function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $environ = SNMP_POLLER)
{
global $config, $banned_snmp_strings;
$snmp_oid_included = true;
$snmp_auth = '';
$snmp_array = array();
$temp_array = array();
/* determine default retries */
if ($retries == 0 || !is_numeric($retries)) {
$retries = read_config_option("snmp_retries");
if ($retries == "") {
$retries = 3;
}
}
/* determine default max_oids */
if ($max_oids == 0 || !is_numeric($max_oids)) {
$max_oids = read_config_option("max_get_size");
if ($max_oids == "") {
$max_oids = 10;
}
}
/* do not attempt to poll invalid combinations */
if ($version == 0 || !is_numeric($version) || !is_numeric($max_oids) || !is_numeric($port) || !is_numeric($retries) || !is_numeric($timeout) || $community == "" && $version != 3) {
return array();
}
$path_snmpbulkwalk = read_config_option("path_snmpbulkwalk");
if (snmp_get_method($version) == SNMP_METHOD_PHP && (!strlen($context) || $version != 3) && ($version == 1 || version_compare(phpversion(), "5.1") >= 0 || !file_exists($path_snmpbulkwalk))) {
/* make sure snmp* is verbose so we can see what types of data
we are getting back */
/* force php to return numeric oid's */
if (function_exists("snmp_set_oid_numeric_print")) {
snmp_set_oid_numeric_print(TRUE);
}
if (function_exists("snmprealwalk")) {
$snmp_oid_included = false;
}
snmp_set_quick_print(0);
if ($version == "1") {
$temp_array = @snmprealwalk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
} elseif ($version == "2") {
$temp_array = @snmp2_real_walk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
} else {
if ($priv_proto == "[None]" || $priv_pass == '') {
$proto = "authNoPriv";
$priv_proto = "";
} else {
$proto = "authPriv";
}
$temp_array = @snmp3_real_walk("{$hostname}:{$port}", "{$username}", $proto, $auth_proto, "{$password}", $priv_proto, "{$priv_pass}", "{$oid}", $timeout * 1000, $retries);
}
if ($temp_array === false) {
cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
}
/* check for bad entries */
if (is_array($temp_array) && sizeof($temp_array)) {
foreach ($temp_array as $key => $value) {
foreach ($banned_snmp_strings as $item) {
if (strstr($value, $item) != "") {
unset($temp_array[$key]);
continue 2;
}
}
}
}
$o = 0;
for (@reset($temp_array); $i = @key($temp_array); next($temp_array)) {
if ($temp_array[$i] != "NULL") {
$snmp_array[$o]["oid"] = preg_replace("/^\\./", "", $i);
$snmp_array[$o]["value"] = format_snmp_string($temp_array[$i], $snmp_oid_included);
}
$o++;
}
} else {
/* ucd/net snmp want the timeout in seconds */
$timeout = ceil($timeout / 1000);
if ($version == "1") {
$snmp_auth = read_config_option("snmp_version") == "ucd-snmp" ? snmp_escape_string($community) : "-c " . snmp_escape_string($community);
/* v1/v2 - community string */
} elseif ($version == "2") {
$snmp_auth = read_config_option("snmp_version") == "ucd-snmp" ? snmp_escape_string($community) : "-c " . snmp_escape_string($community);
/* v1/v2 - community string */
$version = "2c";
/* ucd/net snmp prefers this over '2' */
} elseif ($version == "3") {
if ($priv_proto == "[None]" || $priv_pass == '') {
$proto = "authNoPriv";
$priv_proto = "";
} else {
$proto = "authPriv";
}
if (strlen($priv_pass)) {
$priv_pass = "******" . snmp_escape_string($priv_pass) . " -x " . snmp_escape_string($priv_proto);
} else {
$priv_pass = "";
}
if (strlen($context)) {
$context = "-n " . snmp_escape_string($context);
} else {
$context = "";
}
$snmp_auth = trim("-u " . snmp_escape_string($username) . " -l " . snmp_escape_string($proto) . " -a " . snmp_escape_string($auth_proto) . " -A " . snmp_escape_string($password) . " " . $priv_pass . " " . $context);
