}
if (!empty($ip_range)) {
$search = 'WHERE inet_aton(ip) >= inet_aton("' . $ip_range[0] . '") and inet_aton(ip) <= inet_aton("' . $ip_range[1] . '")';
} elseif (!empty($by_ip)) {
$search = "WHERE ip like '%{$search}%'";
} elseif (!empty($search) && !empty($field)) {
$search = "WHERE {$field} like '%{$search}%'";
} elseif (!empty($search)) {
$search = "WHERE ip like '%{$search}%' OR hostname like '%{$search}%'";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$db = new ossim_db();
$conn = $db->connect();
$xml = "";
$host_list = Host::get_list($conn, "{$search}", "ORDER BY {$order} {$limit}");
if ($host_list[0]) {
$total = $host_list[0]->get_foundrows();
if ($total == 0) {
$total = count($host_list);
}
} else {
$total = 0;
}
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($host_list as $host) {
$ip = $host->get_ip();
$xml .= "<row id='{$ip}'>";
$name = "<a href=\"../report/index.php?host={$ip}\">" . $host->get_hostname() . "</a>";
if ($_REQUEST["insert_response"]) {
/* insert response-action policy */
Response::insert($conn, $_SESSION["_response_descr"], $_SESSION["_response_source_net"], $_SESSION["_response_source_host"], $_SESSION["_response_dest_net"], $_SESSION["_response_dest_host"], $_SESSION["_response_sensor"], $_SESSION["_response_source_port"], $_SESSION["_response_dest_port"], $_SESSION["_response_plugin"], $_SESSION["_response_action"]);
/* clean session variables */
foreach ($RESPONSE_OBJECTS as $object) {
unset($_SESSION["_response_" . $object]);
}
unset($_SESSION["_response_descr"]);
echo '<p align="center">Response-Action policy inserted<br/>
<a href="response.php">Back</a></p>';
print '</body></html>';
exit;
}
/* hosts */
require_once 'classes/Host.inc';
$host_list = Host::get_list($conn);
$hosts[] = array("value" => ANY, "name" => "ANY");
foreach ($host_list as $h) {
$hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")");
}
/* nets */
require_once 'classes/Net.inc';
$net_list = Net::get_list($conn);
$nets[] = array("value" => ANY, "name" => "ANY");
foreach ($net_list as $n) {
$nets[] = array("value" => $n->get_name(), "name" => $n->get_name());
}
/* sensors */
require_once 'classes/Sensor.inc';
$sensor_list = Sensor::get_list($conn);
$sensors[] = array("value" => ANY, "name" => "ANY");
}
if ($i > $to) {
$html .= "{ key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/host_group.png', title:'" . _("next") . " {$maxresults} " . _("hosts") . "' },";
}
if ($html != "") {
$buffer .= preg_replace("/,\$/", "", $html);
}
$buffer .= "]";
if ($buffer == "" || $buffer == "[]") {
echo "[{title:'" . _("No Hosts Found") . "', noLink:true}]";
} else {
echo $buffer;
}
} else {
if (preg_match("/host_(.*)/", $key, $found)) {
$host_data = Host::get_list($conn, "where ip='" . $found[1] . "'");
$hname = $host_data[0]->get_hostname();
if ($hname != $found[1]) {
$fqdns[] = $hname;
}
$all_fqdn = explode(",", $host_data[0]->get_fqdns());
foreach ($all_fqdn as $fqdn) {
$fqdn = trim($fqdn);
if ($fqdn != "") {
$fqdns[] = $fqdn;
}
}
$buffer = "[";
$name = "";
if ($found[1] != $hname) {
$ip = $found[1];
<tr><td class="nobborder" style="text-align:center"><?php
echo _("All host filtered. No results found.");
?>
</td></tr>
<tr>
<td class="nobborder" style="padding-top:10px;text-align:center">
<input type="button" value="Back" onclick="document.location.href='<?php
