function nmap_scan_results()
{
if (!is_file("/etc/artica-postfix/nmap.map")) {
return;
}
$f = explode("\n", @file_get_contents("/etc/artica-postfix/nmap.map"));
while (list($index, $ligne) = each($f)) {
if (preg_match("#Nmap scan report for\\s+(.+?)\\s+\\(([0-9\\.]+)#", $ligne, $re)) {
$ipaddr = $re[2];
$computer[$ipaddr]["IPADDR"] = $re[2];
$computer[$ipaddr]["HOSTNAME"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} hostname= {$re[1]}";
continue;
}
if (preg_match("#Nmap scan report for ([0-9\\.]+)\$#", trim($ligne), $re)) {
$ipaddr = $re[1];
$computer[$ipaddr]["IPADDR"] = $re[1];
$LOGS[] = "Found {$ipaddr} without computername ";
continue;
}
if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($ligne), $re)) {
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$computer[$ipaddr]["MAC"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} ";
$MACSSCAN[trim($re[1])] = true;
continue;
}
if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $ligne, $re)) {
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$MACSSCAN[trim($re[1])] = true;
$computer[$ipaddr]["MAC"] = trim($re[1]);
$computer[$ipaddr]["MACHINE_TYPE"] = trim($re[2]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} and machine type {$re[2]}";
continue;
}
if (preg_match("#^Running:(.+)#", $ligne, $re)) {
$computer[$ipaddr]["RUNNING"] = trim($re[1]);
continue;
}
if (preg_match("#^OS details:(.+)#", $ligne, $re)) {
$LOGS[] = "Found {$ipaddr} with OS {$re[1]}";
$computer[$ipaddr]["OS"] = trim($re[1]);
continue;
}
}
nmap_logs(count($f) . " analyzed lines", @implode("\n", $LOGS));
$c = 0;
while (list($ipaddr, $array) = each($computer)) {
if (isset($already[$mac])) {
continue;
}
$mac = trim($array["MAC"]);
if ($mac == null) {
continue;
}
$c++;
$already[$mac] = true;
$ldap_ipaddr = null;
$ComputerRealName = null;
$uid = null;
$RAISON = array();
if (!isset($array["HOSTNAME"])) {
$array["HOSTNAME"] = null;
}
if (!isset($array["OS"])) {
$array["OS"] = null;
}
if (!isset($array["RUNNING"])) {
$array["RUNNING"] = null;
}
if (!isset($array["MACHINE_TYPE"])) {
$array["MACHINE_TYPE"] = null;
}
$cmp = new computers(null);
$uid = $cmp->ComputerIDFromMAC($mac);
if ($uid != null) {
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\n";
}
$cmp = new computers($uid);
$ldap_ipaddr = $cmp->ComputerIP;
$ComputerRealName = $cmp->ComputerRealName;
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\nLDAP:{$ldap_ipaddr}<>NMAP:{$ipaddr}\nLDAP CMP:{$ComputerRealName}<>NMAP:{$array["HOSTNAME"]}";
}
if ($array["HOSTNAME"] != null) {
$EXPECTED_UID = strtoupper($array["HOSTNAME"]) . "\$";
if ($EXPECTED_UID != $uid) {
$RAISON[] = "UID: {$uid} is different from {$EXPECTED_UID}";
nmap_logs("EDIT UID: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_uid($EXPECTED_UID);
}
}
if ($ldap_ipaddr != $ipaddr) {
writelogs("Change {$ldap_ipaddr} -> to {$ipaddr} for {$cmp->uid}", __FUNCTION__, __FILE__, __LINE__);
$RAISON[] = "LDAP IP ADDR: {$ldap_ipaddr} is different from {$ipaddr}";
$RAISON[] = "DN: {$cmp->dn}";
$RAISON[] = "UID: {$cmp->uid}";
$RAISON[] = "MAC: {$cmp->ComputerMacAddress}";
if (!$cmp->update_ipaddr($ipaddr)) {
$RAISON[] = "ERROR:{$cmp->ldap_last_error}";
}
nmap_logs("EDIT IP: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
}
if ($array["OS"] != null) {
if (strtolower($cmp->ComputerOS == "Unknown")) {
$cmp->ComputerOS = null;
}
if ($cmp->ComputerOS == null) {
$RAISON[] = "LDAP OS: {$cmp->ComputerOS} is different from {$array["OS"]}";
nmap_logs("EDIT OS: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_OS($array["OS"]);
}
}
} else {
if ($array["HOSTNAME"] != null) {
$uid = "{$array["HOSTNAME"]}\$";
} else {
$uid = "{$ipaddr}\$";
}
nmap_logs("ADD NEW: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), "{$uid}");
