function discover_new_device($hostname, $source = 'xdp')
{
global $config, $debug;
if ($config['autodiscovery'][$source]) {
echo "Discovering new host {$hostname}\n";
if (!empty($config['mydomain']) && isDomainResolves($hostname . "." . $config['mydomain'])) {
if ($debug) {
echo "appending " . $config['mydomain'] . "!\n";
}
$dst_host = $hostname . "." . $config['mydomain'];
} else {
$dst_host = $hostname;
}
$ip = gethostbyname($dst_host);
if ($debug) {
echo "resolving {$dst_host} to {$ip}\n";
}
if (match_network($config['autodiscovery']['ip_nets'], $ip)) {
if ($debug) {
echo "found {$ip} inside configured nets, adding!\n";
}
$remote_device_id = addHost($dst_host);
if ($remote_device_id) {
$remote_device = device_by_id_cache($remote_device_id, 1);
array_push($GLOBALS['devices'], $remote_device);
return $remote_device_id;
}
}
} else {
if ($debug) {
echo "{$source} autodiscovery disabled";
}
return FALSE;
}
}
function discover_new_device($hostname, $device = '', $method = '', $interface = '')
{
global $config;
if (!empty($config['mydomain']) && isDomainResolves($hostname . '.' . $config['mydomain'])) {
$dst_host = $hostname . '.' . $config['mydomain'];
} else {
$dst_host = $hostname;
}
d_echo("discovering {$dst_host}\n");
$ip = gethostbyname($dst_host);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
// $ip isn't a valid IP so it must be a name.
if ($ip == $dst_host) {
d_echo("name lookup of {$dst_host} failed\n");
log_event("{$method} discovery of " . $dst_host . " failed - Check name lookup", $device['device_id'], 'discovery');
return false;
}
} elseif (filter_var($dst_host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === true || filter_var($dst_host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === true) {
// gethostbyname returned a valid $ip, was $dst_host an IP?
if ($config['discovery_by_ip'] === false) {
d_echo('Discovery by IP disabled, skipping ' . $dst_host);
log_event("{$method} discovery of " . $dst_host . " failed - Discovery by IP disabled", $device['device_id'], 'discovery');
return false;
}
}
d_echo("ip lookup result: {$ip}\n");
$dst_host = rtrim($dst_host, '.');
// remove trailing dot
if (match_network($config['autodiscovery']['nets-exclude'], $ip)) {
d_echo("{$ip} in an excluded network - skipping\n");
return false;
}
if (match_network($config['nets'], $ip)) {
try {
$remote_device_id = addHost($dst_host, '', '161', 'udp', $config['distributed_poller_group']);
$remote_device = device_by_id_cache($remote_device_id, 1);
echo '+[' . $remote_device['hostname'] . '(' . $remote_device['device_id'] . ')]';
discover_device($remote_device);
device_by_id_cache($remote_device_id, 1);
if ($remote_device_id && is_array($device) && !empty($method)) {
$extra_log = '';
$int = ifNameDescr($interface);
if (is_array($int)) {
$extra_log = ' (port ' . $int['label'] . ') ';
}
log_event('Device ' . $remote_device['hostname'] . " ({$ip}) {$extra_log} autodiscovered through {$method} on " . $device['hostname'], $remote_device_id, 'discovery');
} else {
log_event("{$method} discovery of " . $remote_device['hostname'] . " ({$ip}) failed - Check ping and SNMP access", $device['device_id'], 'discovery');
}
return $remote_device_id;
} catch (HostExistsException $e) {
// already have this device
} catch (Exception $e) {
log_event("{$method} discovery of " . $dst_host . " ({$ip}) failed - " . $e->getMessage());
}
} else {
d_echo("{$ip} not in a matched network - skipping\n");
}
//end if
}
function discover_new_device($hostname, $device = '', $method = '', $interface = '')
{
global $config, $debug;
if (!empty($config['mydomain']) && isDomainResolves($hostname . '.' . $config['mydomain'])) {
$dst_host = $hostname . '.' . $config['mydomain'];
} else {
$dst_host = $hostname;
}
if ($debug) {
echo "discovering {$dst_host}\n";
}
$ip = gethostbyname($dst_host);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
// $ip isn't a valid IP so it must be a name.
