$ntop_links = Sensor::get_ntop_link($sensor); $ntop_link = $ntop_links["ntop"]; $ntop_link = preg_replace("/\\/\$/", "", $ntop_link); ?> <a href="<?php echo $ntop_link; ?> /NetNetstat.html" target="ntop"> <?php echo gettext("Reload"); ?> </a> <?php } else { if ($net_list = Net::get_list($conn, "name = '{$sensor}'")) { $net_ips = $net_list[0]->get_ips(); } ?> <a href="<?php echo "net_session.php?net={$net_ips}"; ?> " target="ntop"> <?php echo gettext("Reload"); ?> </a> <?php } $db->close($conn);
} else { echo $buffer; } } else { if ($key == "net") { $buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1); echo $buffer; } else { if (preg_match("/^.class_(.*)/", $key, $found)) { $buffer = Net::draw_nets_by_class($conn, $key, $filter, $length_name, 1); echo $buffer; } else { if (preg_match("/net_(.*)/", $key, $found)) { $hostin = array(); $length_hn = $length_name + 5; if ($net_list1 = Net::get_list($conn, "name='" . base64_decode($found[1]) . "'")) { require_once "classes/CIDR.inc"; foreach ($net_list1 as $net) { $net_name = $net->get_name(); $nets_ips = explode(",", $net->get_ips()); foreach ($nets_ips as $net_ips) { $net_range = CIDR::expand_CIDR($net_ips, "SHORT", "IP"); $host_list_aux = Host::get_list($conn, "WHERE inet_aton(ip)>=inet_aton('" . $net_range[0] . "') && inet_aton(ip)<=inet_aton('" . $net_range[1] . "')", "ORDER BY ip"); foreach ($host_list_aux as $h) { $hostin[$h->get_ip()] = $h->get_hostname(); } } } } $k = 0; $net_name = base64_decode($found[1]);
unset($_SESSION["_response_descr"]); echo '<p align="center">Response-Action policy inserted<br/> <a href="response.php">Back</a></p>'; print '</body></html>'; exit; } /* hosts */ require_once 'classes/Host.inc'; $host_list = Host::get_list($conn); $hosts[] = array("value" => ANY, "name" => "ANY"); foreach ($host_list as $h) { $hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")"); } /* nets */ require_once 'classes/Net.inc'; $net_list = Net::get_list($conn); $nets[] = array("value" => ANY, "name" => "ANY"); foreach ($net_list as $n) { $nets[] = array("value" => $n->get_name(), "name" => $n->get_name()); } /* sensors */ require_once 'classes/Sensor.inc'; $sensor_list = Sensor::get_list($conn); $sensors[] = array("value" => ANY, "name" => "ANY"); foreach ($sensor_list as $s) { $sensors[] = array("value" => $s->get_ip(), "name" => $s->get_name() . " (" . $s->get_ip() . ")"); } /* ports */ require_once 'classes/Port_group.inc'; $port_list = Port_group::get_list($conn); $ports[] = array("value" => ANY, "name" => "ANY");
$buffer .= ($j > $from ? "," : "") . "{ {$li} }\n"; } $j++; } if ($j > $to) { $li = "key:'host_group', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/host_group.png', title:'" . _("next") . " {$maxresults} " . _("host group") . "'"; $buffer .= ",{ {$li} }\n"; } $buffer .= "]"; } if ($buffer == "[]" || $buffer == "") { $buffer = "[{title:'" . _("No Host Groups Found") . "', noLink:true}]"; } } elseif ($key == "nets") { $wherenet = $filter != "" ? "ips like '%{$filter}%'" : ""; if ($net_list = Net::get_list($conn, $wherenet)) { $buffer .= "["; $j = 0; foreach ($net_list as $net) { if ($j >= $from && $j < $to) { $net_name = $net->get_name(); $net_title = Util::htmlentities(utf8_encode($net_name)); $net_key = utf8_encode("NET:" . $net_name); $ips_data = $net->get_ips(); $ips = "<font style=\"font-size:80%\">(" . $ips_data . ")</font>"; $title = strlen($net_name) > $length_name ? substr($net_name, 0, $length_name) . "..." : $net_name; $title = Util::htmlentities(utf8_encode($title)) . " " . $ips; $tooltip = $net_title . " (" . $ips_data . ")"; $li = "key:'{$net_key}', asset_data:'{$ips_data}', icon:'../../pixmaps/theme/net.png', title:'{$title}', tooltip:'{$tooltip}'\n"; $buffer .= ($j > $from ? "," : "") . "{ {$li} }\n"; }
