} if (!empty($ip_range)) { $search = 'WHERE inet_aton(ip) >= inet_aton("' . $ip_range[0] . '") and inet_aton(ip) <= inet_aton("' . $ip_range[1] . '")'; } elseif (!empty($by_ip)) { $search = "WHERE ip like '%{$search}%'"; } elseif (!empty($search) && !empty($field)) { $search = "WHERE {$field} like '%{$search}%'"; } elseif (!empty($search)) { $search = "WHERE ip like '%{$search}%' OR hostname like '%{$search}%'"; } $start = ($page - 1) * $rp; $limit = "LIMIT {$start}, {$rp}"; $db = new ossim_db(); $conn = $db->connect(); $xml = ""; $host_list = Host::get_list($conn, "{$search}", "ORDER BY {$order} {$limit}"); if ($host_list[0]) { $total = $host_list[0]->get_foundrows(); if ($total == 0) { $total = count($host_list); } } else { $total = 0; } $xml .= "<rows>\n"; $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($host_list as $host) { $ip = $host->get_ip(); $xml .= "<row id='{$ip}'>"; $name = "<a href=\"../report/index.php?host={$ip}\">" . $host->get_hostname() . "</a>";
if ($_REQUEST["insert_response"]) { /* insert response-action policy */ Response::insert($conn, $_SESSION["_response_descr"], $_SESSION["_response_source_net"], $_SESSION["_response_source_host"], $_SESSION["_response_dest_net"], $_SESSION["_response_dest_host"], $_SESSION["_response_sensor"], $_SESSION["_response_source_port"], $_SESSION["_response_dest_port"], $_SESSION["_response_plugin"], $_SESSION["_response_action"]); /* clean session variables */ foreach ($RESPONSE_OBJECTS as $object) { unset($_SESSION["_response_" . $object]); } unset($_SESSION["_response_descr"]); echo '<p align="center">Response-Action policy inserted<br/> <a href="response.php">Back</a></p>'; print '</body></html>'; exit; } /* hosts */ require_once 'classes/Host.inc'; $host_list = Host::get_list($conn); $hosts[] = array("value" => ANY, "name" => "ANY"); foreach ($host_list as $h) { $hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")"); } /* nets */ require_once 'classes/Net.inc'; $net_list = Net::get_list($conn); $nets[] = array("value" => ANY, "name" => "ANY"); foreach ($net_list as $n) { $nets[] = array("value" => $n->get_name(), "name" => $n->get_name()); } /* sensors */ require_once 'classes/Sensor.inc'; $sensor_list = Sensor::get_list($conn); $sensors[] = array("value" => ANY, "name" => "ANY");
} if ($i > $to) { $html .= "{ key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/host_group.png', title:'" . _("next") . " {$maxresults} " . _("hosts") . "' },"; } if ($html != "") { $buffer .= preg_replace("/,\$/", "", $html); } $buffer .= "]"; if ($buffer == "" || $buffer == "[]") { echo "[{title:'" . _("No Hosts Found") . "', noLink:true}]"; } else { echo $buffer; } } else { if (preg_match("/host_(.*)/", $key, $found)) { $host_data = Host::get_list($conn, "where ip='" . $found[1] . "'"); $hname = $host_data[0]->get_hostname(); if ($hname != $found[1]) { $fqdns[] = $hname; } $all_fqdn = explode(",", $host_data[0]->get_fqdns()); foreach ($all_fqdn as $fqdn) { $fqdn = trim($fqdn); if ($fqdn != "") { $fqdns[] = $fqdn; } } $buffer = "["; $name = ""; if ($found[1] != $hname) { $ip = $found[1];