if ($ip == $dst_host) {
if ($debug) {
echo "name lookup of {$dst_host} failed\n";
}
return false;
}
}
if ($debug) {
echo "ip lookup result: {$ip}\n";
}
$dst_host = rtrim($dst_host, '.');
// remove trailing dot
if (match_network($config['autodiscovery']['nets-exclude'], $ip)) {
if ($debug) {
echo "{$ip} in an excluded network - skipping\n";
}
return false;
}
if (match_network($config['nets'], $ip)) {
$remote_device_id = addHost($dst_host, '', '161', 'udp', '0', $config['distributed_poller_group']);
if ($remote_device_id) {
$remote_device = device_by_id_cache($remote_device_id, 1);
echo '+[' . $remote_device['hostname'] . '(' . $remote_device['device_id'] . ')]';
discover_device($remote_device);
device_by_id_cache($remote_device_id, 1);
if ($remote_device_id && is_array($device) && !empty($method)) {
$extra_log = '';
$int = ifNameDescr($interface);
if (is_array($int)) {
$extra_log = ' (port ' . $int['label'] . ') ';
}
log_event('Device $' . $remote_device['hostname'] . " ({$ip}) {$extra_log} autodiscovered through {$method} on " . $device['hostname'], $remote_device_id, 'system');
} else {
log_event("{$method} discovery of " . $remote_device['hostname'] . " ({$ip}) failed - check ping and SNMP access", $device['device_id'], 'system');
}
return $remote_device_id;
}
} else {
if ($debug) {
echo "{$ip} not in a matched network - skipping\n";
}
}
//end if
}
function perform_snmp_scan($net)
{
global $stats, $config, $debug, $vdebug;
echo 'Range: ' . $net->network . '/' . $net->bitmask . PHP_EOL;
$config['snmp']['timeout'] = 1;
$config['snmp']['retries'] = 0;
$config['fping_options']['retries'] = 0;
$start = ip2long($net->network);
$end = ip2long($net->broadcast) - 1;
while ($start++ < $end) {
$stats['count']++;
$host = long2ip($start);
if (match_network($config['autodiscovery']['nets-exclude'], $host)) {
echo '|';
continue;
}
$test = isPingable($host);
if ($test['result'] === false) {
echo '.';
continue;
}
if (ip_exists($host)) {
$stats['known']++;
echo '*';
continue;
}
foreach (array('udp', 'tcp') as $transport) {
try {
addHost(gethostbyaddr($host), '', $config['snmp']['port'], $transport, $config['distributed_poller_group']);
$stats['added']++;
echo '+';
break;
} catch (HostExistsException $e) {
$stats['known']++;
echo '*';
break;
} catch (HostUnreachablePingException $e) {
echo '.';
break;
} catch (HostUnreachableException $e) {
if ($debug) {
print_error($e->getMessage() . " over {$transport}");
foreach ($e->getReasons() as $reason) {
echo " {$reason}\n";
}
}
if ($transport == 'tcp') {
// tried both udp and tcp without success
$stats['failed']++;
echo '-';
}
}
}
}
echo PHP_EOL;
}
function discover_new_device($hostname)
{
global $config, $debug;
if ($config['autodiscovery']['xdp']) {
if (isDomainResolves($hostname . "." . $config['mydomain'])) {
$dst_host = $hostname . "." . $config['mydomain'];
} else {
$dst_host = $hostname;
}
if ($debug) {
echo "discovering {$dst_host}\n";
}
$ip = gethostbyname($dst_host);
if ($ip == $dst_host) {
if ($debug) {
echo "name lookup of {$dst_host} failed\n";
}
return FALSE;
} else {
if ($debug) {
echo "ip lookup result: {$ip}\n";
}
}
$dst_host = rtrim($dst_host, '.');
// remove trailing dot
if (match_network($config['autodiscovery']['nets-exclude'], $ip)) {
if ($debug) {
echo "{$ip} in an excluded network - skipping\n";
}
return FALSE;
}
if (match_network($config['nets'], $ip)) {
$remote_device_id = addHost($dst_host);
if ($remote_device_id) {
$remote_device = device_by_id_cache($remote_device_id, 1);
echo "+[" . $remote_device['hostname'] . "(" . $remote_device['device_id'] . ")]";
discover_device($remote_device);
$remote_device = device_by_id_cache($remote_device_id, 1);
return $remote_device_id;
}
} else {
if ($debug) {
echo "{$ip} not in a matched network - skipping\n";
}
}
} else {
if ($debug) {
echo "autodiscovery disabled - skipping\n";
}
return FALSE;
}
}
function discover_new_device($hostname)
{
global $config, $debug;
if (!empty($config['mydomain']) && isDomainResolves($hostname . "." . $config['mydomain'])) {
$dst_host = $hostname . "." . $config['mydomain'];
} else {
$dst_host = $hostname;
}
if ($debug) {
echo "discovering {$dst_host}\n";
}
$ip = gethostbyname($dst_host);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === FALSE && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === FALSE) {
// $ip isn't a valid IP so it must be a name.
