function resize_subnet() { global $COLLATE; global $dbo; include 'include/validation_functions.php'; $subnet_id = isset($_POST['subnet_id']) && is_numeric($_POST['subnet_id']) ? $_POST['subnet_id'] : ''; $new_subnet = isset($_POST['new_subnet']) ? $_POST['new_subnet'] : ''; $confirm = isset($_POST['confirm']) ? true : false; $sql = "SELECT name, start_ip, end_ip, mask, block_id FROM subnets WHERE id='{$subnet_id}'"; $result = $dbo->query($sql); if ($result->rowCount() != '1') { $notice = "invalidrequest"; header("Location: blocks.php?notice={$notice}"); exit; } list($original_subnet_name, $original_long_start_ip, $original_long_end_ip, $original_long_mask, $original_block_id) = $result->fetch(PDO::FETCH_NUM); $original_cidr = subnet2cidr($original_long_start_ip, $original_long_mask); $return = validate_network($new_subnet, 'subnet', null, true); #last parameter is saying it's ok if the subnet overlaps another if ($return['0'] === false) { $notice = "invalidrequest"; header("Location: blocks.php?notice={$notice}"); exit; } $new_start_ip = $return['start_ip']; $new_long_start_ip = $return['long_start_ip']; $new_end_ip = $return['end_ip']; $new_long_end_ip = $return['long_end_ip']; $new_long_mask = $return['long_mask']; $new_cidr = subnet2cidr($new_long_start_ip, $new_long_mask); if ($confirm === false) { require_once './include/header.php'; } else { AccessControl('3', "Subnet {$original_subnet_name} resized from {$original_cidr} to {$new_cidr}"); } # is new subnet larger or smaller? $original_binary_mask = sprintf("%032b", $original_long_mask); $new_binary_mask = sprintf("%032b", $new_long_mask); if (substr_count($original_binary_mask, '1') < substr_count($new_binary_mask, '1')) { # if smaller: # * validate new network falls within the old one $test = $new_long_start_ip & $original_long_mask; if ($test != $original_long_start_ip) { $notice = "invalidshrink-notice"; header("Location: subnets.php?op=modify&subnet_id={$subnet_id}¬ice={$notice}"); exit; } # * list static IP addresses that would be lost if ($confirm === false) { $sql_action = "SELECT id, ip, name, contact, note, failed_scans FROM statics WHERE "; $sql_sort = ' ORDER BY `ip` ASC'; } else { $sql_action = "DELETE FROM statics WHERE "; } # in old subnet, but not in new one $sql_selection = " CAST(ip & 0xFFFFFFFF AS UNSIGNED) & CAST('{$original_long_mask}' & 0xFFFFFFFF AS UNSIGNED) = \r\n\t CAST('{$original_long_start_ip}' & 0xFFFFFFFF AS UNSIGNED)\r\n AND CAST(ip & 0xFFFFFFFF AS UNSIGNED) & CAST('{$new_long_mask}' & 0xFFFFFFFF AS UNSIGNED) != \r\n CAST('{$new_long_start_ip}' & 0xFFFFFFFF AS UNSIGNED) "; $sql = $sql_action . $sql_selection; $sql = isset($sql_sort) ? $sql . $sql_sort : $sql; $result = $dbo->query($sql); if ($confirm === false) { $staticstobedeleted = str_replace("%original_subnet_name%", $original_subnet_name, $COLLATE['languages']['selected']['staticstodelete']); echo "<h1>{$staticstobedeleted}:</h1><br />\n"; if ($result->rowCount() != '0') { echo "<table style=\"width: 100%\"><tr><th>" . $COLLATE['languages']['selected']['IPAddress'] . "</th><th>" . $COLLATE['languages']['selected']['Name'] . "</th><th>" . $COLLATE['languages']['selected']['Contact'] . "</th><th>" . $COLLATE['languages']['selected']['FailedScans'] . "</th></tr>" . "<tr><td colspan=\"5\"><hr class=\"head\" /></td></tr>\n"; while (list($static_id, $ip, $name, $contact, $note, $failed_scans) = $result->fetch(PDO::FETCH_NUM)) { $ip = long2ip($ip); echo "<tr><td>{$ip}</td><td>{$name}</td><td>{$contact}</td><td>{$failed_scans}</td><td></td></tr>\n"; echo "<tr><td colspan=\"5\">{$note}</td></tr>\n"; echo "<tr><td colspan=\"5\"><hr class=\"division\" /></td></tr>\n"; } echo "</table><br /><br />"; } else { echo "<p>" . $COLLATE['languages']['selected']['nostaticsdeleted'] . "</p><br /><br />"; } } # * show how ACLs would be adjusted # Find acls matching original subnet_id and see if start and end fall within new subnet $sql = "SELECT id, name, start_ip, end_ip FROM acl WHERE subnet_id='{$subnet_id}' AND (\r\n CAST(start_ip & 0xFFFFFFFF AS UNSIGNED) & CAST('{$new_long_mask}' & 0xFFFFFFFF AS UNSIGNED) != \r\n CAST('{$new_long_start_ip}' & 0xFFFFFFFF AS UNSIGNED)\r\n OR CAST(end_ip & 0xFFFFFFFF AS UNSIGNED) & CAST('{$new_long_mask}' & 0xFFFFFFFF AS UNSIGNED) != \r\n CAST('{$new_long_start_ip}' & 0xFFFFFFFF AS UNSIGNED))"; $result = $dbo->query($sql); if ($confirm === false) { $aclstobechanged = str_replace("%original_subnet_name%", $original_subnet_name, $COLLATE['languages']['selected']['aclstobechanged']); echo "<h1>{$aclstobechanged}:</h1><br />\n"; if ($result->rowCount() == '0') { echo "<p>" . $COLLATE['languages']['selected']['noaclschanged'] . "</p><br /><br />"; } else { echo "<table style=\"width: 100%\">\n" . "<tr><th>" . $COLLATE['languages']['selected']['Name'] . "\r\n </th><th>" . $COLLATE['languages']['selected']['StartingIP'] . "</th><th>" . $COLLATE['languages']['selected']['EndIP'] . "</th><th>" . $COLLATE['languages']['selected']['Modification'] . "</th></tr>\n" . "<tr><td colspan=\"4\"><hr class=\"head\" /></td></tr>"; } } while (list($acl_id, $acl_name, $acl_long_start_ip, $acl_long_end_ip) = $result->fetch(PDO::FETCH_NUM)) { $note = ""; # this might not get set below. $sql = ""; if (($acl_long_start_ip & $new_long_mask) == $new_long_start_ip) { $new_acl_start_ip = long2ip($acl_long_start_ip); } else { $new_acl_start_ip = $new_start_ip; $note = "<b>" . $COLLATE['languages']['selected']['StartingIPmodified'] . "</b>"; $sql = "UPDATE acl SET start_ip='{$new_long_start_ip}' WHERE id='{$acl_id}'"; } if (($acl_long_end_ip & $new_long_mask) == $new_long_start_ip) { $new_acl_end_ip = long2ip($acl_long_end_ip); } else { $new_acl_end_ip = $new_end_ip; $note = "<b>" . $COLLATE['languages']['selected']['EndIPmodified'] . "</b>"; $sql = "UPDATE acl SET end_ip='{$new_long_end_ip}' WHERE id='{$acl_id}'"; } if ($new_acl_start_ip == $new_start_ip && $new_acl_end_ip == $new_end_ip) { # we wouldn't generally have an ACL reserve a whole subnet. We'll just ditch the ACL # and let the user make something new $new_acl_start_ip = long2ip($acl_long_start_ip); $new_acl_end_ip = long2ip($acl_long_end_ip); $note = "<b>" . $COLLATE['languages']['selected']['ToBeDeleted'] . "</b>"; $sql = "DELETE FROM acl WHERE id='{$acl_id}'"; } if ($confirm === false) { echo "<tr><td>{$acl_name}</td><td>{$new_acl_start_ip}</td><td>{$new_acl_end_ip}</td><td>{$note}</td></tr>\n"; } elseif (!empty($sql)) { $dbo->query($sql); } } if ($confirm === false) { echo "</table>\n"; } } else { # if larger: if (($original_long_start_ip & $new_long_mask) != $new_long_start_ip) { $notice = "invalidgrow-notice"; header("Location: subnets.php?op=modify&subnet_id={$subnet_id}¬ice={$notice}"); exit; } # * list all subnets that new network overlaps $sql = "SELECT `id`, `name`, `start_ip`, `end_ip`, `mask`, `note` FROM `subnets` WHERE\r\n CAST(start_ip & 0xFFFFFFFF AS UNSIGNED) & CAST('{$new_long_mask}' & 0xFFFFFFFF AS UNSIGNED) = \r\n CAST('{$new_long_start_ip}' & 0xFFFFFFFF AS UNSIGNED) ORDER BY `start_ip` ASC"; $results = $dbo->query($sql); $subnetstomerge = str_replace("%original_subnet_name%", $original_subnet_name, $COLLATE['languages']['selected']['subnetstomerge']); if ($confirm === false) { echo "<h1>{$subnetstomerge}:</h1><br />\n"; } if ($results->rowCount() < '1' && $confirm === false) { echo "<p>" . $COLLATE['languages']['selected']['nosubnetsoverlap'] . "</p>"; } else { if ($confirm === false) { echo "<table style=\"width: 100%\">" . "<tr><th style=\"text-align: left\">" . $COLLATE['languages']['selected']['SubnetName'] . "</th>" . "<th style=\"text-align: left\">" . $COLLATE['languages']['selected']['NetworkAddress'] . "</th>" . "<th style=\"text-align: left\">" . $COLLATE['languages']['selected']['SubnetMask'] . "</th>" . "<tr><td colspan=\"4\"><hr class=\"head\" /></td></tr>\n"; } while (list($affected_subnet_id, $name, $long_start_ip, $long_end_ip, $long_mask, $note) = $results->fetch(PDO::FETCH_NUM)) { if ($confirm === false) { $start_ip = long2ip($long_start_ip); $mask = long2ip($long_mask); echo "<tr><td><b>{$name}</b></td><td>{$start_ip}</td><td>{$mask}</td></tr>\n"; echo "<tr><td colspan=\"4\">{$note}</td></tr>\n"; echo "<tr><td colspan=\"5\"><hr class=\"division\" /></td></tr>\n"; } else { $sql = "UPDATE acl SET subnet_id='{$subnet_id}' WHERE subnet_id='{$affected_subnet_id}'"; $result = $dbo->query($sql); } } if ($confirm === false) { echo "</table>"; } else { $sql = "DELETE FROM `subnets` WHERE CAST(start_ip & 0xFFFFFFFF AS UNSIGNED) & CAST('{$new_long_mask}' & 0xFFFFFFFF AS UNSIGNED) = \r\n CAST('{$new_long_start_ip}' & 0xFFFFFFFF AS UNSIGNED)\r\n AND id != '{$subnet_id}'"; $result = $dbo->query($sql); $sql = "UPDATE statics SET subnet_id='{$subnet_id}' WHERE \r\n\t\t CAST(ip & 0xFFFFFFFF AS UNSIGNED) & CAST('{$new_long_mask}' & 0xFFFFFFFF AS UNSIGNED) = \r\n\t\t\t CAST('{$new_long_start_ip}' & 0xFFFFFFFF AS UNSIGNED)"; $result = $dbo->query($sql); } } } if ($confirm === false) { echo "<br /><br /><h3>" . $COLLATE['languages']['selected']['confirmproceed'] . "</h3><hr /><br />\n" . "<form action=\"subnets.php?op=resize\" method=\"post\">\n" . "<input type=\"hidden\" name=\"subnet_id\" value=\"{$subnet_id}\" />" . "<input type=\"hidden\" name=\"confirm\" value=\"true\" />" . "<input type=\"hidden\" name=\"new_subnet\" value=\"{$new_subnet}\" />" . "<p><input type=\"submit\" value=\" " . $COLLATE['languages']['selected']['Go'] . " \" /> | <a href=\"subnets.php?block_id={$original_block_id}\">" . $COLLATE['languages']['selected']['altcancel'] . "</a></p>" . "</form>"; } else { $sql = "UPDATE subnets set start_ip='{$new_long_start_ip}', end_ip='{$new_long_end_ip}', mask='{$new_long_mask}' WHERE id='{$subnet_id}'"; $result = $dbo->query($sql); $notice = "resized-notice"; header("Location: subnets.php?block_id={$original_block_id}¬ice={$notice}"); exit; } }
function toggle_stalescan() { global $COLLATE; global $dbo; $subnet_id = isset($_GET['subnet_id']) && preg_match("/[0-9]*/", $_GET['subnet_id']) ? $_GET['subnet_id'] : ''; $toggle = isset($_GET['toggle']) && preg_match("/on|off/", $_GET['toggle']) ? $_GET['toggle'] : ''; if (empty($subnet_id) || empty($toggle)) { header("HTTP/1.1 400 Bad Request"); $notice = 'invalidrequest'; header("Location: subnets.php?op=modify&subnet_id={$subnet_id}¬ice={$notice}"); exit; } $sql = "SELECT name, start_ip, mask FROM subnets WHERE id='{$subnet_id}'"; $query_result = $dbo->query($sql); if ($query_result->rowCount() !== 1) { header("HTTP/1.1 400 Bad Request"); $notice = 'invalidrequest'; header("Location: subnets.php?op=modify&subnet_id={$subnet_id}¬ice={$notice}"); exit; } list($subnet_name, $long_start_ip, $long_mask) = $query_result->fetch(PDO::FETCH_NUM); $cidr = subnet2cidr($long_start_ip, $long_mask); collate_log('3', "Stale Scan toggled {$toggle} for Subnet: {$subnet_name} ({$cidr})"); if ($toggle == 'on') { $stalescan_enabled = '1'; $notice = 'staletoggleon-notice'; $sql = "UPDATE statics SET failed_scans='0' WHERE subnet_id='{$subnet_id}'"; $dbo->query($sql); } else { $stalescan_enabled = '0'; $notice = 'staletoggleoff-notice'; $sql = "UPDATE statics SET failed_scans='-1' WHERE subnet_id='{$subnet_id}'"; $dbo->query($sql); } $sql = "UPDATE subnets SET stalescan_enabled={$stalescan_enabled} WHERE id='{$subnet_id}'"; $dbo->query($sql); header("Location: subnets.php?op=modify&subnet_id={$subnet_id}¬ice={$notice}"); exit; }