Пример #1
0
}
if (!empty($ip_range)) {
    $search = 'WHERE inet_aton(ip) >= inet_aton("' . $ip_range[0] . '") and inet_aton(ip) <= inet_aton("' . $ip_range[1] . '")';
} elseif (!empty($by_ip)) {
    $search = "WHERE ip like '%{$search}%'";
} elseif (!empty($search) && !empty($field)) {
    $search = "WHERE {$field} like '%{$search}%'";
} elseif (!empty($search)) {
    $search = "WHERE ip like '%{$search}%' OR hostname like '%{$search}%'";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$db = new ossim_db();
$conn = $db->connect();
$xml = "";
$host_list = Host::get_list($conn, "{$search}", "ORDER BY {$order} {$limit}");
if ($host_list[0]) {
    $total = $host_list[0]->get_foundrows();
    if ($total == 0) {
        $total = count($host_list);
    }
} else {
    $total = 0;
}
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($host_list as $host) {
    $ip = $host->get_ip();
    $xml .= "<row id='{$ip}'>";
    $name = "<a href=\"../report/index.php?host={$ip}\">" . $host->get_hostname() . "</a>";
Пример #2
0
if ($_REQUEST["insert_response"]) {
    /* insert response-action policy */
    Response::insert($conn, $_SESSION["_response_descr"], $_SESSION["_response_source_net"], $_SESSION["_response_source_host"], $_SESSION["_response_dest_net"], $_SESSION["_response_dest_host"], $_SESSION["_response_sensor"], $_SESSION["_response_source_port"], $_SESSION["_response_dest_port"], $_SESSION["_response_plugin"], $_SESSION["_response_action"]);
    /* clean session variables */
    foreach ($RESPONSE_OBJECTS as $object) {
        unset($_SESSION["_response_" . $object]);
    }
    unset($_SESSION["_response_descr"]);
    echo '<p align="center">Response-Action policy inserted<br/>
          <a href="response.php">Back</a></p>';
    print '</body></html>';
    exit;
}
/* hosts */
require_once 'classes/Host.inc';
$host_list = Host::get_list($conn);
$hosts[] = array("value" => ANY, "name" => "ANY");
foreach ($host_list as $h) {
    $hosts[] = array("value" => $h->get_ip(), "name" => $h->get_hostname() . " (" . $h->get_ip() . ")");
}
/* nets */
require_once 'classes/Net.inc';
$net_list = Net::get_list($conn);
$nets[] = array("value" => ANY, "name" => "ANY");
foreach ($net_list as $n) {
    $nets[] = array("value" => $n->get_name(), "name" => $n->get_name());
}
/* sensors */
require_once 'classes/Sensor.inc';
$sensor_list = Sensor::get_list($conn);
$sensors[] = array("value" => ANY, "name" => "ANY");
Пример #3
0
     }
     if ($i > $to) {
         $html .= "{ key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/host_group.png', title:'" . _("next") . " {$maxresults} " . _("hosts") . "' },";
     }
     if ($html != "") {
         $buffer .= preg_replace("/,\$/", "", $html);
     }
     $buffer .= "]";
     if ($buffer == "" || $buffer == "[]") {
         echo "[{title:'" . _("No Hosts Found") . "', noLink:true}]";
     } else {
         echo $buffer;
     }
 } else {
     if (preg_match("/host_(.*)/", $key, $found)) {
         $host_data = Host::get_list($conn, "where ip='" . $found[1] . "'");
         $hname = $host_data[0]->get_hostname();
         if ($hname != $found[1]) {
             $fqdns[] = $hname;
         }
         $all_fqdn = explode(",", $host_data[0]->get_fqdns());
         foreach ($all_fqdn as $fqdn) {
             $fqdn = trim($fqdn);
             if ($fqdn != "") {
                 $fqdns[] = $fqdn;
             }
         }
         $buffer = "[";
         $name = "";
         if ($found[1] != $hname) {
             $ip = $found[1];
Пример #4
0
		<tr><td class="nobborder" style="text-align:center"><?php 
    echo _("All host filtered. No results found.");
    ?>
</td></tr>
		<tr>
			<td class="nobborder" style="padding-top:10px;text-align:center">
				<input type="button" value="Back" onclick="document.location.href='<?php 
    echo GET('userfriendly') ? "userfriendly.php" : "inventory_search.php";
    ?>
'" class="button"/>
			</td>
		</tr>
	</table>
<?php 
} elseif (!$errors) {
    $hosts = Host::get_list($conn);
    $_SESSION['inventory_search']['result']['list'] = array();
    $host_objects = array();
    foreach ($hosts as $host_obj) {