echo GET('userfriendly') ? "userfriendly.php" : "inventory_search.php";
?>
'" class="button"/>
</td>
</tr>
</table>
<?php
} elseif (!$errors) {
$hosts = Host::get_list($conn);
$_SESSION['inventory_search']['result']['list'] = array();
$host_objects = array();
foreach ($hosts as $host_obj) {
$host_objects[$host_obj->get_ip()] = $host_obj;
}
foreach ($host_list as $ip) {
if ($host_objects[$ip] != "") {
$_SESSION['inventory_search']['result']['list'][] = $host_objects[$ip];
} else {
$obj = new Host($ip, $ip, 0, 0, 0, "", 0, 0, null, "", 0, 0, 0);
$_SESSION['inventory_search']['result']['list'][] = $obj;
}
}
$total = count($_SESSION['inventory_search']['result']['list']);
$last_page = floor(($total - 1) / $max_rows) + 1;
print _("You don't have permissions to view the risk maps reports");
exit;
}
$db = new ossim_db();
$conn = $db->connect();
$type = $_GET["type"];
$default = $_GET["default"];
$id = $_GET["id"];
ossim_valid($type, OSS_ALPHA, OSS_SCORE, 'illegal:' . _("type"));
ossim_valid($id, OSS_DIGIT, OSS_ALPHA, OSS_PUNC, OSS_SPACE, ".", 'illegal:' . _("id"));
if (ossim_error()) {
die(ossim_error());
}
switch ($type) {
case "host":
$host = Host::get_list($conn, " where ip='" . $id . "' or hostname='" . $id . "'");
$id = $host[0]->ip;
$hostname = $host[0]->hostname;
echo "<h1 align=\"center\">" . gettext("Report") . " " . gettext("for") . " {$type} {$id} </h1>";
?>
<center>
[
<a href="/ossim/control_panel/alarm_console.php?hide_search=1&date_from=&date_to=&src_ip=<?php
echo $id;
?>
&dst_ip=<?php
echo $id;
?>
&num_alarms_page=10&hide_closed=1" target="_report"> <?php
echo gettext("Alarms");
$groups[$group]['max_a_date'] = $score['max_a_date'];
}
}
// If there is no threshold specified for a network, pick the group threshold
// Changed: get networks by AJAX
$net_threshold_a = $rs->fields['net_threshold_a'] ? $rs->fields['net_threshold_a'] : $group_threshold_a;
$net_threshold_c = $rs->fields['net_threshold_c'] ? $rs->fields['net_threshold_c'] : $group_threshold_c;
$groups[$group]['nets'][$net] = array('name' => $net, 'threshold_a' => $net_threshold_a, 'threshold_c' => $net_threshold_c, 'max_a' => $score['max_a'], 'max_c' => $score['max_c'], 'max_a_date' => $score['max_a_date'], 'max_c_date' => $score['max_c_date'], 'address' => $rs->fields['net_address'], 'current_a' => $net_current_a, 'current_c' => $net_current_c, 'has_perms' => $has_perms, 'group' => $group);
$rs->MoveNext();
}
////////////////////////////////////////////////////////////////
// Hosts
////////////////////////////////////////////////////////////////
$host_where = "";
if ($allowed_sensors != "" || $allowed_nets != "") {
$hosts_aux = Host::get_list($conn);
$hosts = "";
foreach ($hosts_aux as $host) {
$hosts .= $hosts != "" ? ",'" . $host->get_ip() . "'" : "'" . $host->get_ip() . "'";
}
if ($hosts != "") {
$host_where = " AND control_panel.id in ({$hosts})";
}
}
$sql = "SELECT\r\n control_panel.id,\r\n control_panel.max_c,\r\n control_panel.max_a,\r\n control_panel.max_c_date,\r\n control_panel.max_a_date,\r\n host.threshold_a,\r\n host.threshold_c,\r\n host.hostname\r\n FROM\r\n control_panel\r\n LEFT JOIN host ON control_panel.id = host.ip\r\n WHERE\r\n control_panel.time_range = ? AND\r\n control_panel.rrd_type = 'host'{$host_where}";
