<img src="../pixmaps/gauge-red.jpg" height="5" width="<?php echo $BAR_LENGTH_RIGHT; ?> "> </td> </tr> <!-- end rule for threshold --> <?php if ($net_stats) { foreach ($net_stats as $stat) { $net = $stat->get_net_name(); if (!Net_group::isNetInGroup($conn, $expand, $net)) { if ($stat->get_compromise() < Net::netthresh_c($conn, $net) && $stat->get_attack() < Net::netthresh_a($conn, $net) && Net_group::isNetInAnyGroup($conn, $net)) { continue; } } /* get net threshold */ if ($net_list = Net::get_list($conn, "name = '{$net}'")) { $threshold_c = $net_list[0]->get_threshold_c(); $threshold_a = $net_list[0]->get_threshold_a(); } else { $threshold_c = $threshold_a = $THRESHOLD_DEFAULT; } /* calculate proportional bar width */ $width_c = ($compromise = $stat->get_compromise()) / $threshold_c * $BAR_LENGTH_LEFT; $width_a = ($attack = $stat->get_attack()) / $threshold_a * $BAR_LENGTH_LEFT; ?>
"/> </head> <body> <?php if (POST('insert')) { if ($data['status'] == 'error') { $txt_error = "<div>" . _("The following errors occurred") . ":</div>\n \t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $validation_errors) . "</div>"; $config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => false), 'style' => 'width: 80%; margin: 20px auto; text-align: left;'); $nt = new Notification('nt_1', $config_nt); $nt->show(); exit; } $db = new ossim_db(); $conn = $db->connect(); $new_id = Net_group::insert($conn, $ctx, $ngname, $rrd_profile, $networks, $descr); $db->close(); Util::memcacheFlush(); } ?> <script type='text/javascript'> if (!parent.is_lightbox_loaded(window.name)) { document.location.href="netgroup.php?msg=saved"; } else { document.location.href="netgroup_form.php?id=<?php echo $new_id; ?> &msg=saved";
function GetOssimNetworkGroups() { require_once "classes/Net_group.inc"; require_once 'ossim_db.inc'; $db = new ossim_db(); $conn = $db->connect(); $pg = array(); $groups = Net_group::get_list($conn, "", " ORDER BY name"); foreach ($groups as $ng) { $pg[] = $ng->get_name(); } $conn->disconnect(); return $pg; }
if (!check_any($dest_net->get_net_id())) { $dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/net.png' align=absbottom /> " . Asset_net::get_name_by_id($conn, $dest_net->get_net_id()); } } } if ($dest_host_list = $policy->get_host_groups($conn, 'dest')) { foreach ($dest_host_list as $dest_host_group) { if (!check_any($dest_host_group->get_host_group_id())) { $dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/host_group.png' align=absbottom /> " . Asset_group::get_name_by_id($conn, $dest_host_group->get_host_group_id()); } } } if ($dest_net_list = $policy->get_net_groups($conn, 'dest')) { foreach ($dest_net_list as $dest_net_group) { if (!check_any($dest_net_group->get_net_group_id())) { $dest .= ($dest == "" ? "" : "<br/>") . "<img src='../pixmaps/theme/net_group.png' align=absbottom /> " . Net_group::get_name_by_id($conn, $dest_net_group->get_net_group_id()); } } } if (empty($dest)) { $dest = "<img src='../pixmaps/theme/host.png' align=absbottom />" . _('ANY'); } $xml .= "<cell><![CDATA[" . $dest . "]]></cell>"; //Ports source $ports = ""; if ($port_list = $policy->get_ports($conn, 'source')) { foreach ($port_list as $port_group) { if (!check_any($port_group->get_port_id())) { $ports .= ($ports == "" ? "" : "<br/>") . Port_group::get_name_by_id($conn, $port_group->get_port_id()); } }
function main_page($viewall, $sortby, $sortdir) { global $uroles, $username, $dbconn; global $arruser, $user, $rs_page; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $tz = Util::get_timezone(); if ($sortby == "") { $sortby = "id"; } if ($sortdir == "") { $sortdir = "DESC"; } $sql_order = "order by {$sortby} {$sortdir}"; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { ?> <div style="width:50%; position: relative; height: 5px; float:left"> <div style="width:100%; position: absolute; top: -41px;left:0px;"> <div style="float:left; height:28px; margin:5px 5px 0px 0px;"> <a class="button" href="<?php echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs'); ?> "> <?php echo _("New Scan Job"); ?> </a> </div> <div style="float:left;height:28px;margin:5px 5px 0px -2px;"> <a class="greybox button av_b_secondary" href="import_nbe.php" title="<?php echo _("Import nbe file"); ?> "> <?php echo _("Import nbe file"); ?> </a> </div> </div> </div> <?php } if (intval($_GET['page']) != 0) { $page = intval($_GET['page']); } else { $page = 1; } $pagesize = 10; if ($username == "admin") { $query = "SELECT count(id) as num FROM vuln_jobs WHERE status !='R'"; } else { $query = "SELECT count(id) as num FROM vuln_jobs where username='******' WHERE status !='R'"; } $result = $dbconn->Execute($query); $jobCount = $result->fields["num"]; $num_pages = ceil($jobCount / $pagesize); //echo "num_pages:[".$num_pages."]"; //echo "jobCount:[".$jobCount."]"; //echo "page:[".$page."]"; if (Vulnerabilities::scanner_type() == "omp") { // We can display scan status with OMP protocol echo Vulnerabilities::get_omp_running_scans($dbconn, $rs_page); } else { // Nessus all_jobs(0, 10, "R"); } ?> <?php $schedulejobs = _("Scheduled Jobs"); echo <<<EOT <table style='margin-top:20px;' class='w100 transparent'><tr><td class='sec_title'>{$schedulejobs}</td></tr></table> <table summary="Job Schedules" class='w100 table_list'> EOT; if ($sortdir == "ASC") { $sortdir = "DESC"; } else { $sortdir = "ASC"; } $arr = array("name" => "Name", "schedule_type" => "Schedule Type", "time" => "Time", "next_CHECK" => "Next Scan", "enabled" => "Status"); // modified by hsh to return all scan schedules if (empty($arruser)) { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id "; } else { $query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id WHERE username in ({$user}) "; } $query .