$ntop_links = Sensor::get_ntop_link($sensor);
$ntop_link = $ntop_links["ntop"];
$ntop_link = preg_replace("/\\/\$/", "", $ntop_link);
?>
<a href="<?php
echo $ntop_link;
?>
/NetNetstat.html"
target="ntop">
<?php
echo gettext("Reload");
?>
</a>
<?php
} else {
if ($net_list = Net::get_list($conn, "name = '{$sensor}'")) {
$net_ips = $net_list[0]->get_ips();
}
?>
<a href="<?php
echo "net_session.php?net={$net_ips}";
?>
"
target="ntop">
<?php
echo gettext("Reload");
?>
</a>
<?php
}
$db->close($conn);
} else {
echo $buffer;
}
} else {
if ($key == "net") {
$buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1);
echo $buffer;
} else {
if (preg_match("/^.class_(.*)/", $key, $found)) {
$buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1);
echo $buffer;
} else {
if (preg_match("/net_(.*)/", $key, $found)) {
$hostin = array();
$length_hn = $length_name + 5;
if ($net_list1 = Net::get_list($conn, "name='" . base64_decode($found[1]) . "'")) {
require_once "classes/CIDR.inc";
foreach ($net_list1 as $net) {
$net_name = $net->get_name();
$nets_ips = explode(",", $net->get_ips());
foreach ($nets_ips as $net_ips) {
$net_range = CIDR::expand_CIDR($net_ips, "SHORT", "IP");
$host_list_aux = Host::get_list($conn, "WHERE inet_aton(ip)>=inet_aton('" . $net_range[0] . "') && inet_aton(ip)<=inet_aton('" . $net_range[1] . "')", "ORDER BY ip");
foreach ($host_list_aux as $h) {
$hostin[$h->get_ip()] = $h->get_hostname();
}
}
}
}
$k = 0;
$net_name = base64_decode($found[1]);
unset($_SESSION["_response_descr"]);
echo '<p align="center">Response-Action policy inserted<br/>
<a href="response.php">Back</a></p>';
print '</body></html>';
exit;
}
/* hosts */
require_once 'classes/Host.inc';
$host_list = Host::get_list($conn);
$hosts[] = array("value" => ANY, "name" => "ANY");
foreach ($host_list as $h) {
$hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")");
}
/* nets */
require_once 'classes/Net.inc';
$net_list = Net::get_list($conn);
$nets[] = array("value" => ANY, "name" => "ANY");
foreach ($net_list as $n) {
$nets[] = array("value" => $n->get_name(), "name" => $n->get_name());
}
/* sensors */
require_once 'classes/Sensor.inc';
$sensor_list = Sensor::get_list($conn);
$sensors[] = array("value" => ANY, "name" => "ANY");
foreach ($sensor_list as $s) {
$sensors[] = array("value" => $s->get_ip(), "name" => $s->get_name() . " (" . $s->get_ip() . ")");
}
/* ports */
require_once 'classes/Port_group.inc';
$port_list = Port_group::get_list($conn);
$ports[] = array("value" => ANY, "name" => "ANY");
$buffer .= ($j > $from ? "," : "") . "{ {$li} }\n";
}
$j++;
}
if ($j > $to) {
$li = "key:'host_group', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/host_group.png', title:'" . _("next") . " {$maxresults} " . _("host group") . "'";
$buffer .= ",{ {$li} }\n";
}
$buffer .= "]";
}
if ($buffer == "[]" || $buffer == "") {
$buffer = "[{title:'" . _("No Host Groups Found") . "', noLink:true}]";
}
} elseif ($key == "nets") {
$wherenet = $filter != "" ? "ips like '%{$filter}%'" : "";
if ($net_list = Net::get_list($conn, $wherenet)) {
$buffer .= "[";
$j = 0;
foreach ($net_list as $net) {
if ($j >= $from && $j < $to) {
$net_name = $net->get_name();
$net_title = Util::htmlentities(utf8_encode($net_name));
$net_key = utf8_encode("NET:" . $net_name);
$ips_data = $net->get_ips();
$ips = "<font style=\"font-size:80%\">(" . $ips_data . ")</font>";
$title = strlen($net_name) > $length_name ? substr($net_name, 0, $length_name) . "..." : $net_name;
$title = Util::htmlentities(utf8_encode($title)) . " " . $ips;
$tooltip = $net_title . " (" . $ips_data . ")";
