function network_list($conn, $page, $search)
{
$filters = array();
$filters['limit'] = get_query_limits($page);
if ($search != '') {
$search = utf8_decode($search);
$search = escape_sql($search, $conn);
$filters['where'] = " name LIKE '%{$search}%' OR ips LIKE '%{$search}%'";
}
$filters['order_by'] = 'name ASC';
try {
list($nets, $total) = Asset_net::get_list($conn, '', $filters, TRUE);
} catch (Exception $e) {
$return['error'] = TRUE;
$return['msg'] = $e->getMessage();
return $return;
}
//If we have at least one element...
if ($total > 0) {
//Getting the nets already selected in the filter.
$selected = get_selected_values(7);
}
$list = array();
//Going through the list to format the elements properly:
foreach ($nets as $id => $net) {
$_chk = $selected[$id] != '' ? TRUE : FALSE;
$_net = array('id' => $id, 'name' => $net['name'], 'extra' => $net['ips'], 'checked' => $_chk);
$list[$id] = $_net;
}
$data['total'] = intval($total);
$data['list'] = $list;
$return['error'] = FALSE;
$return['data'] = $data;
return $return;
}
function get_network_info($conn, $net_id)
{
$net = Asset_net::get_object($conn, $net_id);
//Asset IPs
$cidrs = $net->get_ips('array');
//Asset Sensors
$net_sensors = $net->get_sensors();
$sensors = $net_sensors->get_sensors();
$data = array('id' => $net_id, 'name' => $net->get_name(), 'owner' => $net->get_owner(), 'descr' => html_entity_decode($net->get_descr(), ENT_QUOTES, 'UTF-8'), 'cidrs' => $cidrs, 'asset_value' => $net->get_asset_value(), 'icon' => base64_encode($net->get_icon()), 'sensors' => $sensors);
return $data;
}
function get_network_status($conn, $data)
{
$id = $data['id'];
$location = $data['location'];
ossim_valid($id, OSS_HEX, 'illegal:' . _("Network ID"));
ossim_valid($location, OSS_HEX, 'illegal:' . _("Location ID"));
if (ossim_error()) {
$info_error = "Error: " . ossim_get_error();
ossim_clean_error();
$return['error'] = true;
$return['msg'] = $info_error;
return $return;
}
//aux variables
$answ['0'] = 'error';
$answ['1'] = 'ok';
$answ['2'] = 'info';
$types = array('ids', 'vulns', 'passive', 'active', 'netflow');
//net info
$net = Asset_net::get_object($conn, $id);
if ($net != NULL) {
$cidr = $net->get_ips();
$data['net_name'] = $net->get_name() . " (" . $cidr . ")";
$data['net_owner'] = Session::get_entity_name($conn, $net->get_ctx(), true);
$data['net_descr'] = $net->get_descr();
} else {
$data['net_name'] = _('Unknown');
$data['net_owner'] = _('Unknown');
$data['net_descr'] = _('Unknown');
}
$checks = Locations::get_location_checks($conn, $location);
foreach ($types as $t_pos => $t) {
if (strlen($checks) == 5 && $checks[$t_pos] == 0) {
$data[$t] = 'info';
} else {
$options = array("type" => $t, "percent" => false, "network" => $id);
$var = get_network_visibility($conn, $options);
$data[$t] = $answ[$var];
}
}
$options = array("type" => 'asset_network', "network" => $id);
$data['net_devices'] = get_asset_visibility($conn, $options);
$options = array("type" => 'asset_server', "network" => $id);
$data['servers'] = get_asset_visibility($conn, $options);
$return['error'] = false;
$return['data'] = $data;
return $return;
}
function modify_scan_networks($conn, $wizard, $data)
{
$step = intval($wizard->get_step_data('scan_step'));
if ($step == 1 || $step == 2) {
$response['error'] = TRUE;
$response['msg'] = _('There is a Asset scan running, you have to wait until it completes.');
return $response;
}
$ids = array_keys($data['nets']);
ossim_valid($ids, OSS_HEX, 'illegal:' . _("Network ID"));
if (ossim_error()) {
$response['error'] = TRUE;
$response['msg'] = ossim_get_error();
ossim_clean_error();
return $response;
}
$nets = array();
$ip_count = 0;
foreach ($ids as $id) {
$cidrs = Asset_net::get_ips_by_id($conn, $id);
$cidrs = preg_replace('/\\s*,\\s*/', ' ', $cidrs);
$nets[$id] = trim($cidrs);
$cidr_list = explode(' ', $cidrs);
foreach ($cidr_list as $cidr) {
list($dir, $mask) = explode('/', $cidr);
if ($mask > 0 && $mask <= 32) {
$ip_count += 1 << 32 - $mask;
}
}
}
$wizard->clean_step_data();
$wizard->set_step_data('scan_step', 0);
$wizard->set_step_data('scan_nets', $nets);
$wizard->set_step_data('scan_ips_count', $ip_count);
$wizard->save_status();
$response['error'] = FALSE;
$response['data']['total'] = Util::number_format_locale($ip_count);
return $response;
}
$net_id = $host_id = '';
if (!empty($asset_id)) {
if (preg_match("/\\//", $ip_cidr)) {
if (Asset_net::is_in_db($conn, $asset_id) === TRUE) {
$net_id = $asset_id;
}
} else {
if (Asset_host::is_in_db($conn, $asset_id) === TRUE) {
$host_id = $asset_id;
}
}
}
if (!empty($net_id)) {
// Net with ID
$total_host += Util::host_in_net($ip_cidr);
$name = Asset_net::get_name_by_id($conn, $net_id);
$perm = Session::netAllowed($conn, $net_id);
if (count($sensors) == 0) {
$sensors = array_keys(Asset_net_sensors::get_sensors_by_id($conn, $net_id));
}
} else {
if (!empty($host_id)) {
// Host with ID
$total_host++;
$name = Asset_host::get_name_by_id($conn, $host_id);
$perm = $unresolved ? TRUE : Session::hostAllowed($conn, $host_id);
if (count($sensors) == 0) {
$sensors = array_keys(Asset_host_sensors::get_sensors_by_id($conn, $host_id));
}
} else {