= $sql_order; $result = $dbconn->execute($query); if ($result->EOF) { echo "<tr><td class='empty_results' height='20' style='text-align:center;'>" . _("No Scheduled Jobs") . "</td></tr>"; } if (!$result->EOF) { echo "<tr>"; foreach ($arr as $order_by => $value) { echo "<th><a href=\"manage_jobs.php?sortby={$order_by}&sortdir={$sortdir}\">" . _($value) . "</a></th>"; } if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<th>" . _("Action") . "</th></tr>"; } } $colors = array("#FFFFFF", "#EEEEEE"); $color = 0; while (!$result->EOF) { list($profile, $targets, $schedid, $schedname, $schedtype, $sid, $timeout, $user, $schedstatus, $nextscan, $servers) = $result->fields; $name = Av_sensor::get_name_by_id($dbconn, $servers); $servers = $name != '' ? $name : _('First Available Sensor'); $targets_to_resolve = explode("\n", $targets); $ttargets = array(); foreach ($targets_to_resolve as $id_ip) { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+\\/\\d{1,2}/i", $id_ip, $found) && Asset_net::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_net::get_name_by_id($dbconn, $found[1]) . ")"; } else { if (preg_match("/^([a-f\\d]{32})#\\d+\\.\\d+\\.\\d+\\.\\d+/i", $id_ip, $found) && Asset_host::is_in_db($dbconn, $found[1])) { $ttargets[] = preg_replace("/^([a-f\\d]{32})#/i", "", $id_ip) . " (" . Asset_host::get_name_by_id($dbconn, $found[1]) . ")"; } else { if (preg_match("/^([a-f\\d]{32})#hostgroup/i", $id_ip, $found)) { $hostgroup_name = Asset_group::get_name_by_id($dbconn, $found[1]); $ttargets[] = $hostgroup_name == _('Unknown') ? _('Unknown hostgroup') : $hostgroup_name; } else { if (preg_match("/^([a-f\\d]{32})#netgroup/i", $id_ip, $found)) { $netgroup_name = Net_group::get_name_by_id($dbconn, $found[1]); $ttargets[] = $netgroup_name == _('Unknown') ? _('Unknown netgroup') : $netgroup_name; } else { $ttargets[] = preg_replace("/[a-f\\d]{32}/i", "", $id_ip); } } } } } $targets = implode("<BR/>", $ttargets); $tz = intval($tz); $nextscan = gmdate("Y-m-d H:i:s", Util::get_utc_unixtime($nextscan) + 3600 * $tz); preg_match("/\\d+\\-\\d+\\-\\d+\\s(\\d+:\\d+:\\d+)/", $nextscan, $found); $time = $found[1]; switch ($schedtype) { case "N": $stt = _("Once (Now)"); break; case "O": $stt = _("Once"); break; case "D": $stt = _("Daily"); break; case "W": $stt = _("Weekly"); break; case "M": $stt = _("Monthly"); break; case "Q": $stt = _("Quarterly"); break; case "H": $stt = _("On Hold"); break; case "NW": $stt = _("N<sup>th</sup> week of the month"); break; default: $stt = " "; break; } switch ($schedstatus) { case "1": $itext = _("Disable Scheduled Job"); $isrc = "images/stop_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=0"; break; default: $itext = _("Enable Scheduled Job"); $isrc = "images/play_task.png"; $ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=1"; break; } if (!Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { $ilink = "javascript:return false;"; } if ($schedstatus) { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"green\">" . _("Enabled") . "</font></a></td>"; } else { $txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"red\">" . _("Disabled") . "</font></a></td>"; } require_once 'classes/Security.inc'; if (valid_hex32($user)) { $user = Session::get_entity_name($dbconn, $user); } echo "<tr bgcolor=\"" . $colors[$color % 2] . "\">"; if ($profile == "") { $profile = _("Default"); } echo "<td><span class=\"tip\" title=\"<b>" . _("Owner") . ":</b> {$user}<br><b>" . _("Sensor") . ":</b> {$servers}<br /><b>" . _("Scheduled Job ID") . ":</b> {$schedid}<br><b>" . _("Profile") . ":</b> {$profile}<br><b>" . _("Targets") . ":</b><br>" . $targets . "\">{$schedname}</span></td>"; ?> <td><?php echo $stt; ?> </td> <td><?php echo $time; ?> </td> <td><?php echo $nextscan; ?> </td> <?php echo <<<EOT {$txt_enabled} <td style="padding-top:2px;"><a href="{$ilink}"><img alt="{$itext}" src="{$isrc}" border=0 title="{$itext}"></a> EOT; if (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) { echo "<a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=edit_sched&sched_id=' . $schedid . '&status=' . intval($schedstatus), 'environment', 'vulnerabilities', 'scan_jobs') . "'><img src='images/pencil.png' title='" . _("Edit Scheduled") . "'></a> "; echo "<a href='manage_jobs.php?disp=delete&schedid={$schedid}' onclick='return confirmDelete();'><img src='images/delete.gif' title='" . gettext("Delete Scheduled") . "'></a>"; } echo "</td>"; echo <<<EOT </tr> EOT; $result->MoveNext(); $color++; } echo <<<EOT </table> EOT; ?> <br /> <?php $out = all_jobs(($page - 1) * $pagesize, $pagesize); ?> <table width="100%" align="center" class="transparent" cellspacing="0" cellpadding="0"> <tr> <td class="nobborder" valign="top" style="padding-top:5px;"> <div class="fright"> <?php if ($out != 0 && $num_pages != 1) { $page_url = "manage_jobs.php"; if ($page == 1 && $page == $num_pages) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } elseif ($page == 1) { echo '<a href="" class="link_paginate_disabled" onclick="return false">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '&rs_page=' . $rs_page . '">' . _("NEXT") . ' ></a> '; } elseif ($page == $num_pages) { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '&rs_page=' . $rs_page . '">< ' . _("PREVIOUS") . '</a>'; echo '<a class="lmargin link_paginate_disabled" href="" onclick="return false">' . _("NEXT") . ' ></a>'; } else { echo '<a href="' . $page_url . '?page=' . ($page - 1) . '&rs_page=' . $rs_page . '">< ' . _("PREVIOUS") . '</a><a class="lmargin" href="' . $page_url . '?page=' . ($page + 1) . '&rs_page=' . $rs_page . '">' . _("NEXT") . ' ></a>'; } } ?> </div> </td> </tr> </table> <?php }
function GetOssimNetworkGroups() { $db = new ossim_db(); $conn = $db->connect(); $pg = array(); $groups = Net_group::get_list($conn, "", " ORDER BY name"); foreach ($groups as $ng) { $pg[$ng->get_id()] = $ng->get_name(); } $db->close($conn); return $pg; }