/* v3 - username/password */
}
if (read_config_option("snmp_version") == "ucd-snmp") {
/* escape the command to be executed and vulnerable parameters
* numeric parameters are not subject to command injection
* snmp_auth is treated seperately, see above */
$temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option("path_snmpwalk")) . " -v{$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} {$snmp_auth} " . cacti_escapeshellarg($oid));
} else {
if (file_exists($path_snmpbulkwalk) && $version > 1 && $max_oids > 1) {
$temp_array = exec_into_array(cacti_escapeshellcmd($path_snmpbulkwalk) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} -Cr{$max_oids} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
} else {
$temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option("path_snmpwalk")) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
}
}
if (substr_count(implode(" ", $temp_array), "Timeout:")) {
cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
}
/* check for bad entries */
if (is_array($temp_array) && sizeof($temp_array)) {
foreach ($temp_array as $key => $value) {
foreach ($banned_snmp_strings as $item) {
if (strstr($value, $item) != "") {
unset($temp_array[$key]);
continue 2;
}
}
}
}
for ($i = 0; $i < count($temp_array); $i++) {
if ($temp_array[$i] != "NULL") {
$snmp_array[$i]["oid"] = trim(preg_replace("/(.*) =.*/", "\\1", $temp_array[$i]));
$snmp_array[$i]["value"] = format_snmp_string($temp_array[$i], true);
}
}
}
return $snmp_array;
}
function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $method = SNMP_VALUE_LIBRARY, $environ = SNMP_POLLER)
{
global $config, $banned_snmp_strings;
$snmp_oid_included = true;
$snmp_auth = '';
$snmp_array = array();
$temp_array = array();
/* determine default retries */
if ($retries == 0 || !is_numeric($retries)) {
$retries = read_config_option('snmp_retries');
if ($retries == '') {
$retries = 3;
}
}
/* do not attempt to poll invalid combinations */
if ($version == 0 || !is_numeric($version) || !is_numeric($max_oids) || !is_numeric($port) || !is_numeric($retries) || !is_numeric($timeout) || $community == '' && $version != 3) {
return array();
}
$path_snmpbulkwalk = read_config_option('path_snmpbulkwalk');
if (snmp_get_method($version) == SNMP_METHOD_PHP && (!strlen($context) || $version != 3) && ($version == 1 || version_compare(phpversion(), '5.1') >= 0 || !file_exists($path_snmpbulkwalk))) {
/* make sure snmp* is verbose so we can see what types of data
we are getting back */
/* force php to return numeric oid's */
cacti_oid_numeric_format();
snmp_set_quick_print(0);
/* set the output format to numeric */
snmp_set_valueretrieval($method);
if ($version == '1') {
$temp_array = @snmprealwalk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
} elseif ($version == '2') {
$temp_array = @snmp2_real_walk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
} else {
if ($priv_proto == '[None]') {
$proto = 'authNoPriv';
$priv_proto = '';
} else {
$proto = 'authPriv';
}
$temp_array = @snmp3_real_walk("{$hostname}:{$port}", "{$username}", $proto, $auth_proto, "{$password}", $priv_proto, "{$priv_pass}", "{$oid}", $timeout * 1000, $retries);
}
if ($temp_array === false) {
cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
}
/* check for bad entries */
if (is_array($temp_array) && sizeof($temp_array)) {
foreach ($temp_array as $key => $value) {
foreach ($banned_snmp_strings as $item) {
if (strstr($value, $item) != '') {
unset($temp_array[$key]);
continue 2;
}
}
}
$o = 0;
for (reset($temp_array); $i = key($temp_array); next($temp_array)) {
if ($temp_array[$i] != 'NULL') {