$li = "key:'{$net_key}', asset_data:'{$ips_data}', icon:'../../pixmaps/theme/net.png', title:'{$title}', tooltip:'{$tooltip}'\n";
$buffer .= ($j > $from ? "," : "") . "{ {$li} }\n";
}
$net_qualification_cache = get_net_qualification($conn);
////////////////////////////////////////////////////////////////
// Network Groups
////////////////////////////////////////////////////////////////
// If allowed_nets === null, then permit all
$allowed_nets = Session::allowedNets($user);
if ($allowed_nets) {
$allowed_nets = explode(',', $allowed_nets);
}
$allowed_sensors = Session::allowedSensors($user);
if ($allowed_sensors) {
$allowed_sensors = explode(',', $allowed_sensors);
}
$net_where = "";
if ($allowed_sensors != "" || $allowed_nets != "") {
$nets_aux = Net::get_list($conn);
$networks_str = "";
foreach ($nets_aux as $net) {
$networks_str .= $networks_str != "" ? ",'" . $net->get_name() . "'" : "'" . $net->get_name() . "'";
}
if ($networks_str != "") {
$net_where = " AND net.name in ({$networks_str})";
}
}
//$net_limit = " LIMIT $from,$max";
// We can't join the control_panel table, because new ossim installations
// holds no data there
$sql = "SELECT\r\n net_group.name as group_name,\r\n net_group.threshold_c as group_threshold_c,\r\n net_group.threshold_a as group_threshold_a,\r\n net.name as net_name,\r\n net.threshold_c as net_threshold_c,\r\n net.threshold_a as net_threshold_a,\r\n net.ips as net_address\r\n FROM\r\n net_group,\r\n net,\r\n net_group_reference\r\n WHERE\r\n net_group_reference.net_name = net.name AND\r\n net_group_reference.net_group_name = net_group.name AND net_group.name = \"{$group_name}\"{$net_where}";
if (!($rs =& $conn->Execute($sql))) {
die($conn->ErrorMsg());
}
<th>
<label for='mboxs1'><?php
echo gettext("Networks");
?>
</label><br/>
<span><a href="newnetform.php"> <?php
echo gettext("Insert new network");
?>
?</a></span>
</th>
<td class="left nobborder">
<select style="width:250px;height:90%" multiple="multiple" size="19" class="req_field" name="nets[]" id="nets">
<?php
/* ===== Networks ==== */
if ($network_list = Net::get_list($conn)) {
foreach ($network_list as $network) {
$net_name = $network->get_name();
$net_ips = $network->get_ips();
if (in_array($net_name, $networks)) {
echo "<option value='{$net_name}'>{$net_name} ({$net_ips})</option>";
}
}
}
?>
</select>
<span style="padding-left: 3px; vertical-align: top;">*</span>
<div id='del_selected'><input type="button" value=" [X] " onclick="deletefrom('nets')" class="lbutton"/></div>
</td>
</tr>
function draw_members_select($form_data)
{
global $conn, $id;
$resp = new xajaxResponse();
$type = $form_data['member_type'];
// The user selected the empty type
if (!$type) {
$resp->AddAssign("members_select", "innerHTML", _("Please select a type"));
return $resp;
}
//
// Get the list of members of the given type
//
$options = array();
switch ($type) {
case 'host':
include_once 'classes/Host.inc';
$list = Host::get_list($conn, "", 'ORDER BY hostname');
print_r($list);
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr;
}
break;
case 'net':
include_once 'classes/Net.inc';
$list = Net::get_list($conn, "", 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr;
}
break;
case 'host_group':
include_once 'classes/Host_group.inc';
$list = Host_group::get_list($conn, "", 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
}
break;
case 'net_group':
include_once 'classes/Net_group.inc';
$list = Net_group::get_list($conn, '', 'ORDER BY name');
foreach ($list as $obj) {
$descr = $obj->get_descr();
if (strlen($descr) > 50) {