$net_qualification_cache = get_net_qualification($conn); //////////////////////////////////////////////////////////////// // Network Groups //////////////////////////////////////////////////////////////// // If allowed_nets === null, then permit all $allowed_nets = Session::allowedNets($user); if ($allowed_nets) { $allowed_nets = explode(',', $allowed_nets); } $allowed_sensors = Session::allowedSensors($user); if ($allowed_sensors) { $allowed_sensors = explode(',', $allowed_sensors); } $net_where = ""; if ($allowed_sensors != "" || $allowed_nets != "") { $nets_aux = Net::get_list($conn); $networks_str = ""; foreach ($nets_aux as $net) { $networks_str .= $networks_str != "" ? ",'" . $net->get_name() . "'" : "'" . $net->get_name() . "'"; } if ($networks_str != "") { $net_where = " AND net.name in ({$networks_str})"; } } //$net_limit = " LIMIT $from,$max"; // We can't join the control_panel table, because new ossim installations // holds no data there $sql = "SELECT\r\n net_group.name as group_name,\r\n net_group.threshold_c as group_threshold_c,\r\n net_group.threshold_a as group_threshold_a,\r\n net.name as net_name,\r\n net.threshold_c as net_threshold_c,\r\n net.threshold_a as net_threshold_a,\r\n net.ips as net_address\r\n FROM\r\n net_group,\r\n net,\r\n net_group_reference\r\n WHERE\r\n net_group_reference.net_name = net.name AND\r\n net_group_reference.net_group_name = net_group.name AND net_group.name = \"{$group_name}\"{$net_where}"; if (!($rs =& $conn->Execute($sql))) { die($conn->ErrorMsg()); }
<th> <label for='mboxs1'><?php echo gettext("Networks"); ?> </label><br/> <span><a href="newnetform.php"> <?php echo gettext("Insert new network"); ?> ?</a></span> </th> <td class="left nobborder"> <select style="width:250px;height:90%" multiple="multiple" size="19" class="req_field" name="nets[]" id="nets"> <?php /* ===== Networks ==== */ if ($network_list = Net::get_list($conn)) { foreach ($network_list as $network) { $net_name = $network->get_name(); $net_ips = $network->get_ips(); if (in_array($net_name, $networks)) { echo "<option value='{$net_name}'>{$net_name} ({$net_ips})</option>"; } } } ?> </select> <span style="padding-left: 3px; vertical-align: top;">*</span> <div id='del_selected'><input type="button" value=" [X] " onclick="deletefrom('nets')" class="lbutton"/></div> </td> </tr>
function draw_members_select($form_data) { global $conn, $id; $resp = new xajaxResponse(); $type = $form_data['member_type']; // The user selected the empty type if (!$type) { $resp->AddAssign("members_select", "innerHTML", _("Please select a type")); return $resp; } // // Get the list of members of the given type // $options = array(); switch ($type) { case 'host': include_once 'classes/Host.inc'; $list = Host::get_list($conn, "", 'ORDER BY hostname'); print_r($list); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr; } break; case 'net': include_once 'classes/Net.inc'; $list = Net::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr; } break; case 'host_group': include_once 'classes/Host_group.inc'; $list = Host_group::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; case 'net_group': include_once 'classes/Net_group.inc'; $list = Net_group::get_list($conn, '', 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; } // // Build the SELECT tag // $html = '<select name="member_name">'; foreach ($options as $name => $description) { $html .= "<option value='{$name}'>{$description}</option>"; } $html .= '</select>'; $resp->AddAssign("members_select", "innerHTML", $html); return $resp; }