if ($ip == $dst_host) {
if ($debug) {
echo "name lookup of {$dst_host} failed\n";
}
return FALSE;
}
}
if ($debug) {
echo "ip lookup result: {$ip}\n";
}
$dst_host = rtrim($dst_host, '.');
// remove trailing dot
if (match_network($config['autodiscovery']['nets-exclude'], $ip)) {
if ($debug) {
echo "{$ip} in an excluded network - skipping\n";
}
return FALSE;
}
if (match_network($config['nets'], $ip)) {
$remote_device_id = addHost($dst_host, '', '161', 'udp', '0', $config['distributed_poller_group']);
if ($remote_device_id) {
$remote_device = device_by_id_cache($remote_device_id, 1);
echo "+[" . $remote_device['hostname'] . "(" . $remote_device['device_id'] . ")]";
discover_device($remote_device);
device_by_id_cache($remote_device_id, 1);
return $remote_device_id;
}
} else {
if ($debug) {
echo "{$ip} not in a matched network - skipping\n";
}
}
}
function discover_new_device($hostname, $source = 'xdp', $protocol = NULL, $device = NULL, $port = NULL)
{
global $config, $debug;
# FIXME remodel function a bit like the one above? refactor so they share some parts?
if ($config['autodiscovery'][$source]) {
echo "Discovering new host {$hostname}\n";
if (!empty($config['mydomain']) && isDomainResolves($hostname . "." . $config['mydomain'])) {
if ($debug) {
echo "appending " . $config['mydomain'] . "!\n";
}
$dst_host = $hostname . "." . $config['mydomain'];
} else {
$dst_host = $hostname;
}
$ip = gethostbyname($dst_host);
if ($debug) {
echo "resolving {$dst_host} to {$ip}\n";
}
if (match_network($config['autodiscovery']['ip_nets'], $ip)) {
if ($debug) {
echo "found {$ip} inside configured nets, adding!\n";
}
$remote_device_id = add_device($dst_host);
if ($remote_device_id) {
$remote_device = device_by_id_cache($remote_device_id, 1);
if (!$protocol) {
$protocol = strtoupper($source);
}
if ($port) {
humanize_port($port);
log_event("Device autodiscovered through {$protocol} on " . $device['hostname'] . " (port " . $port['label'] . ")", $remote_device_id, 'interface', $port['port_id']);
} else {
log_event("Device autodiscovered through {$protocol} on " . $device['hostname'], $remote_device_id);
}
array_push($GLOBALS['devices'], $remote_device);
return $remote_device_id;
}
}
} else {
if ($debug) {
echo "{$source} autodiscovery disabled";
}
return FALSE;
}
}
}
//end foreach
}
//end if
}
//end elseif
echo ' OSPF Discovery: ';
if ($config['autodiscovery']['ospf'] === true) {
echo "enabled\n";
foreach (dbFetchRows('SELECT DISTINCT(`ospfNbrIpAddr`),`device_id` FROM `ospf_nbrs` WHERE `device_id`=?', array($device['device_id'])) as $nbr) {
$ip = $nbr['ospfNbrIpAddr'];
if (match_network($config['autodiscovery']['nets-exclude'], $ip)) {
echo 'x';
continue;
}
if (!match_network($config['nets'], $ip)) {
echo 'i';
continue;
}
$name = gethostbyaddr($ip);
$remote_device_id = discover_new_device($name, $device, 'OSPF');
}
} else {
echo "disabled\n";
}
d_echo($link_exists);
$sql = "SELECT * FROM `links` AS L, `ports` AS I WHERE L.local_port_id = I.port_id AND I.device_id = '" . $device['device_id'] . "'";
foreach (dbFetchRows($sql) as $test) {
$local_port_id = $test['local_port_id'];
$remote_hostname = $test['remote_hostname'];