if (preg_match("/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2}?\$/", $ip_cidr)) {
echo $mode == 'insert' ? _('Inserting hosts from network') : _('Searching hosts from network');
?>
";
parent.$("#ptext").html(n_msg + "<?php
echo ' <strong>' . $net['name'] . '</strong>';
?>
");
</script>
<?php
$cidrs = explode(',', $net['ips']);
$net_ctx = $net['ctx'];
$query = "SELECT DISTINCT INET6_NTOP(ip_src) AS ip, HEX(ctx) AS ctx, HEX(device.sensor_id) AS sensor_id\n FROM acid_event, device \n WHERE acid_event.device_id = device.id AND acid_event.device_id > 0 \n AND ip_src >= INET6_PTON(?) AND ip_src <= INET6_PTON(?) AND ctx = UNHEX(?) AND src_host is NULL\n UNION\n SELECT DISTINCT INET6_NTOP(ip_dst) AS ip, HEX(ctx) AS ctx, HEX(device.sensor_id) AS sensor_id \n FROM acid_event, device\n WHERE acid_event.device_id = device.id AND acid_event.device_id > 0 \n AND ip_dst >= INET6_PTON(?) AND ip_dst <= INET6_PTON(?) AND ctx = UNHEX(?) AND dst_host is NULL";
foreach ($cidrs as $cidr) {
$range = Asset_net::expand_cidr($cidr, 'SHORT', 'IP');
$conn_snort = $db->snort_connect();
$params = array($range[$cidr][0], $range[$cidr][1], $net_ctx, $range[$cidr][0], $range[$cidr][1], $net_ctx);
//error_log($cidr."\n".$rs->sql."\n\n", 3, '/tmp/siem_host.txt');
$rs = $conn_snort->Execute($query, $params);
if (!$rs) {
?>
<script type="text/javascript">
parent.show_error("<?php
echo $conn_snort->ErrorMsg();
?>
");
</script>
<?php
exit;
$source = "<img src='../pixmaps/theme/host.png' align=absbottom />" . _('ANY');
}
$xml .= "<cell><![CDATA[" . $source . "]]></cell>";
//
$dest = "";
if ($dest_host_list = $policy->get_hosts($conn, 'dest')) {
foreach ($dest_host_list as $dest_host) {
if (!check_any($dest_host->get_host_id())) {
$dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/host.png' align=absbottom /> " . Asset_host::get_name_by_id($conn, $dest_host->get_host_id());
}
}
}
if ($dest_net_list = $policy->get_nets($conn, 'dest')) {
foreach ($dest_net_list as $dest_net) {
if (!check_any($dest_net->get_net_id())) {
$dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/net.png' align=absbottom /> " . Asset_net::get_name_by_id($conn, $dest_net->get_net_id());
}
}
}
if ($dest_host_list = $policy->get_host_groups($conn, 'dest')) {
foreach ($dest_host_list as $dest_host_group) {
if (!check_any($dest_host_group->get_host_group_id())) {
$dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/host_group.png' align=absbottom /> " . Asset_group::get_name_by_id($conn, $dest_host_group->get_host_group_id());
}
}
}
if ($dest_net_list = $policy->get_net_groups($conn, 'dest')) {
foreach ($dest_net_list as $dest_net_group) {
if (!check_any($dest_net_group->get_net_group_id())) {
$dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/net_group.png' align=absbottom /> " . Net_group::get_name_by_id($conn, $dest_net_group->get_net_group_id());
}
function get_indicator_asset_name($conn, $type, $asset_id)
{
$name = '';
switch ($type) {
case 'host':
$name = Asset_host::get_name_by_id($conn, $asset_id);
break;
case 'net':
$name = Asset_net::get_name_by_id($conn, $asset_id);
break;
case 'hostgroup':
case 'host_group':
$name = Asset_group::get_name_by_id($conn, $asset_id);
break;
case 'net_group':
case 'netgroup':
$name = Net_group::get_name_by_id($conn, $asset_id);
break;
case 'sensor':
$name = Av_sensor::get_name_by_id($conn, $asset_id);
break;
}
$name = empty($name) ? _('Unknown') : $name;
return $name;
}
$sources['netgroup_' . $source_net_group->get_net_group_id()] = check_any($source_net_group->get_net_group_id()) ? _("ANY") : _("NETWORK_GROUP") . ": " . Net_group::get_name_by_id($conn, $source_net_group->get_net_group_id());
}
}
//DESTINY
if ($dest_host_list = $policy->get_hosts($conn, 'dest')) {
foreach ($dest_host_list as $dest_host) {
if (check_any($dest_host->get_host_id())) {
$dests[$dest_host->get_host_id()] = _("ANY");
} else {
$dests['host_' . $dest_host->get_host_id()] = _("HOST") . ": " . Asset_host::get_name_by_id($conn, $dest_host->get_host_id());
}
}
}
if ($dest_net_list = $policy->get_nets($conn, 'dest')) {
foreach ($dest_net_list as $dest_net) {
$dests['net_' . $dest_net->get_net_id()] = check_any($dest_net->get_net_id()) ? _("ANY") : _("NETWORK") . ": " . Asset_net::get_name_by_id($conn, $dest_net->get_net_id());
}
}
if ($dest_host_list = $policy->get_host_groups($conn, 'dest')) {
foreach ($dest_host_list as $dest_host_group) {
$dests['hostgroup_' . $dest_host_group->get_host_group_id()] = check_any($dest_host_group->get_host_group_id()) ? _("ANY") : _("HOST_GROUP") . ": " . Asset_group::get_name_by_id($conn, $dest_host_group->get_host_group_id());
}
}
if ($dest_net_list = $policy->get_net_groups($conn, 'dest')) {
foreach ($dest_net_list as $dest_net_group) {
$dests['netgroup_' . $dest_net_group->get_net_group_id()] = check_any($dest_net_group->get_net_group_id()) ? _("ANY") : _("NETWORK_GROUP") . ": " . Net_group::get_name_by_id($conn, $dest_net_group->get_net_group_id());
}
}
//PORTS
//source
if ($port_list = $policy->get_ports($conn, 'source')) {
Session::logcheck('environment-menu', 'PolicyNetworks');
//Export all nets
if (isset($_GET['get_data'])) {
//Setting up a high time limit.
