Пример #1
0
function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $environ = SNMP_POLLER)
{
    global $config, $banned_snmp_strings;
    $snmp_oid_included = true;
    $snmp_auth = '';
    $snmp_array = array();
    $temp_array = array();
    /* determine default retries */
    if ($retries == 0 || !is_numeric($retries)) {
        $retries = read_config_option("snmp_retries");
        if ($retries == "") {
            $retries = 3;
        }
    }
    /* determine default max_oids */
    if ($max_oids == 0 || !is_numeric($max_oids)) {
        $max_oids = read_config_option("max_get_size");
        if ($max_oids == "") {
            $max_oids = 10;
        }
    }
    /* do not attempt to poll invalid combinations */
    if ($version == 0 || !is_numeric($version) || !is_numeric($max_oids) || !is_numeric($port) || !is_numeric($retries) || !is_numeric($timeout) || $community == "" && $version != 3) {
        return array();
    }
    $path_snmpbulkwalk = read_config_option("path_snmpbulkwalk");
    if (snmp_get_method($version) == SNMP_METHOD_PHP && (!strlen($context) || $version != 3) && ($version == 1 || version_compare(phpversion(), "5.1") >= 0 || !file_exists($path_snmpbulkwalk))) {
        /* make sure snmp* is verbose so we can see what types of data
        		we are getting back */
        /* force php to return numeric oid's */
        if (function_exists("snmp_set_oid_numeric_print")) {
            snmp_set_oid_numeric_print(TRUE);
        }
        if (function_exists("snmprealwalk")) {
            $snmp_oid_included = false;
        }
        snmp_set_quick_print(0);
        if ($version == "1") {
            $temp_array = @snmprealwalk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
        } elseif ($version == "2") {
            $temp_array = @snmp2_real_walk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
        } else {
            if ($priv_proto == "[None]" || $priv_pass == '') {
                $proto = "authNoPriv";
                $priv_proto = "";
            } else {
                $proto = "authPriv";
            }
            $temp_array = @snmp3_real_walk("{$hostname}:{$port}", "{$username}", $proto, $auth_proto, "{$password}", $priv_proto, "{$priv_pass}", "{$oid}", $timeout * 1000, $retries);
        }
        if ($temp_array === false) {
            cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
        }
        /* check for bad entries */
        if (is_array($temp_array) && sizeof($temp_array)) {
            foreach ($temp_array as $key => $value) {
                foreach ($banned_snmp_strings as $item) {
                    if (strstr($value, $item) != "") {
                        unset($temp_array[$key]);
                        continue 2;
                    }
                }
            }
        }
        $o = 0;
        for (@reset($temp_array); $i = @key($temp_array); next($temp_array)) {
            if ($temp_array[$i] != "NULL") {
                $snmp_array[$o]["oid"] = preg_replace("/^\\./", "", $i);
                $snmp_array[$o]["value"] = format_snmp_string($temp_array[$i], $snmp_oid_included);
            }
            $o++;
        }
    } else {
        /* ucd/net snmp want the timeout in seconds */
        $timeout = ceil($timeout / 1000);
        if ($version == "1") {
            $snmp_auth = read_config_option("snmp_version") == "ucd-snmp" ? snmp_escape_string($community) : "-c " . snmp_escape_string($community);
            /* v1/v2 - community string */
        } elseif ($version == "2") {
            $snmp_auth = read_config_option("snmp_version") == "ucd-snmp" ? snmp_escape_string($community) : "-c " . snmp_escape_string($community);
            /* v1/v2 - community string */
            $version = "2c";
            /* ucd/net snmp prefers this over '2' */
        } elseif ($version == "3") {
            if ($priv_proto == "[None]" || $priv_pass == '') {
                $proto = "authNoPriv";
                $priv_proto = "";
            } else {
                $proto = "authPriv";
            }
            if (strlen($priv_pass)) {
                $priv_pass = "******" . snmp_escape_string($priv_pass) . " -x " . snmp_escape_string($priv_proto);
            } else {
                $priv_pass = "";
            }
            if (strlen($context)) {
                $context = "-n " . snmp_escape_string($context);
            } else {
                $context = "";
            }
            $snmp_auth = trim("-u " . snmp_escape_string($username) . " -l " . snmp_escape_string($proto) . " -a " . snmp_escape_string($auth_proto) . " -A " . snmp_escape_string($password) . " " . $priv_pass . " " . $context);
            /* v3 - username/password */
        }
        if (read_config_option("snmp_version") == "ucd-snmp") {
            /* escape the command to be executed and vulnerable parameters
             * numeric parameters are not subject to command injection
             * snmp_auth is treated seperately, see above */
            $temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option("path_snmpwalk")) . " -v{$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} {$snmp_auth} " . cacti_escapeshellarg($oid));
        } else {
            if (file_exists($path_snmpbulkwalk) && $version > 1 && $max_oids > 1) {
                $temp_array = exec_into_array(cacti_escapeshellcmd($path_snmpbulkwalk) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} -Cr{$max_oids} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
            } else {
                $temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option("path_snmpwalk")) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
            }
        }
        if (substr_count(implode(" ", $temp_array), "Timeout:")) {
            cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
        }
        /* check for bad entries */
        if (is_array($temp_array) && sizeof($temp_array)) {
            foreach ($temp_array as $key => $value) {
                foreach ($banned_snmp_strings as $item) {
                    if (strstr($value, $item) != "") {
                        unset($temp_array[$key]);
                        continue 2;