$rs = $conn->Execute($sql, $params); if (!$rs) { Av_exception::write_log(Av_exception::DB_ERROR, $conn->ErrorMsg()); exit; } if ($rs->RecordCount() == "0") { // check if asset exist $sql = "INSERT INTO bp_asset_member (id, member, type) VALUES (0, UNHEX(?), ?)"; $rs = $conn->Execute($sql, $params); if (!$rs) { Av_exception::write_log(Av_exception::DB_ERROR, $conn->ErrorMsg()); exit; } // For net_group insert all related networks if ($asset_type == 'net_group' || $asset_type == 'netgroup') { $networks = Net_group::get_networks($conn, $asset_id); foreach ($networks as $network) { $net_id = $network->get_net_id(); $sql = "INSERT INTO bp_asset_member (id, member, type) VALUES (0, UNHEX(?), ?)"; $conn->Execute($sql, array($net_id, "net")); } } } } // Random position to prevent overlaping $x = rand(50, 250); $y = rand(50, 150); $params = array($alarm_name, $map, $url, $asset_type, $asset_id, $icon, $x, $y, $iconsize); $sql = "INSERT INTO risk_indicators (name, map, url, type, type_name, icon, x, y, w, h, size) VALUES (?,UNHEX(?),?,?,?,?,?,?,80,70,?)"; $rs = $conn->Execute($sql, $params); if (!$rs) {
case 'net': try { $net = Asset_net::get_object($conn, $keyname); } catch (Exception $e) { $net = NULL; } if (is_object($net)) { $vars['_NET_CIDR'] = $net->get_ips(); $vars['_NET_NAME'] = $net->get_name(); } break; case 'host_group': $vars['_HG_NAME'] = Asset_group::get_name_by_id($conn, $keyname); break; case 'net_group': $vars['_NG_NAME'] = Net_group::get_name_by_id($conn, $keyname); break; } if (count($repository_list) > 0) { $parser = new KDB_Parser(); $parser->load_session_vars($vars); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo gettext("OSSIM Framework"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <meta http-equiv="Pragma" CONTENT="no-cache"/>
} } if (ossim_error()) { $db->close(); echo "<rows>\n<page>1</page>\n<total>0</total>\n</rows>\n"; exit; } if (!empty($order)) { $order .= POST('sortorder') == "asc" ? "" : " desc"; } else { $order = "name"; } $start = ($page - 1) * $rp; $limit = "LIMIT {$start}, {$rp}"; $xml = ''; $net_group_list = Net_group::get_list($conn, $where, "ORDER BY {$order} {$limit}"); if ($net_group_list[0]) { $total = $net_group_list[0]->get_foundrows(); if ($total == 0) { $total = count($net_group_list); } } else { $total = 0; } $xml .= "<rows>\n"; $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($net_group_list as $net_group) { $name = $net_group->get_name(); $id = $net_group->get_id(); $xml .= "<row id='" . $id . "'>";
"/> </head> <body> <?php if (POST('insert') && empty($data['data']['id'])) { if ($data['status'] == 'error') { $txt_error = "<div>" . _("The following errors occurred") . ":</div>\n \t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $validation_errors) . "</div>"; $config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => false), 'style' => 'width: 80%; margin: 20px auto; text-align: left;'); $nt = new Notification('nt_1', $config_nt); $nt->show(); exit; } $db = new ossim_db(); $conn = $db->connect(); Net_group::update($conn, $id, $ctx, $ngname, $rrd_profile, $networks, $descr); Net_group_scan::delete($conn, $id, 3001); $db->close(); Util::memcacheFlush(); ?> <script type='text/javascript'> if (!parent.is_lightbox_loaded(window.name)) { document.location.href="netgroup.php?msg=created"; } else { document.location.href="netgroup_form.php?id=<?php echo $id; ?>
****************************************************************************/ /** * Class and Function List: * Function list: * Classes list: */ // menu authentication require_once "classes/Session.inc"; require_once "ossim_db.inc"; require_once "classes/Net.inc"; require_once "classes/Scan.inc"; require_once "classes/Sensor.inc"; Session::logcheck("MenuPolicy", "ToolsScan"); $db = new ossim_db(); $conn = $db->connect(); $net_group_list = Net_group::get_list($conn); $net_list = Net::get_list($conn); $assets = array(); foreach ($net_list as $_net) { $assets_aux[] = '{ txt:"NET:' . $_net->get_name() . ' [' . $_net->get_ips() . ']", id: "' . $_net->get_ips() . '" }'; } $host_list = Host::get_list($conn); foreach ($host_list as $_host) { $assets_aux[] = '{ txt:"HOST:' . $_host->get_ip() . ' [' . $_host->get_hostname() . ']", id: "' . $_host->get_ip() . '/32" }'; } $host_group_list = Host_group::get_list($conn); foreach ($host_group_list as $_host_group) { $hosts = $_host_group->get_hosts($conn, $_host_group->get_name()); $ids = null; foreach ($hosts as $k => $v) { $ids .= $v->get_host_ip() . "/32 ";
require_once 'av_init.php'; Session::logcheck('environment-menu', 'PolicyNetworks'); $db = new ossim_db(); $conn = $db->connect(); $id = GET('id'); $msg = GET('msg'); ossim_valid($id, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _('Network Group ID')); if (ossim_error()) { die(ossim_error()); } $networks = array(); $conf = $GLOBALS['CONF']; $threshold_a = $threshold_c = $conf->get_conf('threshold'); $descr = ''; if ($id != '') { if ($net_group_list = Net_group::get_list($conn, " g.id = UNHEX('{$id}')")) { $net_group = $net_group_list[0]; $ngname = $net_group->get_name(); $ctx = $net_group->get_ctx(); $descr = $net_group->get_descr(); $threshold_c = $net_group->get_threshold_c(); $threshold_a = $net_group->get_threshold_a(); $obj_networks = $net_group->get_networks($conn); foreach ($obj_networks as $net) { $net_id = $net->get_net_id(); $filters = array('where' => "id = UNHEX('" . $net_id . "')"); $_aux_net_list = Asset_net::get_list($conn, '', $filters); $networks[$net->get_net_id()] = $_aux_net_list[0][$net_id]; } $rrd_profile = $net_group->get_rrd_profile(); if (!$rrd_profile) {
