echo $mode == 'insert' ? _('Inserting hosts from network') : _('Searching hosts from network'); ?> "; parent.$("#ptext").html(n_msg + "<?php echo ' <strong>' . $net['name'] . '</strong>'; ?> "); </script> <?php $cidrs = explode(',', $net['ips']); $net_ctx = $net['ctx']; $query = "SELECT DISTINCT INET6_NTOP(ip_src) AS ip, HEX(ctx) AS ctx, HEX(device.sensor_id) AS sensor_id\n FROM acid_event, device \n WHERE acid_event.device_id = device.id AND acid_event.device_id > 0 \n AND ip_src >= INET6_PTON(?) AND ip_src <= INET6_PTON(?) AND ctx = UNHEX(?) AND src_host is NULL\n UNION\n SELECT DISTINCT INET6_NTOP(ip_dst) AS ip, HEX(ctx) AS ctx, HEX(device.sensor_id) AS sensor_id \n FROM acid_event, device\n WHERE acid_event.device_id = device.id AND acid_event.device_id > 0 \n AND ip_dst >= INET6_PTON(?) AND ip_dst <= INET6_PTON(?) AND ctx = UNHEX(?) AND dst_host is NULL"; foreach ($cidrs as $cidr) { $range = Asset_net::expand_cidr($cidr, 'SHORT', 'IP'); $conn_snort = $db->snort_connect(); $params = array($range[$cidr][0], $range[$cidr][1], $net_ctx, $range[$cidr][0], $range[$cidr][1], $net_ctx); //error_log($cidr."\n".$rs->sql."\n\n", 3, '/tmp/siem_host.txt'); $rs = $conn_snort->Execute($query, $params); if (!$rs) { ?> <script type="text/javascript"> parent.show_error("<?php echo $conn_snort->ErrorMsg(); ?> "); </script> <?php exit;
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'classes/Security.inc'; Session::logcheck('report-menu', 'ReportsReportServer'); $db = new ossim_db(); $conn = $db->connect(); $user = Session::get_session_user(); $inserts = array(); $ips_filter = ''; $ips_filter_tmp = ''; $param['nets'] = get_allowed_nets($conn); if (count($param['nets']) > 0) { $tmp_filter = array(); foreach ($param['nets'] as $net_data) { $e_cidrs = Asset_net::expand_cidr($net_data['ips'], 'SHORT', 'LONG'); foreach ($e_cidrs as $long_ips) { $tmp_filter[] = "((INET_ATON(source) >= " . $long_ips[0] . " AND INET_ATON(source) <= " . $long_ips[1] . ") \n OR (INET_ATON(destination) >= " . $long_ips[0] . " AND INET_ATON(destination) <= " . $long_ips[1] . "))"; } } $ips_filter_tmp = implode(' OR ', $tmp_filter); } if ($ips_filter_tmp != '') { $ips_filter = 'AND ' . $ips_filter_tmp; } //$date_filter = ($year_to!=$year) ? "($year,$year_to)" : "($year)"; // Updated: Date filter disabled. Already filtering by date_from-date_to RANGE each query if (!Session::am_i_admin()) { $srcs = array('0.0.0.0'); $dsts = array('0.0.0.0'); // SSI