                    }
                }
            }
        }
        for ($i = 0; $i < count($temp_array); $i++) {
            if ($temp_array[$i] != "NULL") {
                $snmp_array[$i]["oid"] = trim(preg_replace("/(.*) =.*/", "\\1", $temp_array[$i]));
                $snmp_array[$i]["value"] = format_snmp_string($temp_array[$i], true);
            }
        }
    }
    return $snmp_array;
}
Пример #2
0
function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $method = SNMP_VALUE_LIBRARY, $environ = SNMP_POLLER)
{
    global $config, $banned_snmp_strings;
    $snmp_oid_included = true;
    $snmp_auth = '';
    $snmp_array = array();
    $temp_array = array();
    /* determine default retries */
    if ($retries == 0 || !is_numeric($retries)) {
        $retries = read_config_option('snmp_retries');
        if ($retries == '') {
            $retries = 3;
        }
    }
    /* do not attempt to poll invalid combinations */
    if ($version == 0 || !is_numeric($version) || !is_numeric($max_oids) || !is_numeric($port) || !is_numeric($retries) || !is_numeric($timeout) || $community == '' && $version != 3) {
        return array();
    }
    $path_snmpbulkwalk = read_config_option('path_snmpbulkwalk');
    if (snmp_get_method($version) == SNMP_METHOD_PHP && (!strlen($context) || $version != 3) && ($version == 1 || version_compare(phpversion(), '5.1') >= 0 || !file_exists($path_snmpbulkwalk))) {
        /* make sure snmp* is verbose so we can see what types of data
        		we are getting back */
        /* force php to return numeric oid's */
        cacti_oid_numeric_format();
        snmp_set_quick_print(0);
        /* set the output format to numeric */
        snmp_set_valueretrieval($method);
        if ($version == '1') {
            $temp_array = @snmprealwalk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
        } elseif ($version == '2') {
            $temp_array = @snmp2_real_walk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries);
        } else {
            if ($priv_proto == '[None]') {
                $proto = 'authNoPriv';
                $priv_proto = '';
            } else {
                $proto = 'authPriv';
            }
            $temp_array = @snmp3_real_walk("{$hostname}:{$port}", "{$username}", $proto, $auth_proto, "{$password}", $priv_proto, "{$priv_pass}", "{$oid}", $timeout * 1000, $retries);
        }
        if ($temp_array === false) {
            cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
        }
        /* check for bad entries */
        if (is_array($temp_array) && sizeof($temp_array)) {
            foreach ($temp_array as $key => $value) {
                foreach ($banned_snmp_strings as $item) {
                    if (strstr($value, $item) != '') {
                        unset($temp_array[$key]);
                        continue 2;
                    }
                }
            }
            $o = 0;
            for (reset($temp_array); $i = key($temp_array); next($temp_array)) {
                if ($temp_array[$i] != 'NULL') {
                    $snmp_array[$o]['oid'] = preg_replace('/^\\./', '', $i);
                    $snmp_array[$o]['value'] = format_snmp_string($temp_array[$i], $snmp_oid_included);
                }
                $o++;
            }
        }
    } else {
        /* ucd/net snmp want the timeout in seconds */
        $timeout = ceil($timeout / 1000);
        if ($version == '1') {
            $snmp_auth = '-c ' . snmp_escape_string($community);
            /* v1/v2 - community string */
        } elseif ($version == '2') {
            $snmp_auth = '-c ' . snmp_escape_string($community);
            /* v1/v2 - community string */
            $version = '2c';
            /* ucd/net snmp prefers this over '2' */
        } elseif ($version == '3') {
            if ($priv_proto == '[None]') {
                $proto = 'authNoPriv';
                $priv_proto = '';
            } else {
                $proto = 'authPriv';
            }
            if (strlen($priv_pass)) {
                $priv_pass = '******' . snmp_escape_string($priv_pass) . ' -x ' . snmp_escape_string($priv_proto);
            } else {
                $priv_pass = '';
            }
            if (strlen($context)) {
                $context = '-n ' . snmp_escape_string($context);
            } else {
                $context = '';
            }
            $snmp_auth = trim('-u ' . snmp_escape_string($username) . ' -l ' . snmp_escape_string($proto) . ' -a ' . snmp_escape_string($auth_proto) . ' -A ' . snmp_escape_string($password) . ' ' . $priv_pass . ' ' . $context);
            /* v3 - username/password */
        }
        if (file_exists($path_snmpbulkwalk) && $version > 1 && $max_oids > 1) {
            $temp_array = exec_into_array(cacti_escapeshellcmd($path_snmpbulkwalk) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} -Cr{$max_oids} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
        } else {
            $temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option('path_snmpwalk')) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid));
        }
        if (substr_count(implode(' ', $temp_array), 'Timeout:')) {
            cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false);
        }
        /* check for bad entries */
        if (is_array($temp_array) && sizeof($temp_array)) {
            foreach ($temp_array as $key => $value) {
                foreach ($banned_snmp_strings as $item) {
                    if (strstr($value, $item) != '') {
                        unset($temp_array[$key]);
                        continue 2;
                    }
                }
            }
            for ($i = 0; $i < count($temp_array); $i++) {
                if ($temp_array[$i] != 'NULL') {
                    $snmp_array[$i]['oid'] = trim(preg_replace('/(.*) =.*/', "\\1", $temp_array[$i]));
                    $snmp_array[$i]['value'] = format_snmp_string($temp_array[$i], true);
                }
            }
        }
    }
    return $snmp_array;
}
Пример #3
0
function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $environ = SNMP_POLLER) {
	global $config, $banned_snmp_strings;