$remote_port = $test['remote_port'];
*
* @package observium
* @subpackage discovery
* @author Adam Armstrong <*****@*****.**>
* @copyright (C) 2006 - 2013 Adam Armstrong
*
*/
include "includes/defaults.inc.php";
include "config.php";
include "includes/definitions.inc.php";
include "includes/functions.php";
$handle = fopen("ips.txt", "w");
foreach (dbFetchRows("SELECT * FROM `ipv4_networks`") as $data) {
$cidr = $data['ipv4_network'];
list($network, $bits) = explode("/", $cidr);
if ($bits != '32' && $bits != '32' && $bits > '22') {
$addr = Net_IPv4::parseAddress($cidr);
$broadcast = $addr->broadcast;
$ip = ip2long($network) + '1';
$end = ip2long($broadcast);
while ($ip < $end) {
$ipdotted = long2ip($ip);
if (dbFetchCell("SELECT COUNT(ipv4_address_id) FROM `ipv4_addresses` WHERE `ipv4_address` = ?", array($ipdotted)) == '0' && match_network($config['nets'], $ipdotted)) {
fputs($handle, $ipdotted . "\n");
}
$ip++;
}
}
}
fclose($handle);
shell_exec("fping -t 100 -f ips.txt > ips-scanned.txt");
function discover_new_device($hostname, $source = 'xdp', $protocol = NULL, $device = NULL, $snmp_port = 161)
{
global $config;
$source = strtolower($source);
if ($config['autodiscovery'][$source]) {
if (!$protocol) {
$protocol = strtoupper($source);
}
print_message("发现新主机 {$hostname} 通过 {$protocol}");
// By first detect hostname is IP or domain name (IPv4/6 == 4/6, hostname == FALSE)
$ip_version = get_ip_version($hostname);
if ($ip_version) {
// Hostname is IPv4/IPv6
$use_ip = TRUE;
$ip = $hostname;
} else {
$use_ip = FALSE;
if (!empty($config['mydomain']) && isDomainResolves($hostname . '.' . $config['mydomain'])) {
$hostname .= '.' . $config['mydomain'];
}
$ip = gethostbyname6($hostname);
if ($ip) {
$ip_version = get_ip_version($ip);
print_debug("主机 {$hostname} 解析为 {$ip}");
} else {
// No DNS records
print_debug("主机 {$hostname} 无法解析, 自动发现失败.");
return FALSE;
}
}
if (match_network($ip, $config['autodiscovery']['ip_nets'])) {
print_debug("主机 {$hostname} ({$ip}) 内部网络创建配置, 尝试增加:");
if (isPingable($ip)) {
// Check if device duplicated by IP
$ip = $ip_version == 4 ? $ip : Net_IPv6::uncompress($ip, TRUE);
$db = dbFetchRow('SELECT D.`hostname` FROM ipv' . $ip_version . '_addresses AS A
LEFT JOIN `ports` AS P ON A.`port_id` = P.`port_id`
LEFT JOIN `devices` AS D ON D.`device_id` = P.`device_id`
WHERE D.`disabled` = 0 AND A.`ipv' . $ip_version . '_address` = ?', array($ip));
if ($db) {
print_debug('已经有设备 ' . $db['hostname'] . " 包含 {$ip}");
return FALSE;
}
// Detect snmp transport
$snmp_transport = $ip_version == 4 ? 'udp' : 'udp6';
$new_device = detect_device_snmpauth($ip, $snmp_port, $snmp_transport);
if ($new_device) {
if ($use_ip) {
// Detect FQDN hostname
// by sysName
$snmphost = snmp_get($new_device, "sysName.0", "-Oqv", "SNMPv2-MIB", mib_dirs());
if ($snmphost) {
$snmp_ip = gethostbyname6($snmphost);
}
if ($snmp_ip == $ip) {
$hostname = $snmphost;
} else {
// by PTR
$ptr = gethostbyaddr6($ip);
if ($ptr) {
$ptr_ip = gethostbyname6($ptr);
}
if ($ptr && $ptr_ip == $ip) {
$hostname = $ptr;
} else {
print_debug("设备 IP {$ip} 没有 FQDN 名称");
return FALSE;
}
}
print_debug("设备 IP {$ip} 发现 FQDN 名称: {$hostname}");
}