// Nmap status $ttargets[$target]['nmap_scan'] = $snmap; // Load $ttargets[$target]['load'] = $load; } // group targets by group and sensors $result = array(); foreach ($ttargets as $target => $target_data) { if (Av_sensor::is_in_db($conn, $target_data['sensor']) == TRUE) { if (!empty($target_data['hostgroup_id'])) { $result_key = $target_data['hostgroup_id'] . '#hostgroup#' . $target_data['sensor']; $result[$result_key]['name'] = Asset_group::get_name_by_id($conn, $target_data['hostgroup_id']); } else { if (!empty($target_data['netgroup_id'])) { $result_key = $target_data['netgroup_id'] . '#netgroup#' . $target_data['sensor']; $result[$result_key]['name'] = Net_group::get_name_by_id($conn, $target_data['netgroup_id']); } else { $result_key = $target . '#' . $target_data['sensor']; $result[$result_key]['name'] = $target_data['name']; } } $result[$result_key]['ips'][] = $target; $result[$result_key]['sensor'] = $target_data['sensor']; $result[$result_key]['sperm'] = empty($result[$result_key]['sperm']) || $result[$result_key]['sperm'] == 1 ? $target_data['sperm'] : $result[$result_key]['sperm']; $result[$result_key]['perm'] = empty($result[$result_key]['perm']) || $result[$result_key]['perm'] == 1 ? $target_data['perm'] : $result[$result_key]['perm']; $result[$result_key]['vs'] = empty($result[$result_key]['vs']) || $result[$result_key]['vs'] == 1 ? $target_data['vs'] : $result[$result_key]['vs']; $result[$result_key]['snmap'] = empty($result[$result_key]['snmap']) || $result[$result_key]['snmap'] == 1 ? $target_data['snmap'] : $result[$result_key]['snmap']; // this field is the same for all group components $result[$result_key]['snames'] = $target_data['snames']; $result[$result_key]['load'] = $target_data['load']; $result[$result_key]['sensors_perms'] = $target_data['sensors_perms'];
$total = count($net_group_list); } } else { $total = 0; } $xml .= "<rows>\n"; $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($net_group_list as $net_group) { $name = $net_group->get_name(); $id = $net_group->get_id(); $xml .= "<row id='" . $id . "'>"; $link_modify = "<a class='a_name' style='font-weight:bold;' href=\"./netgroup_form.php?id=" . $id . "\">" . Util::htmlentities($name) . "</a>"; $xml .= "<cell><![CDATA[" . $link_modify . "]]></cell>"; $nets = ""; if ($network_list = Net_group::get_networks($conn, $net_group->get_id())) { foreach ($network_list as $network) { $net_id = $network->get_net_id(); $filters = array('where' => "id = UNHEX('" . $net_id . "')"); $_aux_net_list = Asset_net::get_list($conn, '', $filters); $aux_net_list = $_aux_net_list[0]; $nets .= ($nets == '' ? '' : ', ') . Util::htmlentities($aux_net_list[$net_id]['name']); } } $xml .= "<cell><![CDATA[" . $nets . "]]></cell>"; /* Nessus if ($scan_list = Net_group_scan::get_list($conn, "WHERE net_group_name = '$name' AND plugin_id = 3001")) { $scan_types = "<img src='../pixmaps/tables/tick.png'>"; } else { $scan_types = "<img src='../pixmaps/tables/cross.png'>"; }
function draw_members_select($form_data) { global $conn, $id; $resp = new xajaxResponse(); $type = $form_data['member_type']; // The user selected the empty type if (!$type) { $resp->AddAssign("members_select", "innerHTML", _("Please select a type")); return $resp; } // // Get the list of members of the given type // $options = array(); switch ($type) { case 'host': include_once 'classes/Host.inc'; $list = Host::get_list($conn, "", 'ORDER BY hostname'); print_r($list); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_ip()] = $obj->get_hostname() . ' ' . $obj->get_ip() . ' - ' . $descr; } break; case 'net': include_once 'classes/Net.inc'; $list = Net::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' ' . $obj->get_ips() . ' - ' . $descr; } break; case 'host_group': include_once 'classes/Host_group.inc'; $list = Host_group::get_list($conn, "", 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; case 'net_group': include_once 'classes/Net_group.inc'; $list = Net_group::get_list($conn, '', 'ORDER BY name'); foreach ($list as $obj) { $descr = $obj->get_descr(); if (strlen($descr) > 50) { $descr = substr($descr, 0, 47) . '...'; } $options[$obj->get_name()] = $obj->get_name() . ' - ' . $descr; } break; } // // Build the SELECT tag // $html = '<select name="member_name">'; foreach ($options as $name => $description) { $html .= "<option value='{$name}'>{$description}</option>"; } $html .= '</select>'; $resp->AddAssign("members_select", "innerHTML", $html); return $resp; }
if (isset($_GET['numnets']) && is_numeric($_GET['numnets'])) { $numnets = $_GET['numnets']; } else { $numnets = "10"; } //Refresh interval if (isset($_GET['refresh']) && is_numeric($_GET['refresh'])) { $refresh = $_GET['refresh']; } else { $refresh = 2; } $db = new ossim_db(); $conn = $db->connect(); // net groups $netgroups = array(); $ngs = Net_group::get_list($conn, "", ""); // get only allowed net_groups foreach ($ngs as $ng) { $rns = $ng->get_networks($conn); foreach ($rns as $rn) { $netgroups[$rn->get_net_group_name()][] = $rn->get_net_name(); } } // $nets_where = ""; if (Session::allowedNets() != "") { $nets = explode(",", Session::allowedNets()); foreach ($nets as $net) { $nets_where .= $nets_where != "" ? " OR net_name=\"" . Net::get_name_by_ip($conn, $net) . "\"" : " WHERE net_name=\"" . Net::get_name_by_ip($conn, $net) . "\""; } }