	$snmp_oid_included = false;
	$snmp_auth	       = '';
	$snmp_array        = array();
	$temp_array        = array();

	/* determine default retries */
	if (($retries == 0) || (!is_numeric($retries))) {
		$retries = read_config_option("snmp_retries");
		if ($retries == "") $retries = 3;
	}

	$path_snmpbulkwalk = read_config_option("path_snmpbulkwalk");

	if ((snmp_get_method($version) == SNMP_METHOD_PHP) &&
		(!strlen($context) || ($version != 3)) &&
		(($version == 1) ||
		(version_compare(phpversion(), "5.1") >= 0) ||
		(!file_exists($path_snmpbulkwalk)))) {
		/* make sure snmp* is verbose so we can see what types of data
		we are getting back */

		/* force php to return numeric oid's */
		if (function_exists("snmp_set_oid_numeric_print")) {
			snmp_set_oid_numeric_print(TRUE);
			$snmp_oid_included = true;
		}

		snmp_set_quick_print(0);

		if ($version == "1") {
			$temp_array = @snmprealwalk("$hostname:$port", "$community", "$oid", ($timeout * 1000), $retries);
		}elseif ($version == "2") {
			$temp_array = @snmp2_real_walk("$hostname:$port", "$community", "$oid", ($timeout * 1000), $retries);
		}else{
			if ($priv_proto == "[None]") {
				$proto = "authNoPriv";
				$priv_proto = "";
			}else{
				$proto = "authPriv";
			}

			$temp_array = @snmp3_real_walk("$hostname:$port", "$username", $proto, $auth_proto, "$password", $priv_proto, "$priv_pass", "$oid", ($timeout * 1000), $retries);
		}

		/* check for bad entries */
		if (is_array($temp_array) && sizeof($temp_array)) {
		foreach($temp_array as $key => $value) {
			foreach($banned_snmp_strings as $item) {
				if(strstr($value, $item) != "") {
					unset($temp_array[$key]);
					continue 2;
				}
			}
		}
		}