$descr = substr($descr, 0, 47) . '...';
}
$options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
}
break;
}
//
// Build the SELECT tag
//
$html = '<select name="member_name">';
foreach ($options as $name => $description) {
$html .= "<option value='{$name}'>{$description}</option>";
}
$html .= '</select>';
$resp->AddAssign("members_select", "innerHTML", $html);
return $resp;
}
$host = Host::hostname2ip($conn, $hostname);
}
if ($host == "" && GET('netname') != "") {
$aux_list = Net::get_list($conn, "name='" . GET('netname') . "'");
$host = preg_replace("/,.*/", "", $aux_list[0]->get_ips());
}
$hostname = "Host";
$_SESSION['host_report'] = $host;
$network = 0;
if (preg_match("/\\/\\d+/", $host)) {
$network = 1;
}
if ($network) {
require_once 'classes/Net.inc';
require_once 'classes/Net_scan.inc';
$netaux = Net::get_list($conn, "name='" . Net::get_name_by_ip($conn, $host) . "'");
$net = $netaux[0];
$notfound = 0;
if (count($netaux) < 1) {
$notfound = 1;
}
if (!$greybox) {
if (!$notfound) {
$name = $net->get_name();
}
}
if ($name == $host) {
$title = "Network Report: {$host}";
} else {
$title = "Network Report: {$name}({$host})";
}
$buffer .= ($j > $from ? "," : "") . "{ {$li} },{ {$li_not} }\n";
}
$j++;
}
if ($j > $to) {
$li = "key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/net.png', title:'" . _("next") . " {$maxresults} " . _("nets") . "'";
$buffer .= ",{ {$li} }\n";
}
$buffer .= "]";
}
} else {
if (preg_match("/net_(.*)/", $key, $found)) {
$hostin = array();
$negated = preg_match("/^\\!/", $found[1]) ? true : false;
$aux_name = str_replace("!", "", $found[1]);
if ($net_list1 = Net::get_list($conn, "name='" . base64_decode($aux_name) . "'")) {
require_once "classes/CIDR.inc";
foreach ($net_list1 as $net) {
$net_name = $net->get_name();
$nets_ips = explode(",", $net->get_ips());
foreach ($nets_ips as $net_ips) {
$net_range = CIDR::expand_CIDR($net_ips, "SHORT", "IP");
$host_list_aux = Host::get_list($conn, "WHERE inet_aton(ip)>=inet_aton('" . $net_range[0] . "') && inet_aton(ip)<=inet_aton('" . $net_range[1] . "')");
foreach ($host_list_aux as $h) {
$hostin[$h->get_ip()] = $h->get_hostname();
}
}
/*
foreach($ossim_hosts as $ip => $hname) if ($net->isIpInNet($ip, $net_ips)) {
$hostin[$ip] = $hname;
}
$db = new ossim_db();
$conn = $db->connect();
/*
if ($copy_panels == 1) {
User_config::copy_panel($conn, "admin", $user);
}
*/
$nets = "";
$nets_selected = POST("nets");
if (is_array($nets_selected)) {
foreach ($nets_selected as $index => $net_name) {
ossim_valid($net_name, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("net{$i}"));
if (ossim_error()) {
die(ossim_error());
}
if ($net_list_aux = Net::get_list($conn, "name = '{$net_name}'")) {
foreach ($net_list_aux as $net) {
if ($nets == "") {
$nets = $net->get_ips();
} else {
$nets .= "," . $net->get_ips();
}
}
}
}
}
$sensors = "";
for ($i = 0; $i < $nsensors; $i++) {
ossim_valid(POST("sensor{$i}"), OSS_LETTER, OSS_DIGIT, OSS_DOT, OSS_NULLABLE, 'illegal:' . _("sensor{$i}"));
if (ossim_error()) {
die(ossim_error());
Net::enable_plugin($conn, $net_name, 2007);
} elseif ($nagios_action = "disable") {
Net::disable_plugin($conn, $net_name, 2007);
}
}
if (empty($order)) {
$order = "name";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$where = "";
if (!empty($search) && !empty($field)) {
$where = "name LIKE '%{$search}%'";
}
$xml = "";
$net_list = Net::get_list($conn, $where, "ORDER BY {$order} {$limit}");
if ($net_list[0]) {
$total = $net_list[0]->get_foundrows();
if ($total == 0) {
$total = count($net_list);
}
} else {
$total = 0;
}