$buffer = "[{title:'" . _("No Sensors Found") . "', noLink:true}]"; } echo $buffer; } else { if (preg_match("/u_(.*)/", $key, $found)) { echo "["; echo "{ key:'u_" . $found[1] . "_net', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/net.png', title:'" . _("Networks") . "'},"; echo "{ key:'u_" . $found[1] . "_sensor', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/server.png', title:'" . _("Sensors") . "'},"; echo "{ key:'u_" . $found[1] . "_netgroup', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/net_group.png', title:'" . _("Network Groups") . "'}"; echo "]"; } else { if (preg_match("/e_(.*)_netgroup/", $key, $found)) { $entityPerms = Acl::entityPerms($conn, $found[1]); $all = count($entityPerms["assets"]); $nets_allowed = array_keys($entityPerms["assets"]); $net_groups = Net_group::get_list($conn); $netgroup_list = array(); foreach ($net_groups as $net_group) { $allowed = 0; $nets = $net_group->get_networks($conn, $net_group->get_name()); foreach ($nets as $net) { $net_ips = explode(",", $net->get_net_ips($conn)); if (!$all || Acl::cidrs_allowed($net_ips, $entityPerms["assets"])) { $allowed = 1; } } if ($allowed) { $netgroup_list[] = $net_group->get_name(); } } $buffer .= "[";
function get_indicator_asset_name($conn, $type, $asset_id) { $name = ''; switch ($type) { case 'host': $name = Asset_host::get_name_by_id($conn, $asset_id); break; case 'net': $name = Asset_net::get_name_by_id($conn, $asset_id); break; case 'hostgroup': case 'host_group': $name = Asset_group::get_name_by_id($conn, $asset_id); break; case 'net_group': case 'netgroup': $name = Net_group::get_name_by_id($conn, $asset_id); break; case 'sensor': $name = Av_sensor::get_name_by_id($conn, $asset_id); break; } $name = empty($name) ? _('Unknown') : $name; return $name; }
} } } if ($dest_net_list = $policy->get_nets($conn, 'dest')) { foreach ($dest_net_list as $dest_net) { $dests['net_' . $dest_net->get_net_id()] = check_any($dest_net->get_net_id()) ? _("ANY") : _("NETWORK") . ": " . Asset_net::get_name_by_id($conn, $dest_net->get_net_id()); } } if ($dest_host_list = $policy->get_host_groups($conn, 'dest')) { foreach ($dest_host_list as $dest_host_group) { $dests['hostgroup_' . $dest_host_group->get_host_group_id()] = check_any($dest_host_group->get_host_group_id()) ? _("ANY") : _("HOST_GROUP") . ": " . Asset_group::get_name_by_id($conn, $dest_host_group->get_host_group_id()); } } if ($dest_net_list = $policy->get_net_groups($conn, 'dest')) { foreach ($dest_net_list as $dest_net_group) { $dests['netgroup_' . $dest_net_group->get_net_group_id()] = check_any($dest_net_group->get_net_group_id()) ? _("ANY") : _("NETWORK_GROUP") . ": " . Net_group::get_name_by_id($conn, $dest_net_group->get_net_group_id()); } } //PORTS //source if ($port_list = $policy->get_ports($conn, 'source')) { foreach ($port_list as $port_group) { $ports_source[$port_group->get_port_id()] = check_any($port_group->get_port_id()) ? _("ANY") : Port_group::get_name_by_id($conn, $port_group->get_port_id()); } } //destiny if ($port_list = $policy->get_ports($conn, 'dest')) { foreach ($port_list as $port_group) { $ports_destiny[$port_group->get_port_id()] = check_any($port_group->get_port_id()) ? _("ANY") : Port_group::get_name_by_id($conn, $port_group->get_port_id()); } }
$group_scan_list = Net_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS); foreach ($group_scan_list as $group_scan) { $net_group_sensors = Net_group::get_sensors($conn, $group_scan->get_net_group_name()); echo "\n<script>\n"; echo "var " . $group_scan->get_net_group_name() . " = true;\n"; echo "</script>\n"; $sensor_string = ""; foreach ($net_group_sensors as $ng_sensor => $name) { if ($sensor_string == "") { $sensor_string .= $sensor_index[$name]; } else { $sensor_string .= "," . $sensor_index[$name]; } } $nets_string = ""; $nets = Net_group::get_networks($conn, $group_scan->get_net_group_name(), NESSUS); foreach ($nets as $net) { $name = $net->get_net_name(); if ($nets_string == "") { $nets_string .= $nets_index[$name]; } else { $nets_string .= "," . $nets_index[$name]; } } print "<li><a href=\"#\" onClick=\"return selectSomeNets('" . $group_scan->get_net_group_name() . "','" . $sensor_string . "','" . $nets_string . "');\">" . $group_scan->get_net_group_name() . "</a>"; } $group_scan_list = Host_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS); foreach ($group_scan_list as $group_scan) { $host_group_sensors = Host_group::get_sensors($conn, $group_scan->get_host_group_name()); echo "\n<script>\n"; echo "var " . $group_scan->get_host_group_name() . " = true;\n";
if (POST('withoutmenu') != "1") { include "../hmenu.php"; $get_param = "withoutmenu=0"; } else { $get_param = "name={$ngname}&withoutmenu=1"; } if (POST('insert')) { if ($error == true) { $txt_error = "<div>" . _("We Found the following errors") . ":</div><div style='padding:10px;'>" . implode("<br/>", $message_error) . "</div>"; Util::print_error($txt_error); Util::make_form("POST", "newnetgroupform.php?" . $get_param); die; } $db = new ossim_db(); $conn = $db->connect(); Net_group::insert($conn, $ngname, $threshold_c, $threshold_a, $rrd_profile, $networks, $descr); /*if (POST('nessus')) { Net_group_scan::insert($conn, $ngname, 3001, 0); }*/ $db->close($conn); Util::clean_json_cache_files("(policy|vulnmeter|hostgroup)"); } if (isset($_SESSION['_netgroup'])) { unset($_SESSION['_netgroup']); } if ($_SESSION["menu_sopc"] == "Network groups" && POST('withoutmenu') != "1") { ?> <p> <?php echo gettext("Network Group succesfully inserted"); ?> </p> <script type='text/javascript'>document.location.href="netgroup.php"</script> <?php