$snmp_array[$o]['oid'] = preg_replace('/^\\./', '', $i);
$snmp_array[$o]['value'] = format_snmp_string($temp_array[$i], $snmp_oid_included);
}
$o++;
}
}
} else {
/* ucd/net snmp want the timeout in seconds */
$timeout = ceil($timeout / 1000);
if ($version == '1') {
$snmp_auth = '-c ' . snmp_escape_string($community);
/* v1/v2 - community string */
} elseif ($version == '2') {
$snmp_auth = '-c ' . snmp_escape_string($community);
/* v1/v2 - community string */
$version = '2c';
/* ucd/net snmp prefers this over '2' */
} elseif ($version == '3') {
if ($priv_proto == '[None]') {
$proto = 'authNoPriv';
$priv_proto = '';
} else {
$proto = 'authPriv';
}
if (strlen($priv_pass)) {
$priv_pass = '******' . snmp_escape_string($priv_pass) . ' -x ' . snmp_escape_string($priv_proto);
} else {
$priv_pass = '';
}
if (strlen($context)) {
$context = '-n ' . snmp_escape_string($context);
} else {
$context = '';
}
$snmp_auth = trim('-u ' . snmp_escape_string($username) . ' -l ' . snmp_escape_string($proto) . ' -a ' . snmp_escape_string($auth_proto) . ' -A ' . snmp_escape_string($password) . ' ' . $priv_pass . ' ' . $context);
/* v3 - username/password */
}
if (file_exists($path_snmpbulkwalk) && $version > 1 && $max_oids > 1) {
$temp_array = exec_into_array(cacti_escapeshellcmd($path_snmpbulkwalk) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} -Cr{$max_oids} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
} else {
$temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option('path_snmpwalk')) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
}
if (substr_count(implode(' ', $temp_array), 'Timeout:')) {
cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
}
/* check for bad entries */
if (is_array($temp_array) && sizeof($temp_array)) {
foreach ($temp_array as $key => $value) {
foreach ($banned_snmp_strings as $item) {
if (strstr($value, $item) != '') {
unset($temp_array[$key]);
continue 2;
}
}
}
for ($i = 0; $i < count($temp_array); $i++) {
if ($temp_array[$i] != 'NULL') {
$snmp_array[$i]['oid'] = trim(preg_replace('/(.*) =.*/', "\\1", $temp_array[$i]));
$snmp_array[$i]['value'] = format_snmp_string($temp_array[$i], true);
}
}
}
}
return $snmp_array;
}
function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $environ = SNMP_POLLER) {
global $config, $banned_snmp_strings;
$snmp_oid_included = false;
$snmp_auth = '';
$snmp_array = array();
$temp_array = array();
/* determine default retries */
if (($retries == 0) || (!is_numeric($retries))) {
$retries = read_config_option("snmp_retries");
if ($retries == "") $retries = 3;
}
$path_snmpbulkwalk = read_config_option("path_snmpbulkwalk");
if ((snmp_get_method($version) == SNMP_METHOD_PHP) &&
(!strlen($context) || ($version != 3)) &&
(($version == 1) ||
(version_compare(phpversion(), "5.1") >= 0) ||
(!file_exists($path_snmpbulkwalk)))) {
/* make sure snmp* is verbose so we can see what types of data
we are getting back */
/* force php to return numeric oid's */
if (function_exists("snmp_set_oid_numeric_print")) {
snmp_set_oid_numeric_print(TRUE);
$snmp_oid_included = true;
}
snmp_set_quick_print(0);
if ($version == "1") {
$temp_array = @snmprealwalk("$hostname:$port", "$community", "$oid", ($timeout * 1000), $retries);
}elseif ($version == "2") {
$temp_array = @snmp2_real_walk("$hostname:$port", "$community", "$oid", ($timeout * 1000), $retries);
}else{
if ($priv_proto == "[None]") {
$proto = "authNoPriv";
$priv_proto = "";
}else{
$proto = "authPriv";
}
$temp_array = @snmp3_real_walk("$hostname:$port", "$username", $proto, $auth_proto, "$password", $priv_proto, "$priv_pass", "$oid", ($timeout * 1000), $retries);
}
/* check for bad entries */