		$o = 0;
		for (@reset($temp_array); $i = @key($temp_array); next($temp_array)) {
			if ($temp_array[$i] != "NULL") {
				$snmp_array[$o]["oid"] = preg_replace("/^\./", "", $i);
				$snmp_array[$o]["value"] = format_snmp_string($temp_array[$i], $snmp_oid_included);
			}
			$o++;
		}
	}else{
		/* ucd/net snmp want the timeout in seconds */
		$timeout = ceil($timeout / 1000);

		if ($version == "1") {
			$snmp_auth = (read_config_option("snmp_version") == "ucd-snmp") ? cacti_escapeshellarg($community): "-c " . cacti_escapeshellarg($community); /* v1/v2 - community string */
		}elseif ($version == "2") {
			$snmp_auth = (read_config_option("snmp_version") == "ucd-snmp") ? cacti_escapeshellarg($community): "-c " . cacti_escapeshellarg($community); /* v1/v2 - community string */
			$version = "2c"; /* ucd/net snmp prefers this over '2' */
		}elseif ($version == "3") {
			if ($priv_proto == "[None]") {
				$proto = "authNoPriv";
				$priv_proto = "";
			}else{
				$proto = "authPriv";
			}

			if (strlen($priv_pass)) {
				$priv_pass = "******" . cacti_escapeshellarg($priv_pass) . " -x " . cacti_escapeshellarg($priv_proto);
			}else{
				$priv_pass = "";
			}

			if (strlen($context)) {
				$context = "-n " . cacti_escapeshellarg($context);
			}else{
				$context = "";
			}

			$snmp_auth = trim("-u " . cacti_escapeshellarg($username) .
				" -l " . cacti_escapeshellarg($proto) .
				" -a " . cacti_escapeshellarg($auth_proto) .
				" -A " . cacti_escapeshellarg($password) .
				" "    . $priv_pass .
				" "    . $context); /* v3 - username/password */
		}

		if (read_config_option("snmp_version") == "ucd-snmp") {
			$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -v$version -t $timeout -r $retries $hostname:$port $snmp_auth $oid");
		}else {
			if (file_exists($path_snmpbulkwalk) && ($version > 1) && ($max_oids > 1)) {
				$temp_array = exec_into_array($path_snmpbulkwalk . " -O Qn $snmp_auth -v $version -t $timeout -r $retries -Cr$max_oids $hostname:$port $oid");
			}else{
				$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O Qn $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
			}
		}

		/* check for bad entries */
		if (is_array($temp_array) && sizeof($temp_array)) {
		foreach($temp_array as $key => $value) {
			foreach($banned_snmp_strings as $item) {
				if(strstr($value, $item) != "") {
					unset($temp_array[$key]);
					continue 2;
				}
			}
		}
		}

		for ($i=0; $i < count($temp_array); $i++) {
			if ($temp_array[$i] != "NULL") {
				$snmp_array[$i]["oid"]   = trim(preg_replace("/(.*) =.*/", "\\1", $temp_array[$i]));
				$snmp_array[$i]["value"] = format_snmp_string($temp_array[$i], true);
			}
		}
	}