$cmp = new computers();
$cmp->ComputerIP = $ipaddr;
$cmp->ComputerMacAddress = $mac;
$cmp->uid = "{$uid}";
$cmp->ComputerOS = $array["OS"];
$cmp->ComputerRunning = $array["RUNNING"];
$cmp->ComputerMachineType = $array["MACHINE_TYPE"];
$cmp->Add();
}
}
nmap_logs("{$c} hosts analyzed in databases");
@unlink("/etc/artica-postfix/nmap.map");
//print_r($computer);
}
function nmap_scan_results()
{
if (!is_file("/etc/artica-postfix/nmap.map")) {
return;
}
$f = explode("\n", @file_get_contents("/etc/artica-postfix/nmap.map"));
$ipaddr = null;
$computer = array();
while (list($index, $ligne) = each($f)) {
$ligne = trim($ligne);
if ($ligne == null) {
continue;
}
if ($ligne == "PORT STATE SERVICE") {
continue;
}
if (strpos(" {$ligne}", "Network Distance:") > 0) {
continue;
}
if (strpos(" {$ligne}", "tcp closed tcpmux") > 0) {
continue;
}
if (strpos(" {$ligne}", "Too many fingerprints match") > 0) {
continue;
}
if (strpos(" {$ligne}", "OS detection performed. Please report") > 0) {
continue;
}
if (strpos(" {$ligne}", "OSScan results may be unreliable") > 0) {
continue;
}
if (strpos(" {$ligne}", "/tcp filtered") > 0) {
continue;
}
if (preg_match("#Nmap scan report for\\s+(.+?)\\s+\\(([0-9\\.]+)#", $ligne, $re)) {
$ipaddr = $re[2];
$computer[$ipaddr]["IPADDR"] = $re[2];
$computer[$ipaddr]["HOSTNAME"] = trim($re[1]);
if ($GLOBALS["VERBOSE"]) {
echo "Found IP:{$ipaddr} hostname=`{$re[1]}` in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} hostname= {$re[1]}";
continue;
}
if (preg_match("#Interesting ports on (.*?)\\s+\\(([0-9\\.]+)\\)#", $ligne, $re)) {
$ipaddr = $re[2];
$computer[$ipaddr]["IPADDR"] = $re[2];
$computer[$ipaddr]["HOSTNAME"] = trim($re[1]);
if ($GLOBALS["VERBOSE"]) {
echo "Found IP:{$ipaddr} hostname=`{$re[1]}` in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} hostname= {$re[1]}";
continue;
}
if (preg_match("#Interesting ports on ([0-9\\.]+):#", $ligne, $re)) {
$ipaddr = $re[1];
$computer[$ipaddr]["IPADDR"] = $re[1];
if ($GLOBALS["VERBOSE"]) {
echo "Found IP:{$ipaddr} only in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} only";
continue;
}
if (preg_match("#Nmap scan report for ([0-9\\.]+)\$#", trim($ligne), $re)) {
$ipaddr = $re[1];
$computer[$ipaddr]["IPADDR"] = $re[1];
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found IP address `{$ipaddr}` without computername in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} without computername ";
continue;
}
if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($ligne), $re)) {
if (trim($ipaddr) == null) {
continue;
}
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$computer[$ipaddr]["MAC"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} ";
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found mac {$re[1]} in `{$ligne}`\n";
}
$MACSSCAN[trim($re[1])] = true;
continue;
}
if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $ligne, $re)) {
if (trim($ipaddr) == null) {
continue;
}
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$MACSSCAN[trim($re[1])] = true;
$computer[$ipaddr]["MAC"] = trim($re[1]);
$computer[$ipaddr]["MACHINE_TYPE"] = trim($re[2]);
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found mac {$re[1]} and machine type {$re[2]} in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} and machine type {$re[2]}";
continue;
}
if (preg_match("#^Running:(.+)#", $ligne, $re)) {
if (trim($ipaddr) == null) {
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "Found running in `{$line}`\n";
}
$computer[$ipaddr]["RUNNING"] = trim($re[1]);
continue;
}
if (preg_match("#^OS details:(.+)#", $ligne, $re)) {
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Found OS {$re[1]} in `{$ligne}`\n";