function show_form() { global $sensor_list; global $net_group_list; global $host_group_list; global $hosts_list; global $nets_list; global $conn; global $sensor_index; global $net_group_index; global $host_group_index; global $hosts_index; global $nets_index; $global_i = 0; $num = count($sensor_list); if ($num > 20) { $cols = 5; } else { $cols = 3; } $rows = intval($num / $cols) + 1; $num_ng = count($net_group_list); if ($num_ng > 20) { $cols = 5; } else { $cols = 3; } $rows_ng = intval($num_ng / $cols) + 1; $num_hg = count($host_group_list); if ($num_hg > 20) { $cols = 5; } else { $cols = 3; } $rows_hg = intval($num_hg / $cols) + 1; $num_hs = count($hosts_list); if ($num_hs > 20) { $cols = 5; } else { $cols = 3; } $rows_hs = intval($num_hs / $cols) + 1; $num_ns = count($nets_list); if ($num_ns > 20) { $cols = 5; } else { $cols = 3; } $rows_ns = intval($num_ns / $cols) + 1; if ($num_ns + $num_hs + $num_hg + $num_ng > 20) { $cols_full = 5; } else { $cols_full = 3; } ?> <h3><center> <?php echo _("Select sensors for this scan"); ?> </center></h3> <ul> <?php $group_scan_list = Net_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS); foreach ($group_scan_list as $group_scan) { $net_group_sensors = Net_group::get_sensors($conn, $group_scan->get_net_group_name()); echo "\n<script>\n"; echo "var " . $group_scan->get_net_group_name() . " = true;\n"; echo "</script>\n"; $sensor_string = ""; foreach ($net_group_sensors as $ng_sensor => $name) { if ($sensor_string == "") { $sensor_string .= $sensor_index[$name]; } else { $sensor_string .= "," . $sensor_index[$name]; } } $nets_string = ""; $nets = Net_group::get_networks($conn, $group_scan->get_net_group_name(), NESSUS); foreach ($nets as $net) { $name = $net->get_net_name(); if ($nets_string == "") { $nets_string .= $nets_index[$name]; } else { $nets_string .= "," . $nets_index[$name]; } } print "<li><a href=\"#\" onClick=\"return selectSomeNets('" . $group_scan->get_net_group_name() . "','" . $sensor_string . "','" . $nets_string . "');\">" . $group_scan->get_net_group_name() . "</a>"; } $group_scan_list = Host_group_scan::get_list($conn, "WHERE plugin_id = " . NESSUS); foreach ($group_scan_list as $group_scan) { $host_group_sensors = Host_group::get_sensors($conn, $group_scan->get_host_group_name()); echo "\n<script>\n"; echo "var " . $group_scan->get_host_group_name() . " = true;\n"; echo "</script>\n"; $sensor_string = ""; foreach ($host_group_sensors as $hg_sensor) { $name = $hg_sensor->get_sensor_name(); if ($sensor_string == "") { $sensor_string .= $sensor_index[$name]; } else { $sensor_string .= "," . $sensor_index[$name]; } } $hosts_string = ""; $hosts = Host_group::get_hosts($conn, $group_scan->get_host_group_name(), NESSUS); foreach ($hosts as $host) { $name = $host->get_host_name($conn); if ($hosts_string == "") { $hosts_string .= $hosts_index[$name]; } else { $hosts_string .= "," . $hosts_index[$name]; } } print "<li><a href=\"#\" onClick=\"return selectSomeHosts('" . $group_scan->get_host_group_name() . "','" . $sensor_string . "','" . $hosts_string . "');\">" . $group_scan->get_host_group_name() . "</a>"; } ?> </ul> <form action="<?php echo $_SERVER["SCRIPT_NAME"]; ?> " method="POST"> <p> <?php echo _("Please adjust incident creation threshold, incidents will only be created for vulnerabilities whose risk level exceeds the threshold."); ?> <br/> <?php echo _("It is recommended to set a high level at the beginning in order to concentrate on more critical vulnerabilities first, lowering it after having solved/tagged them as false positivies."); ?> <br/> <?php echo _("Threshold configuration can be found at Configuration->Main, \"vulnerability_incident_threshold\"."); ?> <?php echo _("Current risk threshold is:"); ?> <b> <?php require_once 'ossim_conf.inc'; $conf = $GLOBALS["CONF"]; print $conf->get_conf("vulnerability_incident_threshold"); ?> </b> </p> <h4><center> (<?php echo _("Empty means all"); ?> ) </center></h4> <center><a href="#" onClick="return selectAll();"><?php echo _("Select / Unselect all"); ?> </a></center> <br/> <table width="100%" border="0" align="center"><tr><td> <input type="radio" name="groupType" value="sensor" checked onClick="selectGroup('sensor');"> Sensor <input type="radio" name="groupType" value="host" onClick="selectGroup('host');"> NetGroup / Nets / HostGroup / Hosts </td></tr> <tr><td> <div id="rowSensor"> <table width="100%" align="left" border="0"><tr> <?php for ($i = 1; $i <= $rows; $i++) { ?> <?php for ($a = 0; $a < $cols && $global_i < $num; $a++) { $sensor = $sensor_list[$global_i]; echo "<td width=\"" . intval(100 / $cols) . "%\">"; $all['sensors'][] = "sensor" . $global_i; ?> <div align="left"> <input align="left" type="checkbox" id="<?php echo "sensor" . $global_i; ?> " name="<?php echo "sensor" . $global_i; ?> " value="<?php echo $sensor->get_ip(); ?> " /><?php echo $sensor->get_name(); ?> </div></td> <?php $global_i++; } echo "</tr>\n"; ?> <?php } echo "</table>\n"; ?> </div> <div id="rowHost" style="display: none"> <table width="100%" align="left" border="0"> <tr> <th colspan="3">NetGroups</th></tr><tr> <?php $global_ng = 0; for ($i = 1; $i <= $rows_ng; $i++) { ?> <?php for ($a = 0; $a < $cols_full && $global_ng < $num_ng; $a++) { $netgroup = $net_group_list[$global_ng]; echo "<td width=\"" . intval(100 / $cols_full) . "%\">"; $all['netgroups'][] = "netgroup" . $global_ng; ?> <div align="left"> <input align="left" type="checkbox" id="<?php echo "netgroup" . $global_ng; ?> " name="netgroupList[]" value="<?php echo $netgroup->get_name(); ?> " /><?php echo $netgroup->get_name($conn); ?> </div></td> <?php $global_ng++; } echo "</tr>\n"; ?> <tr> <?php } ?> <th colspan="3">HostGroups</th></tr><tr> <?php $global_hg = 0; for ($i = 1; $i <= $rows_hg; $i++) { for ($a = 0; $a < $cols_full && $global_hg < $num_hg; $a++) { $hostgroup = $host_group_list[$global_hg]; echo "<td width=\"" . intval(100 / $cols_full) . "%\">"; $all['hostgroups'][] = "hostgroup" . $global_hg; ?> <div align="left"> <input align="left" type="checkbox" id="<?php echo "hostgroup" . $global_hg; ?> " name="hostgroupList[]" value="<?php echo $hostgroup->get_name(); ?> " /><?php echo $hostgroup->get_name($conn); ?> </div></td> <?php $global_hg++; } echo "</tr>\n"; ?> <tr> <?php } ?> <th colspan="3">Nets</th></tr><tr> <?php $global_ns = 0; for ($i = 1; $i <= $rows_ns; $i++) { ?