$host = Host::hostname2ip($conn, $hostname); } if ($host == "" && GET('netname') != "") { $aux_list = Net::get_list($conn, "name='" . GET('netname') . "'"); $host = preg_replace("/,.*/", "", $aux_list[0]->get_ips()); } $hostname = "Host"; $_SESSION['host_report'] = $host; $network = 0; if (preg_match("/\\/\\d+/", $host)) { $network = 1; } if ($network) { require_once 'classes/Net.inc'; require_once 'classes/Net_scan.inc'; $netaux = Net::get_list($conn, "name='" . Net::get_name_by_ip($conn, $host) . "'"); $net = $netaux[0]; $notfound = 0; if (count($netaux) < 1) { $notfound = 1; } if (!$greybox) { if (!$notfound) { $name = $net->get_name(); } } if ($name == $host) { $title = "Network Report: {$host}"; } else { $title = "Network Report: {$name}({$host})"; }
$buffer .= ($j > $from ? "," : "") . "{ {$li} },{ {$li_not} }\n"; } $j++; } if ($j > $to) { $li = "key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/net.png', title:'" . _("next") . " {$maxresults} " . _("nets") . "'"; $buffer .= ",{ {$li} }\n"; } $buffer .= "]"; } } else { if (preg_match("/net_(.*)/", $key, $found)) { $hostin = array(); $negated = preg_match("/^\\!/", $found[1]) ? true : false; $aux_name = str_replace("!", "", $found[1]); if ($net_list1 = Net::get_list($conn, "name='" . base64_decode($aux_name) . "'")) { require_once "classes/CIDR.inc"; foreach ($net_list1 as $net) { $net_name = $net->get_name(); $nets_ips = explode(",", $net->get_ips()); foreach ($nets_ips as $net_ips) { $net_range = CIDR::expand_CIDR($net_ips, "SHORT", "IP"); $host_list_aux = Host::get_list($conn, "WHERE inet_aton(ip)>=inet_aton('" . $net_range[0] . "') && inet_aton(ip)<=inet_aton('" . $net_range[1] . "')"); foreach ($host_list_aux as $h) { $hostin[$h->get_ip()] = $h->get_hostname(); } } /* foreach($ossim_hosts as $ip => $hname) if ($net->isIpInNet($ip, $net_ips)) { $hostin[$ip] = $hname; }
$db = new ossim_db(); $conn = $db->connect(); /* if ($copy_panels == 1) { User_config::copy_panel($conn, "admin", $user); } */ $nets = ""; $nets_selected = POST("nets"); if (is_array($nets_selected)) { foreach ($nets_selected as $index => $net_name) { ossim_valid($net_name, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("net{$i}")); if (ossim_error()) { die(ossim_error()); } if ($net_list_aux = Net::get_list($conn, "name = '{$net_name}'")) { foreach ($net_list_aux as $net) { if ($nets == "") { $nets = $net->get_ips(); } else { $nets .= "," . $net->get_ips(); } } } } } $sensors = ""; for ($i = 0; $i < $nsensors; $i++) { ossim_valid(POST("sensor{$i}"), OSS_LETTER, OSS_DIGIT, OSS_DOT, OSS_NULLABLE, 'illegal:' . _("sensor{$i}")); if (ossim_error()) { die(ossim_error());
Net::enable_plugin($conn, $net_name, 2007); } elseif ($nagios_action = "disable") { Net::disable_plugin($conn, $net_name, 2007); } } if (empty($order)) { $order = "name"; } $start = ($page - 1) * $rp; $limit = "LIMIT {$start}, {$rp}"; $where = ""; if (!empty($search) && !empty($field)) { $where = "name LIKE '%{$search}%'"; } $xml = ""; $net_list = Net::get_list($conn, $where, "ORDER BY {$order} {$limit}"); if ($net_list[0]) { $total = $net_list[0]->get_foundrows(); if ($total == 0) { $total = count($net_list); } } else { $total = 0; } $xml .= "<rows>\n"; $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($net_list as $net) { $name = $net->get_name(); $xml .= "<row id='" . htmlspecialchars(utf8_encode($name)) . "'>"; $link_modify = $net->get_imgtag() . " <a style='font-weight:bold;' href=\"./newnetform.php?name=" . urlencode($name) . "\">" . Util::htmlentities($name) . "</a>";