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($net_list as $net) {
$name = $net->get_name();
$xml .= "<row id='" . htmlspecialchars(utf8_encode($name)) . "'>";
$link_modify = $net->get_imgtag() . " <a style='font-weight:bold;' href=\"./newnetform.php?name=" . urlencode($name) . "\">" . Util::htmlentities($name) . "</a>";
echo gettext("Insert new net");
?>
?</a>
</font><br/>
<font size="-2">
<a href="../host/newhostform.php"> <?php
echo gettext("Insert new host");
?>
?</a>
</font><br/>
</th>
<td class="left">
<?php
/* ===== dest nets =====*/
$j = 1;
if ($net_list = Net::get_list($conn, "", "ORDER BY name")) {
foreach ($net_list as $net) {
$net_name = $net->get_name();
if ($j == 1) {
?>
<input type="hidden" name="<?php
echo "destngrps";
?>
"
value="<?php
echo count($net_list);
?>
">
<?php
}
$name = "destmboxg" . $j;
function getNetList()
{
global $conn;
if ($net_list = Net::get_list($conn, '', '')) {
return $net_list;
}
return "";
}
$nets = array();
if ($filter != "") {
if (preg_match("/\\d+\\./", $filter)) {
$condition = "ips LIKE '" . $filter . "%'";
} else {
$condition = "name LIKE '%" . $filter . "%'";
}
if ($key != "") {
$condition = " AND " . $condition;
}
}
if ($key == "") {
$all_nets = Net::get_list($conn, $condition, "", array_keys($current_entity_perms['sensors']));
} else {
preg_match("/.class_(.*)/", $key, $found);
$all_nets = Net::get_list($conn, "(ips LIKE '" . $found[1] . ".%' OR ips LIKE '%," . $found[1] . ".%')" . $condition, "", array_keys($current_entity_perms['sensors']));
}
foreach ($all_nets as $net) {
if ($entity > 0 && $current_entity_perms['assets'][$net->get_ips()] || empty($current_entity_perms['assets']) || $entity == 0) {
$cidrs = trim($net->get_ips());
$acidrs = explode(",", $cidrs);
foreach ($acidrs as $cidr) {
$data = explode(".", $cidr);
if ($cclasses[$data[0] . "." . $data[1] . "." . $data[2]] != 1) {
$cclasses[$data[0] . "." . $data[1] . "." . $data[2]] = 1;
}
if ($cclasses[$data[0] . "." . $data[1]] != 1) {
$bclasses[$data[0] . "." . $data[1]] = 1;
}
if ($cclasses[$data[0]] != 1) {
$aclasses[$data[0]] = 1;
function print_indicators($map, $print_inputs = false, $linked = 1)
{
require_once 'classes/Host.inc';
require_once 'classes/Net.inc';
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn = $db->connect();
list($sensors_aux, $hosts_aux) = Host::get_ips_and_hostname($conn, true);
$all_nets = Net::get_list($conn);
$hosts = array_flip($hosts_aux);
$sensors = array_flip($sensors_aux);
$nets = array();
foreach ($all_nets as $k => $v) {
$nets[$v->get_name()] = $v->get_name();
}
$query = "SELECT * FROM risk_indicators WHERE name <> 'rect' AND map= ?";
$params = array($map);
if (!($rs =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
while (!$rs->EOF) {
if (Session::am_i_admin()) {
$has_perm = 1;
} else {
$has_perm = indicatorAllowed($conn, $rs->fields['type'], $rs->fields['type_name'], $hosts, $sensors, $nets);
}
if ($has_perm) {
$id = $rs->fields["id"];
if ($print_inputs) {
$name = mb_detect_encoding($rs->fields["name"] . " ", 'UTF-8,ISO-8859-1') == 'UTF-8' ? $rs->fields["name"] : mb_convert_encoding($rs->fields["name"], 'UTF-8', 'ISO-8859-1');
$type = $rs->fields["type"];
$type_name = mb_detect_encoding($rs->fields["type_name"] . " ", 'UTF-8,ISO-8859-1') == 'UTF-8' ? $rs->fields["type_name"] : mb_convert_encoding($rs->fields["type_name"], 'UTF-8', 'ISO-8859-1');
$url = $rs->fields["url"];
$size = $rs->fields["size"];
$icon = preg_replace("/\\#.*/", "", $rs->fields["icon"]);
$val = preg_match("/\\#(.+)/", $rs->fields["icon"], $found) ? $found[1] : "";