> <?php for ($a = 0; $a < $cols_full && $global_ns < $num_ns; $a++) { $nets = $nets_list[$global_ns]; echo "<td width=\"" . intval(100 / $cols_full) . "%\">"; $all['nets'][] = "net" . $global_ns; ?> <div align="left"> <input align="left" type="checkbox" id="<?php echo "net" . $global_ns; ?> " name="netList[]" value="<?php echo $nets->get_name(); ?> " /><?php echo $nets->get_name($conn); ?> </div></td> <?php $global_ns++; } echo "</tr>\n"; ?> <tr> <?php } ?> <th colspan="3">Hosts</th></tr><tr> <?php $global_hs = 0; for ($i = 1; $i <= $rows_hs; $i++) { ?> <?php for ($a = 0; $a < $cols_full && $global_hs < $num_hs; $a++) { $hosts = $hosts_list[$global_hs]; echo "<td width=\"" . intval(100 / $cols_full) . "%\">"; $all['hosts'][] = "host" . $global_hs; ?> <div align="left"> <input align="left" type="checkbox" id="<?php echo "host" . $global_hs; ?> " name="hostList[]" value="<?php echo $hosts->get_host_ip(); ?> " /><?php echo $hosts->get_name($conn); ?> </div></td> <?php $global_hs++; } echo "</tr>\n"; ?> <?php } echo "</table>\n"; ?> </div> </td></tr></table> <br> <center> <input type="hidden" name="nsensors" value="<?php echo $global_i; ?> " /> <input type="Submit" class="button" value="<?php echo _("Submit"); ?> "> </center> </form> <center><a href="index.php"> <?php echo gettext("Back"); ?> </a></center> <script> var check_sensors = true; var check_nethost = true; var scanType = 'sensor'; function selectAll() { if (scanType == 'sensor') { <?php if (count($all['sensors']) != 0) { foreach ($all['sensors'] as $id) { ?> document.getElementById('<?php echo $id; ?> ').checked = check_sensors; <?php } } ?> check_sensors = check_sensors == false ? true : false; } else { <?php if (count($all['netgroups']) != 0) { foreach ($all['netgroups'] as $id) { ?> document.getElementById('<?php echo $id; ?> ').checked = check_nethost; <?php } } ?> <?php if (count($all['hostgroups']) != 0) { foreach ($all['hostgroups'] as $id) { ?> document.getElementById('<?php echo $id; ?> ').checked = check_nethost; <?php } } ?> <?php if (count($all['nets']) != 0) { foreach ($all['nets'] as $id) { ?> document.getElementById('<?php echo $id; ?> ').checked = check_nethost; <?php } } ?> <?php if (count($all['hosts']) != 0) { foreach ($all['hosts'] as $id) { ?> document.getElementById('<?php echo $id; ?> ').checked = check_nethost; <?php } } ?> check_nethost = check_nethost == false ? true : false; } return false; } function selectSomeNets(name, identifiersSensors, identifiersNets) { if (identifiersSensors.length != 0) { arrayOfStringsSensor = identifiersSensors.split(","); for (var i=0; i < arrayOfStringsSensor.length; i++) { document.getElementById("sensor" + arrayOfStringsSensor[i]).checked = window[name]; } } if (identifiersNets.length != 0) { arrayOfStringsNets = identifiersNets.split(","); for (var i=0; i < arrayOfStringsNets.length; i++) { document.getElementById("net" + arrayOfStringsNets[i]).checked = window[name]; } } window[name] = window[name] == false ? true : false; return false; } function selectSomeHosts(name, identifiersSensors, identifiersHosts) { if (identifiersSensors.length != 0) { arrayOfStringsSensor = identifiersSensors.split(","); for (var i=0; i < arrayOfStringsSensor.length; i++) { document.getElementById("sensor" + arrayOfStringsSensor[i]).checked = window[name]; } } if (identifiersHosts.length != 0) { arrayOfStringsHosts = identifiersHosts.split(","); for (var i=0; i < arrayOfStringsHosts.length; i++) { document.getElementById("host" + arrayOfStringsHosts[i]).checked = window[name]; } } window[name] = window[name] == false ? true : false; return false; } function selectGroup(category) { if (category == 'sensor') { document.getElementById("rowHost").style.display = 'none'; document.getElementById("rowSensor").style.display = 'block'; } else { document.getElementById("rowHost").style.display = 'block'; document.getElementById("rowSensor").style.display = 'none'; } scanType = category; } </script> </body> </html> <?php }
if ($j > $to) { $li = "key:'{$key}', page:'{$nextpage}', isFolder:true, isLazy:true, icon:'../../pixmaps/theme/net_group.png', title:'" . _("next") . " {$maxresults} " . _("net groups") . "'"; $buffer .= ",{ {$li} }\n"; } } $buffer .= "]"; if ($buffer == "" || $buffer == "[]") { echo "[{title:'" . _("No Network groups Found") . "', noLink:true}]"; } else { echo $buffer; } } else { if (preg_match("/netgroup_(.*)/", $key, $found)) { $html = ""; $k = 0; $nets = Net_group::get_networks($conn, base64_decode($found[1])); $buffer .= "["; foreach ($nets as $net) { if ($k >= $from && $k < $to) { $net_name = $net->get_net_name(); $net_title = Util::htmlentities($net_name); $net_key = utf8_encode($key . $k); $ips_data = $net->get_net_ips($conn); $ips = "<font style=\"font-size:80%\">(" . $ips_data . ")</font>"; $title = strlen($net_name) > $length_name ? substr($net_name, 0, $length_name) . "..." : $net_name; $title = Util::htmlentities($title) . " " . $ips; $tooltip = $net_title . " (" . $ips_data . ")"; $html .= "{ key:'{$net_key}', url:'{$ips_data}', icon:'../../pixmaps/theme/net.png', title:'{$title}', tooltip:'{$tooltip}' },\n"; } $k++; }
$descr = $_SESSION['_netgroup']['descr']; $threshold_a = $_SESSION['_netgroup']['threshold_a']; $threshold_c = $_SESSION['_netgroup']['threshold_c']; $rrd_profile = $_SESSION['_netgroup']['rrd_profile']; unset($_SESSION['_netgroup']); } else { $conf = $GLOBALS["CONF"]; $threshold_a = $threshold_c = $conf->get_conf("threshold"); $descr = ""; $networks = array(); if ($ngname != '') { ossim_valid($ngname, OSS_ALPHA, OSS_SPACE, OSS_PUNC, OSS_NULLABLE, OSS_SQL, 'illegal:' . _(" Network Group Name")); if (ossim_error()) { die(ossim_error()); } if ($net_group_list = Net_group::get_list($conn, "name = '{$ngname}'")) { $net_group = $net_group_list[0]; $descr = $net_group->get_descr(); $threshold_c = $net_group->get_threshold_c(); $threshold_a = $net_group->get_threshold_a(); $obj_networks = $net_group->get_networks($conn); foreach ($obj_networks as $net) { $networks[] = $net->get_net_name(); } $rrd_profile = $net_group->get_rrd_profile(); if (!$rrd_profile) { $rrd_profile = "None"; } } } }