<tr><td class="nobborder" style="text-align:center"><?php echo _("All host filtered. No results found."); ?> </td></tr> <tr> <td class="nobborder" style="padding-top:10px;text-align:center"> <input type="button" value="Back" onclick="document.location.href='<?php echo GET('userfriendly') ? "userfriendly.php" : "inventory_search.php"; ?> '" class="button"/> </td> </tr> </table> <?php } elseif (!$errors) { $hosts = Host::get_list($conn); $_SESSION['inventory_search']['result']['list'] = array(); $host_objects = array(); foreach ($hosts as $host_obj) { $host_objects[$host_obj->get_ip()] = $host_obj; } foreach ($host_list as $ip) { if ($host_objects[$ip] != "") { $_SESSION['inventory_search']['result']['list'][] = $host_objects[$ip]; } else { $obj = new Host($ip, $ip, 0, 0, 0, "", 0, 0, null, "", 0, 0, 0); $_SESSION['inventory_search']['result']['list'][] = $obj; } } $total = count($_SESSION['inventory_search']['result']['list']); $last_page = floor(($total - 1) / $max_rows) + 1;
print _("You don't have permissions to view the risk maps reports"); exit; } $db = new ossim_db(); $conn = $db->connect(); $type = $_GET["type"]; $default = $_GET["default"]; $id = $_GET["id"]; ossim_valid($type, OSS_ALPHA, OSS_SCORE, 'illegal:' . _("type")); ossim_valid($id, OSS_DIGIT, OSS_ALPHA, OSS_PUNC, OSS_SPACE, ".", 'illegal:' . _("id")); if (ossim_error()) { die(ossim_error()); } switch ($type) { case "host": $host = Host::get_list($conn, " where ip='" . $id . "' or hostname='" . $id . "'"); $id = $host[0]->ip; $hostname = $host[0]->hostname; echo "<h1 align=\"center\">" . gettext("Report") . " " . gettext("for") . " {$type} {$id} </h1>"; ?> <center> [ <a href="/ossim/control_panel/alarm_console.php?hide_search=1&date_from=&date_to=&src_ip=<?php echo $id; ?> &dst_ip=<?php echo $id; ?> &num_alarms_page=10&hide_closed=1" target="_report"> <?php echo gettext("Alarms");
$groups[$group]['max_a_date'] = $score['max_a_date']; } } // If there is no threshold specified for a network, pick the group threshold // Changed: get networks by AJAX $net_threshold_a = $rs->fields['net_threshold_a'] ? $rs->fields['net_threshold_a'] : $group_threshold_a; $net_threshold_c = $rs->fields['net_threshold_c'] ? $rs->fields['net_threshold_c'] : $group_threshold_c; $groups[$group]['nets'][$net] = array('name' => $net, 'threshold_a' => $net_threshold_a, 'threshold_c' => $net_threshold_c, 'max_a' => $score['max_a'], 'max_c' => $score['max_c'], 'max_a_date' => $score['max_a_date'], 'max_c_date' => $score['max_c_date'], 'address' => $rs->fields['net_address'], 'current_a' => $net_current_a, 'current_c' => $net_current_c, 'has_perms' => $has_perms, 'group' => $group); $rs->MoveNext(); } //////////////////////////////////////////////////////////////// // Hosts //////////////////////////////////////////////////////////////// $host_where = ""; if ($allowed_sensors != "" || $allowed_nets != "") { $hosts_aux = Host::get_list($conn); $hosts = ""; foreach ($hosts_aux as $host) { $hosts .= $hosts != "" ? ",'" . $host->get_ip() . "'" : "'" . $host->get_ip() . "'"; } if ($hosts != "") { $host_where = " AND control_panel.id in ({$hosts})"; } } $sql = "SELECT\r\n control_panel.id,\r\n control_panel.max_c,\r\n control_panel.max_a,\r\n control_panel.max_c_date,\r\n control_panel.max_a_date,\r\n host.threshold_a,\r\n host.threshold_c,\r\n host.hostname\r\n FROM\r\n control_panel\r\n LEFT JOIN host ON control_panel.id = host.ip\r\n WHERE\r\n control_panel.time_range = ? AND\r\n control_panel.rrd_type = 'host'{$host_where}"; $params = array($range); if (!($rs =& $conn->Execute($sql, $params))) { die($conn->ErrorMsg()); } $hosts = $ext_hosts = array(); $global_a = $global_c = 0;