if (is_array($temp_array) && sizeof($temp_array)) {
foreach($temp_array as $key => $value) {
foreach($banned_snmp_strings as $item) {
if(strstr($value, $item) != "") {
unset($temp_array[$key]);
continue 2;
}
}
}
}
$o = 0;
for (@reset($temp_array); $i = @key($temp_array); next($temp_array)) {
if ($temp_array[$i] != "NULL") {
$snmp_array[$o]["oid"] = preg_replace("/^\./", "", $i);
$snmp_array[$o]["value"] = format_snmp_string($temp_array[$i], $snmp_oid_included);
}
$o++;
}
}else{
/* ucd/net snmp want the timeout in seconds */
$timeout = ceil($timeout / 1000);
if ($version == "1") {
$snmp_auth = (read_config_option("snmp_version") == "ucd-snmp") ? cacti_escapeshellarg($community): "-c " . cacti_escapeshellarg($community); /* v1/v2 - community string */
}elseif ($version == "2") {
$snmp_auth = (read_config_option("snmp_version") == "ucd-snmp") ? cacti_escapeshellarg($community): "-c " . cacti_escapeshellarg($community); /* v1/v2 - community string */
$version = "2c"; /* ucd/net snmp prefers this over '2' */
}elseif ($version == "3") {
if ($priv_proto == "[None]") {
$proto = "authNoPriv";
$priv_proto = "";
}else{
$proto = "authPriv";
}
if (strlen($priv_pass)) {
$priv_pass = "******" . cacti_escapeshellarg($priv_pass) . " -x " . cacti_escapeshellarg($priv_proto);
}else{
$priv_pass = "";
}
if (strlen($context)) {
$context = "-n " . cacti_escapeshellarg($context);
}else{
$context = "";
}
$snmp_auth = trim("-u " . cacti_escapeshellarg($username) .
" -l " . cacti_escapeshellarg($proto) .
" -a " . cacti_escapeshellarg($auth_proto) .
" -A " . cacti_escapeshellarg($password) .
" " . $priv_pass .
" " . $context); /* v3 - username/password */
}
if (read_config_option("snmp_version") == "ucd-snmp") {
$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -v$version -t $timeout -r $retries $hostname:$port $snmp_auth $oid");
}else {
if (file_exists($path_snmpbulkwalk) && ($version > 1) && ($max_oids > 1)) {
$temp_array = exec_into_array($path_snmpbulkwalk . " -O Qn $snmp_auth -v $version -t $timeout -r $retries -Cr$max_oids $hostname:$port $oid");
}else{
$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O Qn $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
}
}
/* check for bad entries */
if (is_array($temp_array) && sizeof($temp_array)) {
foreach($temp_array as $key => $value) {
foreach($banned_snmp_strings as $item) {
if(strstr($value, $item) != "") {
unset($temp_array[$key]);
continue 2;
}
}
}
}
for ($i=0; $i < count($temp_array); $i++) {
if ($temp_array[$i] != "NULL") {
$snmp_array[$i]["oid"] = trim(preg_replace("/(.*) =.*/", "\\1", $temp_array[$i]));
$snmp_array[$i]["value"] = format_snmp_string($temp_array[$i], true);
}
}
}
return $snmp_array;
}
function rrdtool_function_set_font($type, $no_legend, $themefonts)
{
global $config;
if (read_config_option('font_method') == 0) {
if (read_graph_config_option("custom_fonts") == "on") {
$font = read_graph_config_option($type . "_font");
$size = read_graph_config_option($type . "_size");
} else {
$font = read_config_option($type . "_font");
$size = read_config_option($type . "_size");
}
} elseif (isset($themefonts[$type]['font']) && isset($themefonts[$type]['size'])) {
$font = $themefonts[$type]['font'];
$size = $themefonts[$type]['size'];
} else {
return;
}
if (strlen($font)) {
/* do some simple checks */
if (read_config_option("rrdtool_version") == "rrd-1.2.x") {
# rrdtool 1.2 uses font files
if (!is_file($font)) {
$font = "";
}
} else {
# rrdtool 1.3+ use fontconfig
/* verifying all possible pango font params is too complex to be tested here
* so we only escape the font
*/
$font = cacti_escapeshellarg($font);
}