$db = new ossim_db();
$conn = $db->connect();
//Setting up the file name with the nets info
$file = uniqid('/tmp/export_all_net_' . date('Ymd_H-i-s') . '_');
$_SESSION['_csv_file_nets'] = $file;
session_write_close();
//Export a filtered list
$filters = array();
$session = session_id();
$tables = ', user_component_filter f';
$filters = array('where' => "f.asset_id=net.id AND f.asset_type='network' AND f.session_id = '{$session}'", 'order_by' => 'net.name ASC');
$_net_list = Asset_net::get_list($conn, $tables, $filters);
$n_data = array();
foreach ($_net_list[0] as $net) {
$descr = $net['descr'];
$n_data[] = '"' . $net['name'] . '";"' . $net['ips'] . '";"' . $descr . '";"' . $net['asset_value'] . '";"' . $net['id'] . '"';
}
$csv_data = implode("\r\n", $n_data);
file_put_contents($file, $csv_data);
exit;
} elseif (isset($_GET['download_data'])) {
$output_name = _('Networks') . '__' . gmdate('Y-m-d', time()) . '.csv';
//Retrieving the file name
$file = $_SESSION['_csv_file_nets'];
unset($_SESSION['_csv_file_nets']);
$csv_data = '"Netname";"CIDRs";"Description";"Asset Value";"Net ID"' . "\r\n";
if (file_exists($file)) {
function get_targets($conn, $ip_list)
{
$result = array();
if (!empty($ip_list)) {
if (is_array($ip_list) == FALSE) {
$ip_list = explode("\n", trim($ip_list));
}
foreach ($ip_list as $asset) {
$asset = trim($asset);
if (preg_match('/^([a-f\\d]{32})#(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2})$/i', $asset, $found)) {
$_asset_name = Asset_net::is_in_db($conn, $found[1]) ? Asset_net::get_name_by_id($conn, $found[1]) : $found[2];
$result[$asset] = $_asset_name;
} else {
if (preg_match('/^([a-f\\d]{32})#(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})$/i', $asset, $found)) {
$_asset_name = Asset_host::is_in_db($conn, $found[1]) ? Asset_host::get_name_by_id($conn, $found[1]) : $found[2];
$result[$asset] = $_asset_name;
} else {
if (preg_match('/^([a-f\\d]{32})#hostgroup$/i', $asset, $found)) {
$result[$asset] = Asset_group::get_name_by_id($conn, $found[1]);
} else {
if (preg_match('/^([a-f\\d]{32})#netgroup$/i', $asset, $found)) {
$result[$asset] = Net_group::get_name_by_id($conn, $found[1]);
} else {
$result[$asset] = $asset;
}
}
}
}
}
}
return $result;
}
//Config File
require_once 'av_init.php';
Session::logcheck_ajax('environment-menu', 'PolicyNetworks');
//Validate Form token
$token = POST('token');
if (Token::verify('tk_delete_network_bulk', $token) == FALSE) {
$error = Token::create_error_message();
Util::response_bad_request($error);
}
session_write_close();
/* connect to db */
$db = new ossim_db(TRUE);
$conn = $db->connect();
try {
$perm_add = Session::can_i_create_assets();
if (!$perm_add) {
$error = _('You do not have the correct permissions to delete networks. Please contact system administrator with any questions');
Util::response_bad_request($error);
}
$app_name = Session::is_pro() ? 'AlienVault' : 'OSSIM';
$num_assets = Filter_list::get_total_selection($conn, 'network');
//Delete all filtered nets
Asset_net::bulk_delete($conn);
$data['status'] = 'OK';
$data['data'] = sprintf(_('%s networks have been permanently deleted from %s'), $num_assets, $app_name);
} catch (Exception $e) {
$db->close();
Util::response_bad_request($e->getMessage());
}
$db->close();
echo json_encode($data);
"type": "POST",
"url": sSource,
"data": aoData,
"beforeSend": function()
{
datatables_loading(true);
},
"success": function (json)
{
datatables_loading(false);
<?php
// Modify the 'Delete' button status
// This option will be disable if the user has host or net permissions
$host_perm_where = Asset_host::get_perms_where();
$net_perm_where = Asset_net::get_perms_where();
if (empty($host_perm_where) && empty($net_perm_where)) {
?>
if (json.iTotalDisplayRecords > 0)
{
$('#delete_all').removeClass('disabled');
}
else
{
$('#delete_all').addClass('disabled');
}
<?php
}
?>
require_once 'av_init.php';
$option = $argv[1];
$asset = $argv[2];
$result = '';
$db = new ossim_db();
$dbconn = $db->connect();
$_SESSION['_user'] = '******';
switch ($option) {
case 'get_ctx':
if (preg_match("/^([a-f\\d]{32})#\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\$/i", $asset, $found)) {
// host_id#IP
$result = Asset_host::get_ctx_by_id($dbconn, $found[1]);
} else {
if (preg_match("/^([a-f\\d]{32})#\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2}\$/i", $asset, $found)) {
// net_id#CIDR
$result = Asset_net::get_ctx_by_id($dbconn, $found[1]);
} else {
$filters = array('where' => 'hostname = "' . $asset . '" OR fqdns LIKE "%' . $asset . '%"');
$_hosts_data = Asset_host::get_basic_list($dbconn, $filters);
$hosts_list = $_hosts_data[1];
$total = count($hosts_list);
if ($total > 0) {
$host_id = key($hosts_list);
$result = $hosts_list[$host_id]['ctx'];
} else {
$result = '';
}
}
}
break;
case 'get_sensor_ip':
} else {
$dbo->enable_cache();
$conn = $dbo->connect();
}
include_once "{$BASE_path}/base_common.php";
$sensors = $hosts = $ossim_servers = array();
$sensors = Av_sensor::get_basic_list($conn, array(), TRUE);
list($hosts, $host_ids) = Asset_host::get_basic_list($conn, array(), TRUE);