$params = array($range);
if (!($rs =& $conn->Execute($sql, $params))) {
die($conn->ErrorMsg());
}
$hosts = $ext_hosts = array();
$global_a = $global_c = 0;
if ($key == "net") {
echo Net::draw_nets_by_class($conn, $key, $filter, $length_name);
} else {
if (preg_match("/^.class_(.*)/", $key, $found)) {
echo Net::draw_nets_by_class($conn, $key, $filter, $length_name);
} else {
if (preg_match("/net_(.*)/", $key, $found)) {
$hostin = array();
if ($net_list1 = Net::get_list($conn, "name='" . base64_decode($found[1]) . "'")) {
require_once "classes/CIDR.inc";
foreach ($net_list1 as $net) {
$net_name = $net->get_name();
$nets_ips = explode(",", $net->get_ips());
foreach ($nets_ips as $net_ips) {
$net_range = CIDR::expand_CIDR($net_ips, "SHORT", "IP");
$host_list_aux = Host::get_list($conn, "WHERE inet_aton(ip)>=inet_aton('" . $net_range[0] . "') && inet_aton(ip)<=inet_aton('" . $net_range[1] . "')", "ORDER BY ip");
foreach ($host_list_aux as $h) {
$hostin[$h->get_ip()] = $h->get_hostname();
}
}
}
}
$k = 0;
$html = "";
$buffer .= "[";
foreach ($hostin as $ip => $host_name) {
if ($k >= $from && $k < $to) {
$host_key = utf8_encode($key . $k);
$hname = $host_name == $ip ? "" : $host_name;
$aux_hname = strlen($hname) > $length_name ? substr($hname, 0, $length_name) . "..." : $hname;
$title = $hname == '' ? $ip : "{$ip} <font style=\"font-size:80%\">(" . Util::htmlentities($aux_hname) . ")</font>";
$maxresults = 200;
$to = $page * $maxresults;
$from = $to - $maxresults;
$nextpage = $page + 1;
$cachefile = "/var/ossim/sessions/" . $_SESSION["_user"] . "_hostgroup_" . base64_encode($key . $filter) . "_{$page}.json";
if (file_exists($cachefile)) {
readfile($cachefile);
exit;
}
$buffer = "";
$db = new ossim_db();
$conn = $db->connect();
$ossim_hosts = $all_hosts = $filterhosts = array();
$total_hosts = 0;
$ossim_nets = array();
if ($host_list = Host::get_list($conn, "", "ORDER BY hostname")) {
foreach ($host_list as $host) {
$hname = Util::utf8entities($host->get_hostname());
if ($filter == "" || $filter != "" && (preg_match("/{$filter}/i", $host->get_ip()) || preg_match("/{$filter}/i", $hname))) {
$hip = $host->get_ip();
$ossim_hosts[$hip] = trim($hname) != "" ? $hname : $hip;
$cclas = preg_replace("/(\\d+\\.)(\\d+\\.)(\\d+)\\.\\d+/", "\\1\\2\\3", $hip);
$all_hosts[$cclas][] = $hip;
$total_hosts++;
}
}
}
uasort($all_hosts, 'cmpf');
if ($key == "os") {
if ($hg_list = Host_os::get_os_list($conn, $ossim_hosts, $filter)) {
$j = 0;
function draw_members_select($form_data)
{
global $conn, $id;
$resp = new xajaxResponse();
$type = $form_data['member_type'];
// The user selected the empty type
if (!$type) {
$resp->AddAssign("members_select", "innerHTML", _("Please select a type"));
return $resp;
}
//
// Get the list of members of the given type
//
$options = array();
switch ($type) {
case 'host':
include_once 'classes/Host.inc';
$list = Host::get_list($conn, "", 'ORDER BY hostname');
print_r($list);
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr;
}
break;
case 'net':
include_once 'classes/Net.inc';
$list = Net::get_list($conn, "", 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr;
}
break;
case 'host_group':
include_once 'classes/Host_group.inc';
$list = Host_group::get_list($conn, "", 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
}
break;