	return $snmp_array;
}
Пример #4
0
function rrdtool_function_set_font($type, $no_legend, $themefonts)
{
    global $config;
    if (read_config_option('font_method') == 0) {
        if (read_graph_config_option("custom_fonts") == "on") {
            $font = read_graph_config_option($type . "_font");
            $size = read_graph_config_option($type . "_size");
        } else {
            $font = read_config_option($type . "_font");
            $size = read_config_option($type . "_size");
        }
    } elseif (isset($themefonts[$type]['font']) && isset($themefonts[$type]['size'])) {
        $font = $themefonts[$type]['font'];
        $size = $themefonts[$type]['size'];
    } else {
        return;
    }
    if (strlen($font)) {
        /* do some simple checks */
        if (read_config_option("rrdtool_version") == "rrd-1.2.x") {
            # rrdtool 1.2 uses font files
            if (!is_file($font)) {
                $font = "";
            }
        } else {
            # rrdtool 1.3+ use fontconfig
            /* verifying all possible pango font params is too complex to be tested here
             * so we only escape the font
             */
            $font = cacti_escapeshellarg($font);
        }
    }
    if ($type == "title") {
        if (!empty($no_legend)) {
            $size = $size * 0.7;
        } elseif ($size <= 4 || !is_numeric($size)) {
            $size = 12;
        }
    } else {
        if ($size <= 4 || !is_numeric($size)) {
            $size = 8;
        }
    }
    return "--font " . strtoupper($type) . ":" . floatval($size) . ":" . $font . RRD_NL;
}
Пример #5
0
function rrdtool_set_font($type, $no_legend = "")
{
    global $config;
    if (read_graph_config_option("custom_fonts") == "on") {
        $font = read_graph_config_option($type . "_font");
        $size = read_graph_config_option($type . "_size");
    } else {
        $font = read_config_option($type . "_font");
        $size = read_config_option($type . "_size");
    }
    if (strlen($font)) {
        /* do some simple checks */
        if (read_config_option("rrdtool_version") == "rrd-1.0.x" || read_config_option("rrdtool_version") == "rrd-1.2.x") {
            # rrdtool 1.0 and 1.2 use font files
            if (!is_file($font)) {
                $font = "";
            }
        } else {
            # rrdtool 1.3+ use fontconfig
            /* verifying all possible pango font params is too complex to be tested here
             * so we only escape the font
             */
            $font = cacti_escapeshellarg($font);
        }
    }
    if ($type == "title") {
        if (!empty($no_legend)) {
            $size = $size * 0.7;
        } elseif ($size <= 4 || $size == "") {
            $size = 12;
        }
    } else {
        if ($size <= 4 || $size == "") {
            $size = 8;
        }
    }
    return "--font " . strtoupper($type) . ":" . $size . ":" . $font . RRD_NL;
}
Пример #6
0
function export_ftp_ncftpput_execute($stExportDir)
{
    global $aFtpExport;
    chdir($stExportDir);
    /* set the initial command structure */
    $stExecute = 'ncftpput -R -V -r 1 -u ' . cacti_escapeshellarg($aFtpExport['username']) . ' -p ' . cacti_escapeshellarg($aFtpExport['password']);
    /* if the user requested passive mode, use it */
    if ($aFtpExport['passive']) {
        $stExecute .= ' -F ';
    }
    /* setup the port, server, remote directory and all files */
    $stExecute .= ' -P ' . cacti_escapeshellarg($aFtpExport['port']) . ' ' . cacti_escapeshellarg($aFtpExport['server']) . ' ' . cacti_escapeshellarg($aFtpExport['remotedir']) . ".";
    /* run the command */
    $iExecuteReturns = 0;
    system($stExecute, $iExecuteReturns);
    $aNcftpputStatusCodes = array('Success.', 'Could not connect to remote host.', 'Could not connect to remote host - timed out.', 'Transfer failed.', 'Transfer failed - timed out.', 'Directory change failed.', 'Directory change failed - timed out.', 'Malformed URL.', 'Usage error.', 'Error in login configuration file.', 'Library initialization failed.', 'Session initialization failed.');
    export_log('Ncftpput returned: ' . $aNcftpputStatusCodes[$iExecuteReturns]);
}
Пример #7
0
/** substitute_snmp_query_data 	- takes a string and substitutes all data query variables contained in it
   @param string $string 		- the original string that contains the data query variables
   @param int $device_id 		- (int) the device ID to match
   @param int $snmp_query_id 	- (int) the data query ID to match
   @param int $snmp_index 		- the data query index to match
   @param int $max_chars 		- the maximum number of characters to substitute
   @return string 				- the original string with all of the variable substitutions made */
function substitute_snmp_query_data($string, $device_id, $snmp_query_id, $snmp_index, $max_chars = 0, $quote=true) {
	$snmp_cache_data = db_fetch_assoc("select field_name,field_value from device_snmp_cache where device_id=$device_id and snmp_query_id=$snmp_query_id and snmp_index='$snmp_index'");

	if (sizeof($snmp_cache_data) > 0) {
		foreach ($snmp_cache_data as $data) {
			if ($data["field_value"] != "") {
				if ($max_chars > 0) {
					$data["field_value"] = substr($data["field_value"], 0, $max_chars);
				}

				$string = stri_replace("|query_" . $data["field_name"] . "|", cacti_escapeshellarg($data["field_value"], $quote), $string);
			}
		}
	}

	return $string;
}