if ($key == "net") { echo Net::draw_nets_by_class($conn, $key, $filter, $length_name); } else { if (preg_match("/^.class_(.*)/", $key, $found)) { echo Net::draw_nets_by_class($conn, $key, $filter, $length_name); } else { if (preg_match("/net_(.*)/", $key, $found)) { $hostin = array(); if ($net_list1 = Net::get_list($conn, "name='" . base64_decode($found[1]) . "'")) { require_once "classes/CIDR.inc"; foreach ($net_list1 as $net) { $net_name = $net->get_name(); $nets_ips = explode(",", $net->get_ips()); foreach ($nets_ips as $net_ips) { $net_range = CIDR::expand_CIDR($net_ips, "SHORT", "IP"); $host_list_aux = Host::get_list($conn, "WHERE inet_aton(ip)>=inet_aton('" . $net_range[0] . "') && inet_aton(ip)<=inet_aton('" . $net_range[1] . "')", "ORDER BY ip"); foreach ($host_list_aux as $h) { $hostin[$h->get_ip()] = $h->get_hostname(); } } } } $k = 0; $html = ""; $buffer .= "["; foreach ($hostin as $ip => $host_name) { if ($k >= $from && $k < $to) { $host_key = utf8_encode($key . $k); $hname = $host_name == $ip ? "" : $host_name; $aux_hname = strlen($hname) > $length_name ? substr($hname, 0, $length_name) . "..." : $hname; $title = $hname == '' ? $ip : "{$ip} <font style=\"font-size:80%\">(" . Util::htmlentities($aux_hname) . ")</font>";
$maxresults = 200; $to = $page * $maxresults; $from = $to - $maxresults; $nextpage = $page + 1; $cachefile = "/var/ossim/sessions/" . $_SESSION["_user"] . "_hostgroup_" . base64_encode($key . $filter) . "_{$page}.json"; if (file_exists($cachefile)) { readfile($cachefile); exit; } $buffer = ""; $db = new ossim_db(); $conn = $db->connect(); $ossim_hosts = $all_hosts = $filterhosts = array(); $total_hosts = 0; $ossim_nets = array(); if ($host_list = Host::get_list($conn, "", "ORDER BY hostname")) { foreach ($host_list as $host) { $hname = Util::utf8entities($host->get_hostname()); if ($filter == "" || $filter != "" && (preg_match("/{$filter}/i", $host->get_ip()) || preg_match("/{$filter}/i", $hname))) { $hip = $host->get_ip(); $ossim_hosts[$hip] = trim($hname) != "" ? $hname : $hip; $cclas = preg_replace("/(\\d+\\.)(\\d+\\.)(\\d+)\\.\\d+/", "\\1\\2\\3", $hip); $all_hosts[$cclas][] = $hip; $total_hosts++; } } } uasort($all_hosts, 'cmpf'); if ($key == "os") { if ($hg_list = Host_os::get_os_list($conn, $ossim_hosts, $filter)) { $j = 0;
function draw_members_select($form_data) { global $conn, $id; $resp = new xajaxResponse(); $type = $form_data['member_type']; // The user selected the empty type if (!$type) { $resp->AddAssign("members_select", "innerHTML", _("Please select a type")); return $resp; } // // Get the list of members of the given type // $options = array(); switch ($type) { case 'host': include_once 'classes/Host.inc'; $list = Host::get_list($conn, "", 'ORDER BY hostname'); print_r($list); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr; } break; case 'net': include_once 'classes/Net.inc'; $list = Net::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr; } break; case 'host_group': include_once 'classes/Host_group.inc'; $list = Host_group::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; case 'net_group': include_once 'classes/Net_group.inc'; $list = Net_group::get_list($conn, '', 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; } // // Build the SELECT tag // $html = '<select name="member_name">'; foreach ($options as $name => $description) { $html .= "<option value='{$name}'>{$description}</option>"; } $html .= '</select>'; $resp->AddAssign("members_select", "innerHTML", $html); return $resp; }