$new_device['hostname'] = $hostname;
if (!check_device_duplicated($new_device)) {
$snmp_v3 = array();
if ($new_device['snmp_version'] === 'v3') {
$snmp_v3['snmp_authlevel'] = $new_device['snmp_authlevel'];
$snmp_v3['snmp_authname'] = $new_device['snmp_authname'];
$snmp_v3['snmp_authpass'] = $new_device['snmp_authpass'];
$snmp_v3['snmp_authalgo'] = $new_device['snmp_authalgo'];
$snmp_v3['snmp_cryptopass'] = $new_device['snmp_cryptopass'];
$snmp_v3['snmp_cryptoalgo'] = $new_device['snmp_cryptoalgo'];
}
$remote_device_id = createHost($new_device['hostname'], $new_device['snmp_community'], $new_device['snmp_version'], $new_device['snmp_port'], $new_device['snmp_transport'], $snmp_v3);
if ($remote_device_id) {
$remote_device = device_by_id_cache($remote_device_id, 1);
if ($port) {
humanize_port($port);
log_event("设备自动发现通过 {$protocol} 在 " . $device['hostname'] . " (port " . $port['label'] . ")", $remote_device_id, 'port', $port['port_id']);
} else {
log_event("设备自动发现通过 {$protocol} 在 " . $device['hostname'], $remote_device_id, $protocol);
}
//array_push($GLOBALS['devices'], $remote_device); // createHost() already puth this
return $remote_device_id;
}
}
}
}
} else {
print_debug("IP {$ip} ({$hostname}) 不允许内部 \$config['autodiscovery']['ip_nets'] 位于 config.php");
}
print_debug('自动发现主机 ' . $hostname . ' 错误.');
} else {
print_debug('自动发现协议 ' . $protocol . ' 禁用.');
}
return FALSE;
}
#!/usr/bin/php
<?php
include "includes/defaults.inc.php";
include "config.php";
include "includes/functions.php";
shell_exec("rm ips.txt && touch ips.txt");
$handle = fopen("ips.txt", "w+");
$query = mysql_query("SELECT * FROM `networks`");
while ($data = mysql_fetch_array($query)) {
$cidr = $data['cidr'];
list($network, $bits) = split("/", $cidr);
if ($bits != '32' && $bits != '32' && $bits > '22') {
$broadcast = trim(shell_exec($config['ipcalc'] . " {$cidr} | grep Broadcast | cut -d\" \" -f 2"));
$ip = ip2long($network) + '1';
$end = ip2long($broadcast);
while ($ip < $end) {
$ipdotted = long2ip($ip);
if (mysql_result(mysql_query("SELECT count(id) FROM ipaddr WHERE addr = '{$ipdotted}'"), 0) == '0' && match_network($config['nets'], $ipdotted)) {
fputs($handle, $ipdotted . "\n");
}
$ip++;
}
}
}
`fping -t 100 -f ips.txt > ips-scanned.txt`;
function discover_new_device($hostname, $source = 'xdp', $protocol = NULL, $device = NULL, $snmp_port = 161)
{
global $config;
$source = strtolower($source);
// Check if source is enabled for autodiscovery
if ($config['autodiscovery'][$source]) {
$flags = OBS_DNS_ALL;
if (!$protocol) {
$protocol = strtoupper($source);
}
print_cli_data("Try discovering host", "{$hostname} through {$protocol}", 3);
// By first detect hostname is IP or domain name (IPv4/6 == 4/6, hostname == FALSE)
$ip_version = get_ip_version($hostname);
if ($ip_version) {
// Hostname is IPv4/IPv6
$use_ip = TRUE;
$ip = $hostname;
} else {
$use_ip = FALSE;
// Add "mydomain" configuration if this resolves, converts switch1 -> switch1.mydomain.com
if (!empty($config['mydomain']) && isDomainResolves($hostname . '.' . $config['mydomain'], $flags)) {
$hostname .= '.' . $config['mydomain'];
}
// Determine v4 vs v6