$entities = Session::get_all_entities($conn);
$rep_activities = Reputation::get_reputation_activities($conn, "ORDER BY descr", $db_memcache);
$rep_severities = array("ANY", "High", "Medium", "Low");
//
// added default home host/lan to SESSION[ip_addr]
//
if ($_GET["addhomeips"] == "src" || $_GET["addhomeips"] == "dst") {
$_nets = Asset_net::get_all($conn, TRUE);
// adding all not external lans
$local_ips = array();
$total_ips = 0;
foreach ($_nets as $current_net) {
$cirds = explode(",", $current_net['ips']);
foreach ($cirds as $cidr) {
if (!$current_net['external'] && preg_match("/(.*)\\.(.*)\\.(.*)\\.(.*)\\/(.*)/", $cidr, $fields)) {
$local_ips[] = array(" ", "ip_" . $_GET["addhomeips"], "=", $fields[1], $fields[2], $fields[3], $fields[4], $cidr, " ", "OR", $fields[5]);
$total_ips++;
}
}
}
// adding rest of hosts
foreach ($hosts as $current_ip => $_hips) {
foreach ($_hips as $ctx => $_hdata) {
<?php
//CSS Files
$_files = array(array('src' => 'av_common.css', 'def_path' => TRUE));
Util::print_include_files($_files, 'css');
?>
</head>
<body>
<?php
if ($data['status'] != 'error') {
try {
$db = new ossim_db();
$conn = $db->connect();
$is_in_db = Asset_net::is_in_db($conn, $id);
$net = new Asset_net($id);
if ($is_in_db == TRUE) {
$can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $id);
$can_i_create_assets = TRUE;
$net->load_from_db($conn, $id);
} else {
$can_i_modify_ips = TRUE;
$can_i_create_assets = Session::can_i_create_assets();
}
if ($can_i_create_assets == TRUE) {
$net->set_ctx($ctx);
$net->set_name($name);
if ($can_i_modify_ips == TRUE) {
$net->set_ips($ips_string);
}
$net->set_descr($descr);
$sensor_id = POST('task_sensor');
$params = POST('task_params');
$frequency = POST('task_period');
$validation_errors = validate_form_fields('POST', $validate);
//Extra validations
if (empty($validation_errors)) {
switch ($s_type) {
case 'nmap':
$db = new ossim_db();
$conn = $db->connect();
$params = POST('task_params');
$sensor_id = POST('task_sensor');
if (!Asset_net::is_cidr_in_my_nets($conn, $params)) {
$validation_errors['task_params'] = sprintf(_("Error! The network %s is not allowed. Please check your network settings"), Util::htmlentities($params));
} else {
if (!Asset_net::check_cidr_by_sensor($conn, $params, $sensor_id)) {
$validation_errors['task_params'] = _("You can't scan the specified network using this sensor");
}
}
$db->close();
break;
case 'wmi':
$pattern = '/\\s*wmihost:(.*);wmiuser:(.*);wmipass:(.*)\\s*/';
preg_match($pattern, $params, $matches);
$wmi_host = trim($matches[1]);
$wmi_user = trim($matches[2]);
$wmi_pass = trim($matches[3]);
ossim_clean_error();
if (!ossim_valid($wmi_host, OSS_IP_ADDR, 'illegal:' . _('WMI Host'))) {
ossim_clean_error();
ossim_valid($wmi_host, OSS_HOST_NAME, 'illegal:' . _('WMI Host'));
$_list_data = Asset_net::get_list($conn);
$_net_aux = array_keys($_list_data[0]);
foreach ($_net_aux as $n_id) {
$assets_aux[] = Util::uuid_format($n_id);
}
$_POST["from_list"] = implode(",", $assets_aux);
}
if ((Session::get_host_where() != "" || Session::get_net_where() != "") && (POST('to') == "ANY" || POST('to_list') == "")) {
$_POST["to"] = "LIST";
$assets_aux = array();
$_list_data = Asset_host::get_basic_list($conn);
$_host_aux = array_keys($_list_data[1]);
foreach ($_host_aux as $h_id) {
$assets_aux[] = Util::uuid_format($h_id);
}
$_list_data = Asset_net::get_list($conn);
$_net_aux = array_keys($_list_data[0]);
foreach ($_net_aux as $n_id) {
$assets_aux[] = Util::uuid_format($n_id);
}
$_POST["to_list"] = implode(",", $assets_aux);
}
if (POST("from") == "LIST") {
$_POST["from"] = POST("from_list");
}
if (POST("port_from") == "LIST") {
$_POST["port_from"] = POST("port_from_list");
}
if (POST("to") == "LIST") {
$_POST["to"] = POST("to_list");
}
Session::logcheck("analysis-menu", "EventsForensics");
list($ip, $ctx, $net_id) = explode(";", GET('ip'));
ossim_valid($ip, OSS_IP_ADDR_0, 'illegal:' . _('IP address'));
ossim_valid($ctx, OSS_HEX, 'illegal:' . _('CTX'));
ossim_valid($net_id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _('Net Id'));
if (ossim_error()) {
die(ossim_error());
}
$db = new ossim_db(TRUE);
if (is_array($_SESSION['server']) && $_SESSION['server'][0] != '') {
$conn = $db->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]);
} else {
$conn = $db->connect();
}
$net = NULL;
if ($net_id != '') {
if ($net_obj = Asset_net::get_object($conn, $net_id)) {
$net = array('name' => $net_obj->get_name(), 'ips' => $net_obj->get_ips(), 'icon' => $net_obj->get_html_icon());
}
} else {
$net = array_shift(Asset_host::get_closest_net($conn, $ip, $ctx));
if ($net['icon'] != '') {
$net['icon'] = "<img class='asset_icon w16' src='data:image/png;base64," . base64_encode($net['icon']) . "'/>";
}
}
if (is_array($net) && !empty($net)) {
echo $net['icon'] . "<strong>" . $net['name'] . "</strong> (" . $net['ips'] . ")";
} else {
echo "<strong>{$ip}</strong> " . _("not found in home networks");
}
$db->close();
function get_allowed_nets($conn, $tables = '', $filters = array())
{
$filters['order'] = 'name ASC';