        $host_objects[$host_obj->get_ip()] = $host_obj;
    }
    foreach ($host_list as $ip) {
        if ($host_objects[$ip] != "") {
            $_SESSION['inventory_search']['result']['list'][] = $host_objects[$ip];
        } else {
            $obj = new Host($ip, $ip, 0, 0, 0, "", 0, 0, null, "", 0, 0, 0);
            $_SESSION['inventory_search']['result']['list'][] = $obj;
        }
    }
    $total = count($_SESSION['inventory_search']['result']['list']);
    $last_page = floor(($total - 1) / $max_rows) + 1;
Пример #5
0
    print _("You don't have permissions to view the risk maps reports");
    exit;
}
$db = new ossim_db();
$conn = $db->connect();
$type = $_GET["type"];
$default = $_GET["default"];
$id = $_GET["id"];
ossim_valid($type, OSS_ALPHA, OSS_SCORE, 'illegal:' . _("type"));
ossim_valid($id, OSS_DIGIT, OSS_ALPHA, OSS_PUNC, OSS_SPACE, ".", 'illegal:' . _("id"));
if (ossim_error()) {
    die(ossim_error());
}
switch ($type) {
    case "host":
        $host = Host::get_list($conn, " where ip='" . $id . "' or hostname='" . $id . "'");
        $id = $host[0]->ip;
        $hostname = $host[0]->hostname;
        echo "<h1 align=\"center\">" . gettext("Report") . " " . gettext("for") . " {$type} {$id} </h1>";
        ?>

<center>
[
<a href="/ossim/control_panel/alarm_console.php?hide_search=1&date_from=&date_to=&src_ip=<?php 
        echo $id;
        ?>
&dst_ip=<?php 
        echo $id;
        ?>
&num_alarms_page=10&hide_closed=1" target="_report"> <?php 
        echo gettext("Alarms");
Пример #6
0
            $groups[$group]['max_a_date'] = $score['max_a_date'];
        }
    }
    // If there is no threshold specified for a network, pick the group threshold
    // Changed: get networks by AJAX
    $net_threshold_a = $rs->fields['net_threshold_a'] ? $rs->fields['net_threshold_a'] : $group_threshold_a;
    $net_threshold_c = $rs->fields['net_threshold_c'] ? $rs->fields['net_threshold_c'] : $group_threshold_c;
    $groups[$group]['nets'][$net] = array('name' => $net, 'threshold_a' => $net_threshold_a, 'threshold_c' => $net_threshold_c, 'max_a' => $score['max_a'], 'max_c' => $score['max_c'], 'max_a_date' => $score['max_a_date'], 'max_c_date' => $score['max_c_date'], 'address' => $rs->fields['net_address'], 'current_a' => $net_current_a, 'current_c' => $net_current_c, 'has_perms' => $has_perms, 'group' => $group);
    $rs->MoveNext();
}
////////////////////////////////////////////////////////////////
// Hosts
////////////////////////////////////////////////////////////////
$host_where = "";
if ($allowed_sensors != "" || $allowed_nets != "") {
    $hosts_aux = Host::get_list($conn);
    $hosts = "";
    foreach ($hosts_aux as $host) {
        $hosts .= $hosts != "" ? ",'" . $host->get_ip() . "'" : "'" . $host->get_ip() . "'";
    }
    if ($hosts != "") {
        $host_where = " AND control_panel.id in ({$hosts})";
    }
}
$sql = "SELECT\r\n            control_panel.id,\r\n            control_panel.max_c,\r\n            control_panel.max_a,\r\n            control_panel.max_c_date,\r\n            control_panel.max_a_date,\r\n            host.threshold_a,\r\n            host.threshold_c,\r\n            host.hostname\r\n        FROM\r\n            control_panel\r\n        LEFT JOIN host ON control_panel.id = host.ip\r\n        WHERE\r\n            control_panel.time_range = ? AND\r\n            control_panel.rrd_type = 'host'{$host_where}";
$params = array($range);
if (!($rs =& $conn->Execute($sql, $params))) {
    die($conn->ErrorMsg());
}
$hosts = $ext_hosts = array();
$global_a = $global_c = 0;
Пример #7
0
 if ($key == "net") {
     echo Net::draw_nets_by_class($conn, $key, $filter, $length_name);
 } else {
     if (preg_match("/^.class_(.*)/", $key, $found)) {
         echo Net::draw_nets_by_class($conn, $key, $filter, $length_name);
     } else {
         if (preg_match("/net_(.*)/", $key, $found)) {
             $hostin = array();
             if ($net_list1 = Net::get_list($conn, "name='" . base64_decode($found[1]) . "'")) {
                 require_once "classes/CIDR.inc";
                 foreach ($net_list1 as $net) {