$ip = gethostbyname6($hostname, $flags);
if ($ip) {
$ip_version = get_ip_version($ip);
print_debug("Host {$hostname} resolved as {$ip}");
} else {
// No DNS records
print_debug("Host {$hostname} not resolved, autodiscovery fails.");
return FALSE;
}
}
if ($ip_version == 6) {
$flags = $flags ^ OBS_DNS_A;
// Exclude IPv4
}
if (isset($config['autodiscovery']['ping_skip']) && $config['autodiscovery']['ping_skip']) {
$flags = $flags | OBS_PING_SKIP;
// Add skip pings flag
}
if (match_network($ip, $config['autodiscovery']['ip_nets'])) {
print_debug("Host {$hostname} ({$ip}) founded inside configured nets, trying to add:");
// By first check if pingable
$pingable = isPingable($ip, $flags);
if (!$pingable && (isset($config['autodiscovery']['ping_skip']) && $config['autodiscovery']['ping_skip'])) {
$flags = $flags | OBS_PING_SKIP;
// Add skip pings flag if allowed in config
$pingable = TRUE;
}
if ($pingable) {
// Check if device duplicated by IP
$ip = $ip_version == 4 ? $ip : Net_IPv6::uncompress($ip, TRUE);
$db = dbFetchRow('SELECT D.`hostname` FROM ipv' . $ip_version . '_addresses AS A
LEFT JOIN `ports` AS P ON A.`port_id` = P.`port_id`
LEFT JOIN `devices` AS D ON D.`device_id` = P.`device_id`
WHERE D.`disabled` = 0 AND A.`ipv' . $ip_version . '_address` = ?', array($ip));
if ($db) {
print_debug('Already have device ' . $db['hostname'] . " with IP {$ip}");
return FALSE;
}
// Detect snmp transport, net-snmp needs udp6 for ipv6
$snmp_transport = $ip_version == 4 ? 'udp' : 'udp6';
$new_device = detect_device_snmpauth($ip, $snmp_port, $snmp_transport);
if ($new_device) {
if ($use_ip) {
// Detect FQDN hostname
// by sysName
$snmphost = snmp_get($new_device, 'sysName.0', '-Oqv', 'SNMPv2-MIB');
if ($snmphost) {
$snmp_ip = gethostbyname6($snmphost, $flags);
}
if ($snmp_ip == $ip) {
$hostname = $snmphost;
} else {
// by PTR
$ptr = gethostbyaddr6($ip);
if ($ptr) {
$ptr_ip = gethostbyname6($ptr, $flags);
}
if ($ptr && $ptr_ip == $ip) {
$hostname = $ptr;
} else {
if ($config['autodiscovery']['require_hostname']) {
print_debug("Device IP {$ip} does not seem to have FQDN.");
return FALSE;
} else {
$hostname = $ip_version == 4 ? $ip : Net_IPv6::compress($hostname, TRUE);
// Always use compressed IPv6 name
}
}
}
print_debug("Device IP {$ip} linked to FQDN name: {$hostname}");
}
$new_device['hostname'] = $hostname;
if (!check_device_duplicated($new_device)) {
$snmp_v3 = array();
if ($new_device['snmp_version'] === 'v3') {
$snmp_v3['snmp_authlevel'] = $new_device['snmp_authlevel'];
$snmp_v3['snmp_authname'] = $new_device['snmp_authname'];
$snmp_v3['snmp_authpass'] = $new_device['snmp_authpass'];
$snmp_v3['snmp_authalgo'] = $new_device['snmp_authalgo'];
$snmp_v3['snmp_cryptopass'] = $new_device['snmp_cryptopass'];
$snmp_v3['snmp_cryptoalgo'] = $new_device['snmp_cryptoalgo'];
}
$remote_device_id = createHost($new_device['hostname'], $new_device['snmp_community'], $new_device['snmp_version'], $new_device['snmp_port'], $new_device['snmp_transport'], $snmp_v3);
if ($remote_device_id) {
if (is_flag_set(OBS_PING_SKIP, $flags)) {
set_entity_attrib('device', $remote_device_id, 'ping_skip', 1);
}
$remote_device = device_by_id_cache($remote_device_id, 1);