$_net_list = Asset_net::get_list($conn, $tables, $filters);
$nets = $_net_list[0];
return $nets;
}
$response['aaData'] = array();
$response['iDisplayStart'] = 0;
echo json_encode($response);
die;
}
$detail = "<img class='detail_img' src='" . AV_PIXMAPS_DIR . "/show_details.png'/>";
$results = array();
foreach ($nets as $_id => $net_data) {
// Alarms
$alarms = Asset_net::has_alarms($conn, $_id);
$alarms_icon = $alarms ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-';
// Vulns
$vulns = Asset_net::get_vulnerability_number($conn, $_id);
$vulns_icon = $vulns > 0 ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-';
// Events
$events = Asset_net::has_events($conn, $_id);
$events_icon = $events ? "<img src='" . AV_PIXMAPS_DIR . "/assets_tick_gray.png'/>" : '-';
// Sensors
$sensors = Asset_net_sensors::get_sensors_by_id($conn, $_id);
$sensors_string = '';
foreach ($sensors as $sensor_id => $sensor_data) {
if ($sensors_string != '') {
$sensors_string .= ', ';
}
$sensors_string .= $sensor_data['name'];
}
// COLUMNS
$_res = array();
$_res['DT_RowId'] = $_id;
$_res[] = $net_data['name'];
$_res[] = Util::utf8_encode2($net_data['owner']);
if (ossim_error()) {
die(ossim_error());
}
$networks = array();
$descr = '';
if ($id != '') {
if ($net_group_list = Net_group::get_list($conn, " g.id = UNHEX('{$id}')")) {
$net_group = $net_group_list[0];
$ngname = $net_group->get_name();
$ctx = $net_group->get_ctx();
$descr = $net_group->get_descr();
$obj_networks = Net_group::get_networks($conn, $net_group->get_id());
foreach ($obj_networks as $net) {
$net_id = $net->get_net_id();
$filters = array('where' => "id = UNHEX('" . $net_id . "')");
$_aux_net_list = Asset_net::get_list($conn, '', $filters);
$networks[$net->get_net_id()] = $_aux_net_list[0][$net_id];
}
$rrd_profile = $net_group->get_rrd_profile();
if (!$rrd_profile) {
$rrd_profile = 'None';
}
}
}
if (GET('id') != '' || GET('clone') == 1) {
$action = 'modifynetgroup.php';
} else {
$action = 'newnetgroup.php';
}
$paths = Asset::get_path_url(FALSE);
?>
$ret = array();
$res = $conn->query("SELECT id,name,value FROM acl_perm WHERE type='MENU'");
while ($rw = $res->fetchRow()) {
$ret[$rw['name']][$rw['value']] = $rw['id'];
}
return $ret;
}
ini_set("include_path", ".:/usr/share/ossim/include:/usr/share/phpgacl");
$force_gacl = true;
require_once 'av_init.php';
$gacl = $GLOBALS['ACL'];
/* connect to db */
$db = new ossim_db();
$conn = $db->connect();
try {
$net_list = Asset_net::get_all($conn);
$sensor_list = Av_sensor::get_all($conn);
} catch (Exception $e) {
print $e->getMessage();
exit;
}
$permids = get_permids($conn);
$users = Session::get_list($conn);
foreach ($users as $user) {
$nets = "";
$sensors = "";
$perms = array();
$login = $user->get_login();
if ($user->get_is_admin() || $login == ACL_DEFAULT_OSSIM_ADMIN) {
continue;
}
$db = new ossim_db();
$conn = $db->connect();
$assets .= '<tr>
<td style="text-align:left;width:25mm;font-size:10px;color:#535353;" valign="top">' . "Assets Selected:" . '</td>
<td class="nobborder" style="padding-left:5px;font-size:10px" valign="top">
<table class="w100" cellpadding="0" cellspacing="0">';
if ($_SESSION['_user_vision']['host_where'] && !Session::only_ff_host()) {
$_host_list = Asset_host::get_basic_list($conn);
$hosts = $_host_list[1];
foreach ($hosts as $host) {
$assets .= '<tr><td class="nobborder" style="text-align:left;" valign="top">' . _('Host') . ': ' . $host['name'] . ' [' . $host['ips'] . ']</td></tr>';
}
}
if ($_SESSION['_user_vision']['net_where'] && !Session::only_ff_net()) {
$nets = Asset_net::get_list($conn);
$_net_list = Asset_net::get_list($conn);
$nets = $_net_list[0];
foreach ($nets as $net) {
$assets .= '<tr><td class="nobborder" style="text-align:left;" valign="top">' . _('Net') . ': ' . $net['name'] . ' [' . $net['ips'] . ']</td></tr>';
}
}
$assets .= ' </table>
</td>
</tr>';
$db->close();
} else {
$assets .= '<tr>
<td style="text-align:left;width:25mm;font-size:10px;color:#535353;">' . _('Assets Selected:') . '</td>
<td class="nobborder" style="padding-left:5px;text-align:left;font-size:10px" valign="top">' . _('All Assets') . '</td>
</tr>';
}
?>
</th>
<td class="left nobborder">
<select id="toselect" name="toselect[]" size="12" multiple="multiple" style="width:150px">
<?php
if ($rule->to != "ANY" && $rule->to != "" && !preg_match("/\\:...\\_IP/", $rule->to)) {
$pre_list = explode(",", $rule->to);
foreach ($pre_list as $list_element) {
// Asset ID: Resolve by name
if (preg_match("/(\\!)?([0-9A-Fa-f\\-]{36})/", $list_element, $found)) {
$uuid_aux = str_replace("-", "", strtoupper($found[2]));
$h_obj = Asset_host::get_object($conn, $uuid_aux);
if ($h_obj != null) {
echo "<option value='" . $found[1] . $found[2] . "'>" . $found[1] . $h_obj->get_name() . " (" . $h_obj->get_ips()->get_ips('string') . ")</option>\n";
} else {
$n_obj = Asset_net::get_object($conn, $uuid_aux);
if ($n_obj != null) {
echo "<option value='" . $found[1] . $found[2] . "'>" . $found[1] . $n_obj->get_name() . " (" . $n_obj->get_ips() . ")</option>\n";
}
}
// Another one (HOME_NET, 12.12.12.12...)