echo gettext("Insert new net"); ?> ?</a> </font><br/> <font size="-2"> <a href="../host/newhostform.php"> <?php echo gettext("Insert new host"); ?> ?</a> </font><br/> </th> <td class="left"> <?php /* ===== dest nets =====*/ $j = 1; if ($net_list = Net::get_list($conn, "", "ORDER BY name")) { foreach ($net_list as $net) { $net_name = $net->get_name(); if ($j == 1) { ?> <input type="hidden" name="<?php echo "destngrps"; ?> " value="<?php echo count($net_list); ?> "> <?php } $name = "destmboxg" . $j;
function getNetList() { global $conn; if ($net_list = Net::get_list($conn, '', '')) { return $net_list; } return ""; }
$nets = array(); if ($filter != "") { if (preg_match("/\\d+\\./", $filter)) { $condition = "ips LIKE '" . $filter . "%'"; } else { $condition = "name LIKE '%" . $filter . "%'"; } if ($key != "") { $condition = " AND " . $condition; } } if ($key == "") { $all_nets = Net::get_list($conn, $condition, "", array_keys($current_entity_perms['sensors'])); } else { preg_match("/.class_(.*)/", $key, $found); $all_nets = Net::get_list($conn, "(ips LIKE '" . $found[1] . ".%' OR ips LIKE '%," . $found[1] . ".%')" . $condition, "", array_keys($current_entity_perms['sensors'])); } foreach ($all_nets as $net) { if ($entity > 0 && $current_entity_perms['assets'][$net->get_ips()] || empty($current_entity_perms['assets']) || $entity == 0) { $cidrs = trim($net->get_ips()); $acidrs = explode(",", $cidrs); foreach ($acidrs as $cidr) { $data = explode(".", $cidr); if ($cclasses[$data[0] . "." . $data[1] . "." . $data[2]] != 1) { $cclasses[$data[0] . "." . $data[1] . "." . $data[2]] = 1; } if ($cclasses[$data[0] . "." . $data[1]] != 1) { $bclasses[$data[0] . "." . $data[1]] = 1; } if ($cclasses[$data[0]] != 1) { $aclasses[$data[0]] = 1;
function print_indicators($map, $print_inputs = false, $linked = 1) { require_once 'classes/Host.inc'; require_once 'classes/Net.inc'; require_once 'ossim_db.inc'; $db = new ossim_db(); $conn = $db->connect(); list($sensors_aux, $hosts_aux) = Host::get_ips_and_hostname($conn, true); $all_nets = Net::get_list($conn); $hosts = array_flip($hosts_aux); $sensors = array_flip($sensors_aux); $nets = array(); foreach ($all_nets as $k => $v) { $nets[$v->get_name()] = $v->get_name(); } $query = "SELECT * FROM risk_indicators WHERE name <> 'rect' AND map= ?"; $params = array($map); if (!($rs =& $conn->Execute($query, $params))) { print $conn->ErrorMsg(); } else { while (!$rs->EOF) { if (Session::am_i_admin()) { $has_perm = 1; } else { $has_perm = indicatorAllowed($conn, $rs->fields['type'], $rs->fields['type_name'], $hosts, $sensors, $nets); } if ($has_perm) { $id = $rs->fields["id"]; if ($print_inputs) { $name = mb_detect_encoding($rs->fields["name"] . " ", 'UTF-8,ISO-8859-1') == 'UTF-8' ? $rs->fields["name"] : mb_convert_encoding($rs->fields["name"], 'UTF-8', 'ISO-8859-1'); $type = $rs->fields["type"]; $type_name = mb_detect_encoding($rs->fields["type_name"] . " ", 'UTF-8,ISO-8859-1') == 'UTF-8' ? $rs->fields["type_name"] : mb_convert_encoding($rs->fields["type_name"], 'UTF-8', 'ISO-8859-1'); $url = $rs->fields["url"]; $size = $rs->fields["size"]; $icon = preg_replace("/\\#.*/", "", $rs->fields["icon"]); $val = preg_match("/\\#(.