                     $net_name = $net->get_name();
                     $nets_ips = explode(",", $net->get_ips());
                     foreach ($nets_ips as $net_ips) {
                         $net_range = CIDR::expand_CIDR($net_ips, "SHORT", "IP");
                         $host_list_aux = Host::get_list($conn, "WHERE inet_aton(ip)>=inet_aton('" . $net_range[0] . "') && inet_aton(ip)<=inet_aton('" . $net_range[1] . "')", "ORDER BY ip");
                         foreach ($host_list_aux as $h) {
                             $hostin[$h->get_ip()] = $h->get_hostname();
                         }
                     }
                 }
             }
             $k = 0;
             $html = "";
             $buffer .= "[";
             foreach ($hostin as $ip => $host_name) {
                 if ($k >= $from && $k < $to) {
                     $host_key = utf8_encode($key . $k);
                     $hname = $host_name == $ip ? "" : $host_name;
                     $aux_hname = strlen($hname) > $length_name ? substr($hname, 0, $length_name) . "..." : $hname;
                     $title = $hname == '' ? $ip : "{$ip} <font style=\"font-size:80%\">(" . Util::htmlentities($aux_hname) . ")</font>";
Пример #8
0
$maxresults = 200;
$to = $page * $maxresults;
$from = $to - $maxresults;
$nextpage = $page + 1;
$cachefile = "/var/ossim/sessions/" . $_SESSION["_user"] . "_hostgroup_" . base64_encode($key . $filter) . "_{$page}.json";
if (file_exists($cachefile)) {
    readfile($cachefile);
    exit;
}
$buffer = "";
$db = new ossim_db();
$conn = $db->connect();
$ossim_hosts = $all_hosts = $filterhosts = array();
$total_hosts = 0;
$ossim_nets = array();
if ($host_list = Host::get_list($conn, "", "ORDER BY hostname")) {
    foreach ($host_list as $host) {
        $hname = Util::utf8entities($host->get_hostname());
        if ($filter == "" || $filter != "" && (preg_match("/{$filter}/i", $host->get_ip()) || preg_match("/{$filter}/i", $hname))) {
            $hip = $host->get_ip();
            $ossim_hosts[$hip] = trim($hname) != "" ? $hname : $hip;
            $cclas = preg_replace("/(\\d+\\.)(\\d+\\.)(\\d+)\\.\\d+/", "\\1\\2\\3", $hip);
            $all_hosts[$cclas][] = $hip;
            $total_hosts++;
        }
    }
}
uasort($all_hosts, 'cmpf');
if ($key == "os") {
    if ($hg_list = Host_os::get_os_list($conn, $ossim_hosts, $filter)) {
        $j = 0;
Пример #9
0
function draw_members_select($form_data)
{
    global $conn, $id;
    $resp = new xajaxResponse();
    $type = $form_data['member_type'];
    // The user selected the empty type
    if (!$type) {
        $resp->AddAssign("members_select", "innerHTML", _("Please select a type"));
        return $resp;
    }
    //
    // Get the list of members of the given type
    //
    $options = array();
    switch ($type) {
        case 'host':
            include_once 'classes/Host.inc';
            $list = Host::get_list($conn, "", 'ORDER BY hostname');
            print_r($list);
            foreach ($list as $obj) {
                $descr = $obj->get_descr();
                if (strlen($descr) > 50) {
                    $descr = substr($descr, 0, 47) . '...';
                }
                $options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr;
            }
            break;
        case 'net':
            include_once 'classes/Net.inc';
            $list = Net::get_list($conn, "", 'ORDER BY name');
            foreach ($list as $obj) {
                $descr = $obj->get_descr();
                if (strlen($descr) > 50) {
                    $descr = substr($descr, 0, 47) . '...';
                }
                $options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr;
            }
            break;
        case 'host_group':
            include_once 'classes/Host_group.inc';
            $list = Host_group::get_list($conn, "", 'ORDER BY name');
            foreach ($list as $obj) {
                $descr = $obj->get_descr();
                if (strlen($descr) > 50) {
                    $descr = substr($descr, 0, 47) . '...';
                }
                $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