case 'net_group':
include_once 'classes/Net_group.inc';
$list = Net_group::get_list($conn, '', 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
}
break;
}
//
// Build the SELECT tag
//
$html = '<select name="member_name">';
foreach ($options as $name => $description) {
$html .= "<option value='{$name}'>{$description}</option>";
}
$html .= '</select>';
$resp->AddAssign("members_select", "innerHTML", $html);
return $resp;
}
die(ossim_error());
}
$db = new ossim_db();
$conn = $db->connect();
$credential_type = Host::get_credentials_type($conn);
if (isset($_SESSION['_credentials'])) {
$hostname = $_SESSION['_credentials']['hostname'];
$ip = $_SESSION['_credentials']['ip'];
$type = $_SESSION['_credentials']['type'];
$user_ct = $_SESSION['_credentials']['user_ct'];
$pass_ct = $_SESSION['_credentials']['pass_ct'];
$pass_ct2 = $_SESSION['_credentials']['pass_ct2'];
$extra = $_SESSION['_credentials']['extra'];
unset($_SESSION['_credentials']);
} else {
if ($host_list = Host::get_list($conn, "WHERE ip = '{$ip}'")) {
$host = $host_list[0];
}
if (!empty($host)) {
$hostname = $host->get_hostname();
$ip = $host->get_ip();
$credentials = array();
$credentials = Host::get_credentials_ip($conn, $ip);
if ($action == "edit") {
$credentials_id = Host::get_credentials_id($conn, $id);
$type = $credentials_id['type'];
$user_ct = $credentials_id['username'];
$pass_ct = $pass_ct2 = Util::fake_pass($credentials_id['password']);
$extra = $credentials_id['extra'];
}
}
function getHostList()
{
global $conn;
if ($host_list = Host::get_list($conn, '', '')) {
return $host_list;
}
return "";
}
return "white";
} else {
return "black";
}
}
$framework_conf = $GLOBALS["CONF"];
$graph_link = $framework_conf->get_conf("graph_link");
$image1 = "{$graph_link}?ip={$host}&what=compromise&start=N-24h&end=N&type=host&zoom=1";
$image2 = "{$graph_link}?ip={$host}&what=compromise&start=N-7D&end=N&type=host&zoom=1";
$image3 = "{$graph_link}?ip={$host}&what=compromise&start=N-1M&end=N&type=host&zoom=1";
$image4 = "{$graph_link}?ip={$host}&what=compromise&start=N-1Y&end=N&type=host&zoom=1";
/* connect to db */
$db = new ossim_db();
$conn = $db->connect();
/* get thresholds */
if ($list = Host::get_list($conn, "WHERE ip = '{$host}'")) {
$threshold_c = $list[0]->get_threshold_c();
$threshold_a = $list[0]->get_threshold_a();
} else {
$threshold_c = $threshold_a = $framework_conf->get_conf("threshold");
}
/* max C */
$list = Control_panel_host::get_list($conn, "WHERE id = '{$host}' ORDER BY time_range", 3);
if (isset($list[0])) {
$max_c["day"] = $list[0]->get_max_c();
$max_c_date["day"] = $list[0]->get_max_c_date();
}
if (isset($list[1])) {
$max_c["month"] = $list[1]->get_max_c();
$max_c_date["month"] = $list[1]->get_max_c_date();
}
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table>
<tr>
<td width="70%" valign="top">
<table>
<?php
$exp = CIDR::expand_CIDR($host, "SHORT", "IP");
$host_s_range = $exp[0];
$host_e_range = end($exp);
$host_list = Host::get_list($conn, "WHERE INET_ATON(ip) >= INET_ATON('{$host_s_range}') AND INET_ATON(ip) <= INET_ATON('{$host_e_range}')");
if (count($host_list) > 0) {
?>
<tr><td class="headerpr" height="20"><?php
echo gettext("Hosts");
?>
</td></tr>
<tr>
<td>
<div style="height:100px;overflow:auto">
<table>
<tr>
<th> <?php
echo gettext("Name");
?>
</th>