} else {
echo "<option value='{$list_element}'>{$list_element}</option>\n";
}
}
}
?>
</select>
<input type="button" class="small" value=" [X] " onclick="deletefrom('toselect');"/>
</td>
</tr>
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck('configuration-menu', 'AlienVaultInventory');
$sensor_id = GET('sensor_id');
$data['status'] = 'error';
$data['data'] = '';
if (valid_hex32($sensor_id)) {
$_networks = array();
$db = new ossim_db();
$conn = $db->connect();
$_nets = Asset_net::get_nets_by_sensor($conn, $sensor_id);
$db->close();
foreach ($_nets as $_net) {
$cidrs = explode(',', $_net['ips']);
foreach ($cidrs as $cidr) {
$_networks[] = array('txt' => trim($cidr) . ' [' . $_net['name'] . ']', 'id' => trim($cidr));
}
}
$data['status'] = 'OK';
$data['data'] = $_networks;
}
echo json_encode($data);
function main_page($viewall, $sortby, $sortdir)
{
global $uroles, $username, $dbconn, $hosts;
global $arruser, $user;
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
$tz = Util::get_timezone();
if ($sortby == "") {
$sortby = "id";
}
if ($sortdir == "") {
$sortdir = "DESC";
}
$sql_order = "order by {$sortby} {$sortdir}";
if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
?>
<div style="width:50%; position: relative; height: 5px; float:left">
<div style="width:100%; position: absolute; top: -41px;left:0px;">
<div style="float:left; height:28px; margin:5px 5px 0px 0px;">
<a class="button" href="<?php
echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?smethod=schedule&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs');
?>
">
<?php
echo _("New Scan Job");
?>
</a>
</div>
<div style="float:left;height:28px;margin:5px 5px 0px -2px;">
<a class="greybox button av_b_secondary" href="import_nbe.php" title="<?php
echo _("Import nbe file");
?>
">
<?php
echo _("Import nbe file");
?>
</a>
</div>
</div>
</div>
<?php
}
if (intval($_GET['page']) != 0) {
$page = intval($_GET['page']);
} else {
$page = 1;
}
$pagesize = 10;
if ($username == "admin") {
$query = "SELECT count(id) as num FROM vuln_jobs";
} else {
$query = "SELECT count(id) as num FROM vuln_jobs where username='******'";
}
$result = $dbconn->Execute($query);
$jobCount = $result->fields["num"];
$num_pages = ceil($jobCount / $pagesize);
//echo "num_pages:[".$num_pages."]";
//echo "jobCount:[".$jobCount."]";
//echo "page:[".$page."]";
if (Vulnerabilities::scanner_type() == "omp") {
// We can display scan status with OMP protocol
echo Vulnerabilities::get_omp_running_scans($dbconn);
} else {
// Nessus
all_jobs(0, 10, "R");
}
?>
<?php
$schedulejobs = _("Scheduled Jobs");
echo <<<EOT
<table style='margin-top:20px;' class='w100 transparent'><tr><td class='sec_title'>{$schedulejobs}</td></tr></table>
<table summary="Job Schedules" class='w100 table_list'>
EOT;
if ($sortdir == "ASC") {
$sortdir = "DESC";
} else {
$sortdir = "ASC";
}
$arr = array("name" => "Name", "schedule_type" => "Schedule Type", "time" => "Time", "next_CHECK" => "Next Scan", "enabled" => "Status");
// modified by hsh to return all scan schedules
if (empty($arruser)) {
$query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id ";
} else {
$query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id WHERE username in ({$user}) ";
}
$query .= $sql_order;
$result = $dbconn->execute($query);
if ($result->EOF) {
echo "<tr><td class='empty_results' height='20' style='text-align:center;'>" . _("No Scheduled Jobs") . "</td></tr>";
}
if (!$result->EOF) {
echo "<tr>";
foreach ($arr as $order_by => $value) {
echo "<th><a href=\"manage_jobs.php?sortby={$order_by}&sortdir={$sortdir}\">" . _($value) . "</a></th>";
}
if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
echo "<th>" . _("Action") . "</th></tr>";
}
}
$colors = array("#FFFFFF", "#EEEEEE");
$color = 0;
while (!$result->EOF) {
list($profile, $targets, $schedid, $schedname, $schedtype, $sid, $timeout, $user, $schedstatus, $nextscan, $servers) = $result->fields;
$name = Av_sensor::get_name_by_id($dbconn, $servers);
$servers = $name != '' ? $name : "unknown";
$targets_to_resolve = explode("\n", $targets);
$ttargets = array();
foreach ($targets_to_resolve as $id_ip) {
if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+\\/\\d{1,2}/i", $id_ip, $found) && Asset_net::is_in_db($dbconn, $found[1])) {
$ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_net::get_name_by_id($dbconn, $found[1]) . ")";
} else {
if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+/i", $id_ip, $found) && Asset_host::is_in_db($dbconn, $found[1])) {
$ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_host::get_name_by_id($dbconn, $found[1]) . ")";
} else {
$ttargets[] = preg_replace("/[a-f\\d]{32}/i", "", $id_ip);
}
}
}
$targets = implode("<BR/>", $ttargets);
$tz = intval($tz);
$nextscan = gmdate("Y-m-d H:i:s", Util::get_utc_unixtime($nextscan) + 3600 * $tz);
preg_match("/\\d+\\-\\d+\\-\\d+\\s(\\d+:\\d+:\\d+)/", $nextscan, $found);
$time = $found[1];
switch ($schedtype) {
case "N":
$stt = _("Once (Now)");
break;
case "O":
$stt = _("Once");
break;
case "D":
$stt = _("Daily");
break;
case "W":
$stt = _("Weekly");
break;
case "M":
$stt = _("Monthly");
break;
case "Q":
$stt = _("Quarterly");
break;
case "H":
$stt = _("On Hold");
break;
case "NW":
$stt = _("N<sup>th</sup> weekday of the month");
break;
default:
$stt = " ";
break;
}
switch ($schedstatus) {
case "1":
$itext = _("Disable Scheduled Job");
$isrc = "images/stop_task.png";
$ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=0";
break;
default:
$itext = _("Enable Scheduled Job");
$isrc = "images/play_task.png";
$ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=1";
break;
}
if (!Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
$ilink = "javascript:return false;";
}
if ($schedstatus) {
$txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"green\">" . _("Enabled") . "</font></a></td>";
} else {
$txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"red\">" . _("Disabled") . "</font></a></td>";
}
require_once 'classes/Security.inc';
if (valid_hex32($user)) {
$user = Session::get_entity_name($dbconn, $user);
}
echo "<tr bgcolor=\"" . $colors[$color % 2] . "\">";
if ($profile == "") {
$profile = _("Default");
}
echo "<td><span class=\"tip\" title=\"<b>" . _("Owner") . ":</b> {$user}<br><b>" . _("Server") . ":</b> {$servers}<br /><b>" . _("Scheduled Job ID") . ":</b> {$schedid}<br><b>" . _("Profile") . ":</b> {$profile}<br><b>" . _("Targets") . ":</b><br>" . $targets . "\">{$schedname}</span></td>";
?>
<td><?php
echo $stt;
?>
</td>
<td><?php
echo $time;
?>
</td>
<td><?php
echo $nextscan;
?>
</td>