echo "<input type='hidden' name='dataname" . $id . "' id='dataname" . $id . "' value='" . $name . "'/>\n";
echo "<input type='hidden' name='datatype" . $id . "' id='datatype" . $id . "' value='" . $type . "'/>\n";
echo "<input type='hidden' name='type_name" . $id . "' id='type_name" . $id . "' value='" . $type_name . "'/>\n";
echo "<input type='hidden' name='dataurl" . $id . "' id='dataurl" . $id . "' value='" . $url . "'/>\n";
echo "<input type='hidden' name='dataicon" . $id . "' id='dataicon" . $id . "' value='" . $icon . "'/>\n";
echo "<input type='hidden' name='dataiconsize" . $id . "' id='dataiconsize" . $id . "' value='" . $size . "'/>\n";
echo "<input type='hidden' name='dataiconbg" . $id . "' id='dataiconbg" . $id . "' value='" . $val . "'/>\n";
}
$style = "z-index:10;\r\n\t\t\t\t\t\t border:1px solid transparent;\r\n\t\t\t\t\t\t cursor:pointer;\r\n\t\t\t\t\t\t background:url(../pixmaps/1x1.png);\r\n\t\t\t\t\t\t visibility:hidden;\r\n\t\t\t\t\t\t position:absolute;\r\n\t\t\t\t\t\t left:" . $rs->fields["x"] . "px;\r\n\t\t\t\t\t\t top:" . $rs->fields["y"] . "px;\r\n\t\t\t\t\t\t height:" . $rs->fields["h"] . "px;\r\n\t\t\t\t\t\t width:" . $rs->fields["w"] . "px;\r\n\t\t\t\t";
?>
<div id="indicator<?php
echo $id;
?>
" class="itcanbemoved" style="<?php
echo $style;
?>
">
<?php
print_indicator_content($conn, $rs, $linked);
?>
</div>
<?php
}
$rs->MoveNext();
}
}
$query = "SELECT * FROM risk_indicators WHERE name='rect' AND map = ?";
$params = array($map);
if (!($rs =& $conn->Execute($query, $params))) {
print $conn->ErrorMsg();
} else {
while (!$rs->EOF) {
$has_perm = 0;
if (Session::am_i_admin()) {
$has_perm = 1;
} else {
if ($type == "host") {
$has_perm = !empty($hosts[$type_name]) ? 1 : 0;
} elseif ($type == "sensor" || $type == "server") {
$has_perm = !empty($sensors[$type_name]) ? 1 : 0;
} elseif ($type == "net") {
$has_perm = !empty($nets[$type_name]) ? 1 : 0;
} elseif ($type == "host_group") {
if (Session::groupHostAllowed($conn, $type_name)) {
$has_perm = 1;
}
} else {
$has_perm = 1;
}
}
if ($has_perm) {
$id = $rs->fields["id"];
if ($print_inputs) {
$name = $rs->fields["name"];
$url = $rs->fields["url"];
echo "<input type='hidden' name='dataname" . $id . "' id='dataname" . $id . "' value='" . $name . "'/>\n";
echo "<input type='hidden' name='dataurl" . $id . "' id='dataurl" . $id . "' value='" . $url . "'/>\n";
}
$style = "border:1px solid transparent;\r\n\t\t\t\t\t\t cursor:pointer;\r\n\t\t\t\t\t\t background:url(../pixmaps/1x1.png);\r\n\t\t\t\t\t\t visibility:hidden;\r\n\t\t\t\t\t\t position:absolute;\r\n\t\t\t\t\t\t left:" . $rs->fields["x"] . "px;\r\n\t\t\t\t\t\t top:" . $rs->fields["y"] . "px;\r\n\t\t\t\t\t\t height:" . $rs->fields["h"] . "px;\r\n\t\t\t\t\t\t width:" . $rs->fields["w"] . "px;\r\n\t\t\t\t";
?>
<div id="rect<?php
echo $id;
?>
" class="itcanbemoved" style="<?php
echo $style;
?>
">
<?php
print_rectangle_content($conn, $print_inputs);
?>
</div>
<?php
}
$rs->MoveNext();
}
}
}
if (ossim_error()) {
die(ossim_error());
}
if (empty($order)) {
$order = "name";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$where = "";
if (!empty($search) && !empty($field)) {
$where = "name LIKE '%{$search}%'";
}
$db = new ossim_db();
$conn = $db->connect();
$xml = "";
$net_list = Net::get_list($conn, "{$where}", "ORDER BY {$order}");
if ($net_list[0]) {
$total = $net_list[0]->get_foundrows();
if ($total == 0) {
$total = count($net_list);
}
} else {
$total = 0;
}
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($net_list as $net) {
$ips = $net->get_ips();
$name = $net->get_name();
$xml .= "<row id='{$name}'>";