}
if ($type == "title") {
if (!empty($no_legend)) {
$size = $size * 0.7;
} elseif ($size <= 4 || !is_numeric($size)) {
$size = 12;
}
} else {
if ($size <= 4 || !is_numeric($size)) {
$size = 8;
}
}
return "--font " . strtoupper($type) . ":" . floatval($size) . ":" . $font . RRD_NL;
}
function rrdtool_set_font($type, $no_legend = "")
{
global $config;
if (read_graph_config_option("custom_fonts") == "on") {
$font = read_graph_config_option($type . "_font");
$size = read_graph_config_option($type . "_size");
} else {
$font = read_config_option($type . "_font");
$size = read_config_option($type . "_size");
}
if (strlen($font)) {
/* do some simple checks */
if (read_config_option("rrdtool_version") == "rrd-1.0.x" || read_config_option("rrdtool_version") == "rrd-1.2.x") {
# rrdtool 1.0 and 1.2 use font files
if (!is_file($font)) {
$font = "";
}
} else {
# rrdtool 1.3+ use fontconfig
/* verifying all possible pango font params is too complex to be tested here
* so we only escape the font
*/
$font = cacti_escapeshellarg($font);
}
}
if ($type == "title") {
if (!empty($no_legend)) {
$size = $size * 0.7;
} elseif ($size <= 4 || $size == "") {
$size = 12;
}
} else {
if ($size <= 4 || $size == "") {
$size = 8;
}
}
return "--font " . strtoupper($type) . ":" . $size . ":" . $font . RRD_NL;
}
function export_ftp_ncftpput_execute($stExportDir)
{
global $aFtpExport;
chdir($stExportDir);
/* set the initial command structure */
$stExecute = 'ncftpput -R -V -r 1 -u ' . cacti_escapeshellarg($aFtpExport['username']) . ' -p ' . cacti_escapeshellarg($aFtpExport['password']);
/* if the user requested passive mode, use it */
if ($aFtpExport['passive']) {
$stExecute .= ' -F ';
}
/* setup the port, server, remote directory and all files */
$stExecute .= ' -P ' . cacti_escapeshellarg($aFtpExport['port']) . ' ' . cacti_escapeshellarg($aFtpExport['server']) . ' ' . cacti_escapeshellarg($aFtpExport['remotedir']) . ".";
/* run the command */
$iExecuteReturns = 0;
system($stExecute, $iExecuteReturns);
$aNcftpputStatusCodes = array('Success.', 'Could not connect to remote host.', 'Could not connect to remote host - timed out.', 'Transfer failed.', 'Transfer failed - timed out.', 'Directory change failed.', 'Directory change failed - timed out.', 'Malformed URL.', 'Usage error.', 'Error in login configuration file.', 'Library initialization failed.', 'Session initialization failed.');
export_log('Ncftpput returned: ' . $aNcftpputStatusCodes[$iExecuteReturns]);
}
/** substitute_snmp_query_data - takes a string and substitutes all data query variables contained in it
@param string $string - the original string that contains the data query variables
@param int $device_id - (int) the device ID to match
@param int $snmp_query_id - (int) the data query ID to match
@param int $snmp_index - the data query index to match
@param int $max_chars - the maximum number of characters to substitute
@return string - the original string with all of the variable substitutions made */
function substitute_snmp_query_data($string, $device_id, $snmp_query_id, $snmp_index, $max_chars = 0, $quote=true) {
$snmp_cache_data = db_fetch_assoc("select field_name,field_value from device_snmp_cache where device_id=$device_id and snmp_query_id=$snmp_query_id and snmp_index='$snmp_index'");
if (sizeof($snmp_cache_data) > 0) {
foreach ($snmp_cache_data as $data) {
if ($data["field_value"] != "") {
if ($max_chars > 0) {
$data["field_value"] = substr($data["field_value"], 0, $max_chars);
}
$string = stri_replace("|query_" . $data["field_name"] . "|", cacti_escapeshellarg($data["field_value"], $quote), $string);
}
}
}
return $string;
}