<?php
echo <<<EOT
{$txt_enabled}
<td style="padding-top:2px;"><a href="{$ilink}"><img alt="{$itext}" src="{$isrc}" border=0 title="{$itext}"></a>
EOT;
if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
echo "<a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?disp=edit_sched&sched_id=' . $schedid, 'environment', 'vulnerabilities', 'scan_jobs') . "'><img src='images/pencil.png' title='" . _("Edit Scheduled") . "'></a> ";
echo "<a href='manage_jobs.php?disp=delete&schedid={$schedid}' onclick='return confirmDelete();'><img src='images/delete.gif' title='" . gettext("Delete Scheduled") . "'></a>";
}
echo "</td>";
echo <<<EOT
</tr>
EOT;
$result->MoveNext();
$color++;
}
echo <<<EOT
</table>
EOT;
?>
<br />
<?php
$out = all_jobs(($page - 1) * $pagesize, $pagesize);
?>
<table width="100%" align="center" class="transparent" cellspacing="0" cellpadding="0">
<tr>
<td class="nobborder" valign="top" style="padding-top:5px;">
<div class="fright">
<?php
if ($out != 0 && $num_pages != 1) {
$page_url = "manage_jobs.php";
if ($page == 1 && $page == $num_pages) {
echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>';
echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>';
} elseif ($page == 1) {
echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>';
echo '<a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a> ';
} elseif ($page == $num_pages) {
echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a>';
echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>';
} else {
echo '<a href="' . $page_url . '?page=' . ($page - 1) . '">< ' . _("PREVIOUS") . '</a><a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '">' . _("NEXT") . ' ></a>';
}
}
?>
</div>
</td>
</tr>
</table>
<?php
}
if (!isset($_POST['ajax_validation_all']) || POST('ajax_validation_all') == FALSE) {
if (!Token::verify('tk_form_task', REQUEST('token'))) {
Token::show_error();
exit;
}
}
}
$validation_errors = validate_form_fields('POST', $validate);
if (empty($validation_errors['task_params'])) {
if ($_SESSION['av_inventory_type'] == 'nmap') {
$task_params = POST('task_params');
$task_sensor = POST('task_sensor');
if (!Asset_net::is_cidr_in_my_nets($conn, $task_params)) {
$validation_errors['task_params'] = _('Network not allowed') . '. Check your asset filter. <br/>' . _('Entered value') . ": <strong>'" . Util::htmlentities($task_params) . "</strong>'";
} else {
if (!Asset_net::check_cidr_by_sensor($conn, $task_params, $task_sensor)) {
$validation_errors['task_params'] = _("You can't scan the specified network using this sensor");
}
}
} elseif ($_SESSION['av_inventory_type'] == 'wmi') {
//Format example: wmihost:ip_address;wmiuser:user;wmipass:pass
$task_params = POST('task_params');
$pattern = '/\\s*wmihost:(.*);wmiuser:(.*);wmipass:(.*)\\s*/';
preg_match($pattern, $task_params, $matches);
$wmi_host = trim($matches[1]);
$wmi_user = trim($matches[2]);
$wmi_pass = trim($matches[3]);
ossim_clean_error();
if (!ossim_valid($wmi_host, OSS_IP_ADDR, 'illegal:' . _('WMI Credentials'))) {
ossim_clean_error();
ossim_valid($wmi_host, OSS_HOST_NAME, 'illegal:' . _('WMI Credentials'));
function import_assets_from_csv($filename, $iic, $ctx, $import_type)
{
//Process status
$summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_nets' => array());
$db = new ossim_db();
$conn = $db->connect();
$str_data = file_get_contents($filename);
if ($str_data === FALSE) {
$summary['general']['status'] = 'error';
$summary['general']['data']['errors'] = _('Failed to read data from CSV file');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
$array_data = preg_split('/\\n|\\r/', $str_data);
foreach ($array_data as $k => $v) {
if (trim($v) != '') {
$data[] = explode('";"', trim($v));
}
}
set_time_limit(360);
/*********************************************************************************************************************
* From net section:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"
* - Version 3.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*
*
* From welcome wizard:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"
*
*********************************************************************************************************************/
//Check file size
if (count($data) <= 0 || count($data) == 1 && preg_match('/Netname/', $data[0][0])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('CSV file is empty');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
//Check importation type and headers
$csv_headers = array();
if ($import_type == 'networks') {
if (preg_match('/Net ID/', $data[0][4]) || preg_match('/Sensors/', $data[0][4])) {
$csv_headers = array_shift($data);
} else {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Headers not found');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
}
//Setting total nets to import
$summary['general']['statistics']['total'] = count($data);
//Allowed sensors
$filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')");
$a_sensors = Av_sensor::get_basic_list($conn, $filters);
$sensor_ids = array_keys($a_sensors);
if (count($sensor_ids) == 0) {
$summary['general']['status'] = 'error';
$s_error_msg = Session::is_pro() ? _('There is no sensor for this context') : _('There is no sensor for this net');
$summary['general']['data'] = $s_error_msg;
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
Util::disable_perm_triggers($conn, TRUE);
foreach ($data as $k => $v) {
//Clean previous errors
ossim_clean_error();
$num_line = $k + 1;
//Set default status
$summary['by_nets'][$num_line]['status'] = 'error';
//Check file format
$cnd_1 = $import_type == 'networks' && count($v) < 5;
$cnd_2 = $import_type == 'welcome_wizard_nets' && count($v) < 3;
if ($cnd_1 || $cnd_2) {
$summary['by_nets'][$num_line]['errors']['Format'] = _('Number of fields is incorrect');
$summary['general']['statistics']['errors']++;
continue;
}
//Clean values
$param = array();
foreach ($v as $field) {
$parameter = trim($field);
$pattern = '/^\\"|\\"$|^\'|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
}
//Values
$is_in_db = FALSE;
$net_id = '';
$name = $param[0];
$cidrs = preg_replace("/[\n\r\t]+/", '', $param[1]);
$descr = $param[2];
$asset_value = $param[3] == '' ? 2 : intval($param[3]);
$sensors = $sensor_ids;
//Permissions
$can_i_create_assets = Session::can_i_create_assets();
$can_i_modify_ips = TRUE;
//CIDRs
if (!ossim_valid($cidrs, OSS_IP_CIDR, 'illegal:' . _('CIDR'))) {
$summary['by_nets'][$num_line]['errors']['CIDRs'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Check Net ID �Is there a net registered in the System?
