cidr($val4, $val3)) {
$ok_computers[] = ":whi:{$val3}";
$machine_list[$key3] = '';
}
// if the entry is an ip and the whitelist is a cidr
} else {
if (is_cidr($val4) && is_ip($val3)) {
if ($_nm->net_match($val4, $val3)) {
$ok_computers[] = ":whi:{$val3}";
$machine_list[$key3] = '';
}
// if the entry is a vhost and the whitelist is a cidr
} else {
if (is_cidr($val4) && is_vhost($val3)) {
$vhost = $val3;
$tmp = substr($val3, 1, -1);
$comp = gethostbyname($tmp);
if ($_nm->net_match($val4, $comp)) {
$ok_computers[] = ":vho:{$vhost}";
$machine_list[$key3] = '';
}
// if entry is a ?hostname? and whitelist is a cidr
} else {
if (is_cidr($val4) && $val3 != '') {
$val3 = gethostbyname($val3);
// Check if it's in the CIDR range and remove it
// if it is, because that means it's whitelisted
if ($_nm->net_match($val4, $val3)) {
// Not keeping the hostname because whitelist
// entries can only be IP based?
$ok_computers[] = ":whi:{$val3}";
$machine_list[$key3] = '';
}
}
}
}
}
}
}
}