exit; } switch ($action) { case 'delete_netgroup': $name = explode(";", POST('name')); foreach ($name as $netgroup_id) { ossim_valid($netgroup_id, OSS_HEX, 'illegal:' . _('Network group')); if (ossim_error()) { $data['status'] = 'error'; $data['data'] = ossim_get_error_clean(); echo json_encode($data); exit; } } $db = new ossim_db(); $conn = $db->connect(); $data['status'] = 'OK'; $data['data'] = _('Network group removed successfully'); foreach ($name as $netgroup_id) { if (Net_group::can_delete($conn, $netgroup_id)) { Net_group::delete($conn, $netgroup_id); Net_group_scan::delete($conn, $netgroup_id, 3001); } else { $data['status'] = 'error'; $data['data'] = _('Error! Network group could not be removed. This network group belongs to a policy'); } } $db->close(); break; } echo json_encode($data);
$conn = $db->connect(); $id = GET('id'); $msg = GET('msg'); ossim_valid($id, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _('Network Group ID')); if (ossim_error()) { die(ossim_error()); } $networks = array(); $descr = ''; if ($id != '') { if ($net_group_list = Net_group::get_list($conn, " g.id = UNHEX('{$id}')")) { $net_group = $net_group_list[0]; $ngname = $net_group->get_name(); $ctx = $net_group->get_ctx(); $descr = $net_group->get_descr(); $obj_networks = Net_group::get_networks($conn, $net_group->get_id()); foreach ($obj_networks as $net) { $net_id = $net->get_net_id(); $filters = array('where' => "id = UNHEX('" . $net_id . "')"); $_aux_net_list = Asset_net::get_list($conn, '', $filters); $networks[$net->get_net_id()] = $_aux_net_list[0][$net_id]; } $rrd_profile = $net_group->get_rrd_profile(); if (!$rrd_profile) { $rrd_profile = 'None'; } } } if (GET('id') != '' || GET('clone') == 1) { $action = 'modifynetgroup.php'; } else {
$conn->Execute($query, $params); // BP ASSET if ($rs->fields['type_name'] != '' && $rs->fields['type'] != '') { $rs->fields['type'] = fix_type($rs->fields['type']); $params = array($rs->fields['type_name'], $rs->fields['type']); $sql = 'SELECT member, type FROM bp_asset_member WHERE member = UNHEX(?) AND type=?'; if ($ri =& $conn->Execute($sql, $params)) { if ($ri && $ri->EOF) { // check if asset exist $sql = 'INSERT INTO bp_asset_member (member, type) VALUES (UNHEX(?), ?)'; $conn->Execute($sql, $params); } } // For net_group insert all related networks if ($rs->fields['type'] == 'net_group' || $rs->fields['type'] == 'netgroup') { $networks = Net_group::get_networks($conn, $rs->fields['type_name']); foreach ($networks as $network) { $sql = 'SELECT member, type FROM bp_asset_member WHERE member = UNHEX(?) AND type=?'; $rn = $conn->Execute($sql, array($network->get_net_id(), 'net')); if ($rn && $rn->EOF) { $sql = 'INSERT INTO bp_asset_member (member, type) VALUES (UNHEX(?), ?)'; $conn->Execute($sql, array($network->get_net_id(), 'net')); } } } } } else { $delete_list[] = array($rs->fields['id'], $rs->fields['type'], $rs->fields['type_name']); } $rs->MoveNext(); }
<a href="netgroup.php"> <?php echo gettext("No"); ?> </a> </p> <?php exit; } require_once 'ossim_db.inc'; require_once 'classes/Net_group.inc'; require_once 'classes/Net_group_scan.inc'; $db = new ossim_db(); $conn = $db->connect(); if (Net_group::can_delete($conn, $name)) { Net_group::delete($conn, $name); Net_group_scan::delete($conn, $name, 3001); } else { echo "ERROR_CANNOT"; } $db->close($conn); ?> <p> <?php echo gettext("Network group deleted"); ?> </p> <p><a href="netgroup.php"><?php echo gettext("Back"); ?> </a></p>
function get_targets($conn, $ip_list) { $result = array(); if (!empty($ip_list)) { if (is_array($ip_list) == FALSE) { $ip_list = explode("\n", trim($ip_list)); } foreach ($ip_list as $asset) { $asset = trim($asset); if (preg_match('/^([a-f\\d]{32})#(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\/\\d{1,2})$/i', $asset, $found)) { $_asset_name = Asset_net::is_in_db($conn, $found[1]) ? Asset_net::get_name_by_id($conn, $found[1]) : $found[2]; $result[$asset] = $_asset_name; } else { if (preg_match('/^([a-f\\d]{32})#(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})$/i', $asset, $found)) { $_asset_name = Asset_host::is_in_db($conn, $found[1]) ? Asset_host::get_name_by_id($conn, $found[1]) : $found[2]; $result[$asset] = $_asset_name; } else { if (preg_match('/^([a-f\\d]{32})#hostgroup$/i', $asset, $found)) { $result[$asset] = Asset_group::get_name_by_id($conn, $found[1]); } else { if (preg_match('/^([a-f\\d]{32})#netgroup$/i', $asset, $found)) { $result[$asset] = Net_group::get_name_by_id($conn, $found[1]); } else { $result[$asset] = $asset; } } } } } } return $result; }
echo $BAR_LENGTH_RIGHT; ?> "> </td> </tr> <!-- end rule for threshold --> <?php if ($net_stats) { foreach ($net_stats as $stat) { $net_id = $stat->get_net_id(); $net_name = $stat->get_net_name(); $_net_aux = Asset_net::get_object($conn, $net_id); if (!Net_group::isNetInGroup($conn, $expand, $net_id)) { if ($stat->get_compromise() < $_net_aux->get_threshold_c() && $stat->get_attack() < $_net_aux->get_threshold_a() && Net_group::isNetInAnyGroup($conn, $net_id)) { continue; } } /* get net threshold */ if (is_object($_net_aux)) { $threshold_c = $_net_aux->get_threshold_c(); $threshold_a = $_net_aux->get_threshold_a(); } else { $threshold_c = $threshold_a = $THRESHOLD_DEFAULT; } /* calculate proportional bar width */ $width_c = ($compromise = $stat->get_compromise()) / $threshold_c * $BAR_LENGTH_LEFT; $width_a = ($attack = $stat->get_attack()) / $threshold_a * $BAR_LENGTH_LEFT; ?>