die(ossim_error()); } $db = new ossim_db(); $conn = $db->connect(); $credential_type = Host::get_credentials_type($conn); if (isset($_SESSION['_credentials'])) { $hostname = $_SESSION['_credentials']['hostname']; $ip = $_SESSION['_credentials']['ip']; $type = $_SESSION['_credentials']['type']; $user_ct = $_SESSION['_credentials']['user_ct']; $pass_ct = $_SESSION['_credentials']['pass_ct']; $pass_ct2 = $_SESSION['_credentials']['pass_ct2']; $extra = $_SESSION['_credentials']['extra']; unset($_SESSION['_credentials']); } else { if ($host_list = Host::get_list($conn, "WHERE ip = '{$ip}'")) { $host = $host_list[0]; } if (!empty($host)) { $hostname = $host->get_hostname(); $ip = $host->get_ip(); $credentials = array(); $credentials = Host::get_credentials_ip($conn, $ip); if ($action == "edit") { $credentials_id = Host::get_credentials_id($conn, $id); $type = $credentials_id['type']; $user_ct = $credentials_id['username']; $pass_ct = $pass_ct2 = Util::fake_pass($credentials_id['password']); $extra = $credentials_id['extra']; } }
function getHostList() { global $conn; if ($host_list = Host::get_list($conn, '', '')) { return $host_list; } return ""; }
return "white"; } else { return "black"; } } $framework_conf = $GLOBALS["CONF"]; $graph_link = $framework_conf->get_conf("graph_link"); $image1 = "{$graph_link}?ip={$host}&what=compromise&start=N-24h&end=N&type=host&zoom=1"; $image2 = "{$graph_link}?ip={$host}&what=compromise&start=N-7D&end=N&type=host&zoom=1"; $image3 = "{$graph_link}?ip={$host}&what=compromise&start=N-1M&end=N&type=host&zoom=1"; $image4 = "{$graph_link}?ip={$host}&what=compromise&start=N-1Y&end=N&type=host&zoom=1"; /* connect to db */ $db = new ossim_db(); $conn = $db->connect(); /* get thresholds */ if ($list = Host::get_list($conn, "WHERE ip = '{$host}'")) { $threshold_c = $list[0]->get_threshold_c(); $threshold_a = $list[0]->get_threshold_a(); } else { $threshold_c = $threshold_a = $framework_conf->get_conf("threshold"); } /* max C */ $list = Control_panel_host::get_list($conn, "WHERE id = '{$host}' ORDER BY time_range", 3); if (isset($list[0])) { $max_c["day"] = $list[0]->get_max_c(); $max_c_date["day"] = $list[0]->get_max_c_date(); } if (isset($list[1])) { $max_c["month"] = $list[1]->get_max_c(); $max_c_date["month"] = $list[1]->get_max_c_date(); }
</td> </tr> </table> </td> </tr> <tr> <td> <table> <tr> <td width="70%" valign="top"> <table> <?php $exp = CIDR::expand_CIDR($host, "SHORT", "IP"); $host_s_range = $exp[0]; $host_e_range = end($exp); $host_list = Host::get_list($conn, "WHERE INET_ATON(ip) >= INET_ATON('{$host_s_range}') AND INET_ATON(ip) <= INET_ATON('{$host_e_range}')"); if (count($host_list) > 0) { ?> <tr><td class="headerpr" height="20"><?php echo gettext("Hosts"); ?> </td></tr> <tr> <td> <div style="height:100px;overflow:auto"> <table> <tr> <th> <?php echo gettext("Name"); ?> </th>