+)/", $rs->fields["icon"], $found) ? $found[1] : ""; echo "<input type='hidden' name='dataname" . $id . "' id='dataname" . $id . "' value='" . $name . "'/>\n"; echo "<input type='hidden' name='datatype" . $id . "' id='datatype" . $id . "' value='" . $type . "'/>\n"; echo "<input type='hidden' name='type_name" . $id . "' id='type_name" . $id . "' value='" . $type_name . "'/>\n"; echo "<input type='hidden' name='dataurl" . $id . "' id='dataurl" . $id . "' value='" . $url . "'/>\n"; echo "<input type='hidden' name='dataicon" . $id . "' id='dataicon" . $id . "' value='" . $icon . "'/>\n"; echo "<input type='hidden' name='dataiconsize" . $id . "' id='dataiconsize" . $id . "' value='" . $size . "'/>\n"; echo "<input type='hidden' name='dataiconbg" . $id . "' id='dataiconbg" . $id . "' value='" . $val . "'/>\n"; } $style = "z-index:10;\r\n\t\t\t\t\t\t border:1px solid transparent;\r\n\t\t\t\t\t\t cursor:pointer;\r\n\t\t\t\t\t\t background:url(../pixmaps/1x1.png);\r\n\t\t\t\t\t\t visibility:hidden;\r\n\t\t\t\t\t\t position:absolute;\r\n\t\t\t\t\t\t left:" . $rs->fields["x"] . "px;\r\n\t\t\t\t\t\t top:" . $rs->fields["y"] . "px;\r\n\t\t\t\t\t\t height:" . $rs->fields["h"] . "px;\r\n\t\t\t\t\t\t width:" . $rs->fields["w"] . "px;\r\n\t\t\t\t"; ?> <div id="indicator<?php echo $id; ?> " class="itcanbemoved" style="<?php echo $style; ?> "> <?php print_indicator_content($conn, $rs, $linked); ?> </div> <?php } $rs->MoveNext(); } } $query = "SELECT * FROM risk_indicators WHERE name='rect' AND map = ?"; $params = array($map); if (!($rs =& $conn->Execute($query, $params))) { print $conn->ErrorMsg(); } else { while (!$rs->EOF) { $has_perm = 0; if (Session::am_i_admin()) { $has_perm = 1; } else { if ($type == "host") { $has_perm = !empty($hosts[$type_name]) ? 1 : 0; } elseif ($type == "sensor" || $type == "server") { $has_perm = !empty($sensors[$type_name]) ? 1 : 0; } elseif ($type == "net") { $has_perm = !empty($nets[$type_name]) ? 1 : 0; } elseif ($type == "host_group") { if (Session::groupHostAllowed($conn, $type_name)) { $has_perm = 1; } } else { $has_perm = 1; } } if ($has_perm) { $id = $rs->fields["id"]; if ($print_inputs) { $name = $rs->fields["name"]; $url = $rs->fields["url"]; echo "<input type='hidden' name='dataname" . $id . "' id='dataname" . $id . "' value='" . $name . "'/>\n"; echo "<input type='hidden' name='dataurl" . $id . "' id='dataurl" . $id . "' value='" . $url . "'/>\n"; } $style = "border:1px solid transparent;\r\n\t\t\t\t\t\t cursor:pointer;\r\n\t\t\t\t\t\t background:url(../pixmaps/1x1.png);\r\n\t\t\t\t\t\t visibility:hidden;\r\n\t\t\t\t\t\t position:absolute;\r\n\t\t\t\t\t\t left:" . $rs->fields["x"] . "px;\r\n\t\t\t\t\t\t top:" . $rs->fields["y"] . "px;\r\n\t\t\t\t\t\t height:" . $rs->fields["h"] . "px;\r\n\t\t\t\t\t\t width:" . $rs->fields["w"] . "px;\r\n\t\t\t\t"; ?> <div id="rect<?php echo $id; ?> " class="itcanbemoved" style="<?php echo $style; ?> "> <?php print_rectangle_content($conn, $print_inputs); ?> </div> <?php } $rs->MoveNext(); } } }
if (ossim_error()) { die(ossim_error()); } if (empty($order)) { $order = "name"; } $start = ($page - 1) * $rp; $limit = "LIMIT {$start}, {$rp}"; $where = ""; if (!empty($search) && !empty($field)) { $where = "name LIKE '%{$search}%'"; } $db = new ossim_db(); $conn = $db->connect(); $xml = ""; $net_list = Net::get_list($conn, "{$where}", "ORDER BY {$order}"); if ($net_list[0]) { $total = $net_list[0]->get_foundrows(); if ($total == 0) { $total = count($net_list); } } else { $total = 0; } $xml .= "<rows>\n"; $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($net_list as $net) { $ips = $net->get_ips(); $name = $net->get_name(); $xml .= "<row id='{$name}'>";