            }
            break;
        case 'net_group':
            include_once 'classes/Net_group.inc';
            $list = Net_group::get_list($conn, '', 'ORDER BY name');
            foreach ($list as $obj) {
                $descr = $obj->get_descr();
                if (strlen($descr) > 50) {
                    $descr = substr($descr, 0, 47) . '...';
                }
                $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr;
            }
            break;
    }
    //
    // Build the SELECT tag
    //
    $html = '<select name="member_name">';
    foreach ($options as $name => $description) {
        $html .= "<option value='{$name}'>{$description}</option>";
    }
    $html .= '</select>';
    $resp->AddAssign("members_select", "innerHTML", $html);
    return $resp;
}
Пример #10
0
    die(ossim_error());
}
$db = new ossim_db();
$conn = $db->connect();
$credential_type = Host::get_credentials_type($conn);
if (isset($_SESSION['_credentials'])) {
    $hostname = $_SESSION['_credentials']['hostname'];
    $ip = $_SESSION['_credentials']['ip'];
    $type = $_SESSION['_credentials']['type'];
    $user_ct = $_SESSION['_credentials']['user_ct'];
    $pass_ct = $_SESSION['_credentials']['pass_ct'];
    $pass_ct2 = $_SESSION['_credentials']['pass_ct2'];
    $extra = $_SESSION['_credentials']['extra'];
    unset($_SESSION['_credentials']);
} else {
    if ($host_list = Host::get_list($conn, "WHERE ip = '{$ip}'")) {
        $host = $host_list[0];
    }
    if (!empty($host)) {
        $hostname = $host->get_hostname();
        $ip = $host->get_ip();
        $credentials = array();
        $credentials = Host::get_credentials_ip($conn, $ip);
        if ($action == "edit") {
            $credentials_id = Host::get_credentials_id($conn, $id);
            $type = $credentials_id['type'];
            $user_ct = $credentials_id['username'];
            $pass_ct = $pass_ct2 = Util::fake_pass($credentials_id['password']);
            $extra = $credentials_id['extra'];
        }
    }
Пример #11
0
function getHostList()
{
    global $conn;
    if ($host_list = Host::get_list($conn, '', '')) {
        return $host_list;
    }
    return "";
}
Пример #12
0
        return "white";
    } else {
        return "black";
    }
}
$framework_conf = $GLOBALS["CONF"];
$graph_link = $framework_conf->get_conf("graph_link");
$image1 = "{$graph_link}?ip={$host}&what=compromise&start=N-24h&end=N&type=host&zoom=1";
$image2 = "{$graph_link}?ip={$host}&what=compromise&start=N-7D&end=N&type=host&zoom=1";
$image3 = "{$graph_link}?ip={$host}&what=compromise&start=N-1M&end=N&type=host&zoom=1";
$image4 = "{$graph_link}?ip={$host}&what=compromise&start=N-1Y&end=N&type=host&zoom=1";
/* connect to db */
$db = new ossim_db();
$conn = $db->connect();
/* get thresholds */
if ($list = Host::get_list($conn, "WHERE ip = '{$host}'")) {
    $threshold_c = $list[0]->get_threshold_c();
    $threshold_a = $list[0]->get_threshold_a();
} else {
    $threshold_c = $threshold_a = $framework_conf->get_conf("threshold");
}
/* max C */
$list = Control_panel_host::get_list($conn, "WHERE id = '{$host}' ORDER BY time_range", 3);
if (isset($list[0])) {
    $max_c["day"] = $list[0]->get_max_c();
    $max_c_date["day"] = $list[0]->get_max_c_date();
}
if (isset($list[1])) {
    $max_c["month"] = $list[1]->get_max_c();
    $max_c_date["month"] = $list[1]->get_max_c_date();
}
Пример #13
0
					</td>
				</tr>
			</table>
		</td>
	</tr>
	<tr>
		<td>
			<table>
				<tr>
				<td width="70%" valign="top">
					<table>
						<?php 
$exp = CIDR::expand_CIDR($host, "SHORT", "IP");
$host_s_range = $exp[0];
$host_e_range = end($exp);
$host_list = Host::get_list($conn, "WHERE INET_ATON(ip) >= INET_ATON('{$host_s_range}') AND INET_ATON(ip) <= INET_ATON('{$host_e_range}')");
if (count($host_list) > 0) {
    ?>
						<tr><td class="headerpr" height="20"><?php 
    echo gettext("Hosts");
    ?>
</td></tr>
						<tr>
							<td>
							<div style="height:100px;overflow:auto">
							<table>
								<tr>
									<th> <?php 
    echo gettext("Name");
    ?>
									</th>