$net_ids = Asset_net::get_id_by_ips($conn, $cidrs, $ctx);
$net_id = key($net_ids);
if (!empty($net_id)) {
$is_in_db = TRUE;
} else {
$net_id = Util::uuid();
}
// Special case: Forced Net ID [Version 4.x.x]
if ($import_type == 'networks' && preg_match('/Net ID/', $csv_headers[4])) {
$csv_net_id = strtoupper($param[4]);
if ($is_in_db == TRUE && $csv_net_id != $net_id) {
$id_error_msg = _('Net is already registered in the System with another Net ID');
$summary['by_nets'][$num_line]['errors']['Net'] = $id_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Netname
if (!empty($iic)) {
$name = clean_iic($name);
}
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
ossim_clean_error();
$name = clean_iic($name);
$name = clean_echars($name);
$warning_msg = _('Netname has invalid characters') . '<br/>' . _('Netname will be replaced by') . ": <strong>{$name}</strong>";
$summary['by_nets'][$num_line]['warnings']['Netname'] = $warning_msg;
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
unset($summary['by_nets'][$num_line]['warnings']);
$summary['general']['statistics']['warnings']--;
$summary['by_nets'][$num_line]['status'] = 'error';
$summary['by_nets'][$num_line]['errors']['Netname'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Description
if (!ossim_valid($descr, OSS_NULLABLE, OSS_AT, OSS_TEXT, '\\t', 'illegal:' . _('Description'))) {
$summary['by_nets'][$num_line]['errors']['Description'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
} else {
if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') {
$descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8');
}
}
//Sensor
if ($is_in_db == FALSE) {
//Only update net sensors with unregistered nets
if ($import_type == 'networks' && preg_match('/Sensors/', $csv_headers[4])) {
//Special case: Sensors in CSV file //[Version 3.x.x]
$sensors = array();
$_sensors = explode(',', $param[4]);
if (is_array($_sensors) && !empty($_sensors)) {
$_sensors = array_flip($_sensors);
if (is_array($a_sensors) && !empty($a_sensors)) {
foreach ($a_sensors as $s_id => $s_data) {
if (array_key_exists($s_data['ip'], $_sensors)) {
$sensors[] = $s_id;
}
}
}
}
if (!is_array($sensors) || empty($sensors)) {
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP');
$summary['by_nets'][$num_line]['errors']['Sensors'] = $s_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
}
/***********************************************************
********** Only for importation from net section **********
***********************************************************/
if ($import_type == 'networks') {
//Asset
if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) {
$summary['by_nets'][$num_line]['errors']['Asset value'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Insert/Update net in database
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
try {
$net = new Asset_net($net_id);
if ($is_in_db == TRUE) {
$net->load_from_db($conn, $net_id);
$can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id);
} else {
if ($can_i_create_assets == FALSE) {
$n_error_msg = _('Net') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this net");
$summary['by_nets'][$num_line]['errors']['Net'] = $n_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Check CIDRs
if ($can_i_modify_ips == TRUE) {
$aux_cidr = explode(',', $cidrs);
foreach ($aux_cidr as $cidr) {
$net_ids = Asset_net::get_id_by_ips($conn, $cidr, $ctx);
unset($net_ids[$net_id]);
if (!empty($net_ids)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} already exists for this entity");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
} else {
if (Session::get_net_where() != '') {
if (!Asset_net::is_cidr_in_my_nets($conn, $cidr, $ctx)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} out of range. Check your asset filter");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
}
}
}
}
} else {
$c_error_msg = _('Net') . ' ' . $name . ': ' . _("CIDRs not allowed. CIDRs wasn't be modified");
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['warnings']['errors']++;
$summary['by_nets'][$num_line]['warnings']['CIDRs'] = $c_error_msg;
}
//Setting new values
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
$net->set_ctx($ctx);
$net->set_name($name);
$net->set_descr($descr);
if ($is_in_db == FALSE) {
if ($can_i_modify_ips == TRUE) {
$net->set_ips($cidrs);
}
$net->set_sensors($sensors);
}
$net->set_asset_value($asset_value);
$net->save_in_db($conn, FALSE);
$summary['general']['statistics']['saved']++;
$summary['by_nets'][$num_line]['data'] = $is_in_db == TRUE ? _('Net updated') : _('New new inserted');
//Keep warnings
if ($summary['by_nets'][$num_line]['status'] != 'warning') {
$summary['by_nets'][$num_line]['status'] = 'success';
}
}
} catch (Exception $e) {
$summary['by_nets'][$num_line]['errors']['Database error'] = $e->getMessage();
$summary['general']['statistics']['errors']++;
}
}
}
if ($summary['general']['statistics']['saved'] > 0) {
if ($summary['general']['statistics']['errors'] == 0) {
$summary['general']['status'] = 'success';
$summary['general']['data'] = _('All nets have been imported successfully');
} else {
$summary['general']['status'] = 'warning';
$summary['general']['data'] = _('Some nets could not be imported successfully');
}
Util::disable_perm_triggers($conn, FALSE);
try {
Asset_net::report_changes($conn, 'nets');
} catch (Exception $e) {
error_log($e->getMessage(), 0);
}
} else {
$summary['general']['statistics']['errors'] = count($data);
//CSV file is not empty, but all lines are wrong
if (empty($summary['general']['status'])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Nets could not be imported');
}
}
$db->close();
return $summary;
}
$data['data'] = _('Net removed successfully');
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = _('Error! Net could not be removed');
}
}
break;
case 'remove_icon':
$validate = array('asset_id' => array('validation' => 'OSS_HEX', 'e_message' => 'illegal:' . _('Net ID')));
$net_id = POST('asset_id');
$validation_errors = validate_form_fields('POST', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = _('Error! Net ID not allowed. Icon could not be removed');
} else {
try {
$db = new ossim_db();
$conn = $db->connect();
Asset_net::delete_icon($conn, $net_id);
$db->close();
$data['status'] = 'OK';
$data['data'] = _('Net icon removed successfully');
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = _('Error! Net icon could not be removed');
}
}
break;
}
echo json_encode($data);
exit;