}
$LOGS[] = "Found {$ipaddr} with OS {$re[1]}";
$computer[$ipaddr]["OS"] = trim($re[1]);
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "[{$ipaddr}]: Not understood in `{$ligne}`\n";
}
}
nmap_logs(count($f) . " analyzed lines", @implode("\n", $LOGS));
$c = 0;
$prefix_sql = "INSERT IGNORE INTO computers_lastscan (`MAC`, `zDate`,`ipaddr`,`hostname`,`Info`) VALUES ";
while (list($ipaddr, $array) = each($computer)) {
if (!isset($array["MAC"])) {
continue;
}
$mac = trim($array["MAC"]);
if (isset($already[$mac])) {
continue;
}
if ($mac == null) {
continue;
}
$c++;
$already[$mac] = true;
$ldap_ipaddr = null;
$ComputerRealName = null;
$uid = null;
$RAISON = array();
if (!isset($array["HOSTNAME"])) {
$array["HOSTNAME"] = null;
}
if (!isset($array["OS"])) {
$array["OS"] = null;
}
if (!isset($array["RUNNING"])) {
$array["RUNNING"] = null;
}
if (!isset($array["MACHINE_TYPE"])) {
$array["MACHINE_TYPE"] = null;
}
$date = date('Y-m-d H:i:s');
$infos = addslashes($array["OS"] . " Type:{$array["MACHINE_TYPE"]} ");
$SQLAD[] = "('{$mac}','{$date}','{$ipaddr}','{$array["HOSTNAME"]}','{$infos}')";
$cmp = new computers(null);
$uid = $cmp->ComputerIDFromMAC($mac);
if ($uid != null) {
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\n";
}
$cmp = new computers($uid);
$ldap_ipaddr = $cmp->ComputerIP;
$ComputerRealName = $cmp->ComputerRealName;
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\nLDAP:{$ldap_ipaddr}<>NMAP:{$ipaddr}\nLDAP CMP:{$ComputerRealName}<>NMAP:{$array["HOSTNAME"]}";
}
if ($array["HOSTNAME"] != null) {
$EXPECTED_UID = strtoupper($array["HOSTNAME"]) . "\$";
if ($EXPECTED_UID != $uid) {
$RAISON[] = "UID: {$uid} is different from {$EXPECTED_UID}";
nmap_logs("EDIT UID: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_uid($EXPECTED_UID);
}
}
if ($ldap_ipaddr != $ipaddr) {
writelogs("Change {$ldap_ipaddr} -> to {$ipaddr} for {$cmp->uid}", __FUNCTION__, __FILE__, __LINE__);
$RAISON[] = "LDAP IP ADDR: {$ldap_ipaddr} is different from {$ipaddr}";
$RAISON[] = "DN: {$cmp->dn}";
$RAISON[] = "UID: {$cmp->uid}";
$RAISON[] = "MAC: {$cmp->ComputerMacAddress}";
if (!$cmp->update_ipaddr($ipaddr)) {
$RAISON[] = "ERROR:{$cmp->ldap_last_error}";
}
nmap_logs("EDIT IP: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
}
if ($array["OS"] != null) {
if (strtolower($cmp->ComputerOS == "Unknown")) {
$cmp->ComputerOS = null;
}
if ($cmp->ComputerOS == null) {
$RAISON[] = "LDAP OS: {$cmp->ComputerOS} is different from {$array["OS"]}";
nmap_logs("EDIT OS: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_OS($array["OS"]);
}
}
} else {
if ($array["HOSTNAME"] != null) {
$uid = "{$array["HOSTNAME"]}\$";
} else {
continue;
}
nmap_logs("ADD NEW: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), "{$uid}");
$cmp = new computers();
$cmp->ComputerIP = $ipaddr;
$cmp->ComputerMacAddress = $mac;
$cmp->uid = "{$uid}";
$cmp->ComputerOS = $array["OS"];
$cmp->ComputerRunning = $array["RUNNING"];
$cmp->ComputerMachineType = $array["MACHINE_TYPE"];
$cmp->Add();
}
}
if ($GLOBALS["VERBOSE"]) {
echo "*** " . count($SQLAD) . " MYsql queries...***\n";
}
system_admin_events("{$c} hosts analyzed in networks", __FUNCTION__, __FILE__, __LINE__, "nmap");
nmap_logs("{$c} hosts analyzed in networks", @file_get_contents("/etc/artica-postfix/nmap.map"), null);
if (count($SQLAD) > 0) {
$q = new mysql();
$q->QUERY_SQL("DROP TABLE computers_lastscan", "artica_backup");
$q->check_storage_table(true);
$final = $prefix_sql . @implode(",", $SQLAD);
if ($GLOBALS["VERBOSE"]) {
echo "*** {$final} ***\n";
}
$q->QUERY_SQL($prefix_sql . @implode(",", $SQLAD), "artica_backup");
if (!$q->ok) {
echo $q->mysql_error . "\n";
}
}
@unlink("/etc/artica-postfix/nmap.map");
//print_r($computer);
}