if ($port) {
humanize_port($port);
log_event("Device autodiscovered through {$protocol} on " . $device['hostname'] . " (port " . $port['port_label'] . ")", $remote_device_id, 'port', $port['port_id']);
} else {
log_event("Device autodiscovered through {$protocol} on " . $device['hostname'], $remote_device_id, $protocol);
}
//array_push($GLOBALS['devices'], $remote_device); // createHost() already puth this
return $remote_device_id;
}
}
}
}
} else {
print_debug("IP {$ip} ({$hostname}) not permitted inside \$config['autodiscovery']['ip_nets'] in config.php");
}
print_debug('Autodiscovery for host ' . $hostname . ' failed.');
} else {
print_debug('Autodiscovery for protocol ' . $protocol . ' disabled.');
}
return FALSE;
}
function perform_snmp_scan($net, $force_network, $force_broadcast)
{
global $stats, $config, $debug, $vdebug;
echo 'Range: ' . $net->network . '/' . $net->bitmask . PHP_EOL;
$config['snmp']['timeout'] = 1;
$config['snmp']['retries'] = 0;
$config['fping_options']['retries'] = 0;
$start = ip2long($net->network);
$end = ip2long($net->broadcast) - 1;
if ($force_network === true) {
//Force-scan network address
d_echo("Forcing network address scan" . PHP_EOL);
$start = $start - 1;
}
if ($force_broadcast === true) {
//Force-scan broadcast address
d_echo("Forcing broadcast address scan" . PHP_EOL);
$end = $end + 1;
}
if ($net->bitmask === "31") {
//Handle RFC3021 /31 prefixes
$start = ip2long($net->network) - 1;
$end = ip2long($net->broadcast);
d_echo("RFC3021 network, hosts " . long2ip($start + 1) . " and " . long2ip($end) . PHP_EOL . PHP_EOL);
} elseif ($net->bitmask === "32") {
//Handle single-host /32 prefixes
$start = ip2long($net->network) - 1;
$end = $start + 1;
d_echo("RFC3021 network, hosts " . long2ip($start + 1) . " and " . long2ip($end) . PHP_EOL . PHP_EOL);
} else {
d_echo("Network: " . $net->network . PHP_EOL);
d_echo("Broadcast: " . $net->broadcast . PHP_EOL . PHP_EOL);
}
while ($start++ < $end) {
$stats['count']++;
$host = long2ip($start);
if ($vdebug) {
echo "Scanning: " . $host . PHP_EOL;
}
if (match_network($config['autodiscovery']['nets-exclude'], $host)) {
if ($vdebug) {
echo "Excluded by config.php" . PHP_EOL . PHP_EOL;
} else {
echo '|';
}
continue;
}
$test = isPingable($host);
if ($test['result'] === false) {
if ($vdebug) {
echo "Unpingable Device" . PHP_EOL . PHP_EOL;
} else {
echo '.';
}
continue;
}
if (ip_exists($host)) {
$stats['known']++;
if ($vdebug) {
echo "Known Device" . PHP_EOL;
} else {
echo '*';
}
continue;
}
foreach (array('udp', 'tcp') as $transport) {
try {
addHost(gethostbyaddr($host), '', $config['snmp']['port'], $transport, $config['distributed_poller_group']);
$stats['added']++;
if ($vdebug) {
echo "Added Device" . PHP_EOL . PHP_EOL;
} else {
echo '+';
}
break;
} catch (HostExistsException $e) {
$stats['known']++;
if ($vdebug) {
echo "Known Device" . PHP_EOL . PHP_EOL;
} else {
echo '*';
}
break;
} catch (HostUnreachablePingException $e) {
if ($vdebug) {
echo "Unpingable Device" . PHP_EOL . PHP_EOL;
} else {
echo '.';
}
break;
} catch (HostUnreachableException $e) {
if ($debug) {
print_error($e->getMessage() . " over {$transport}");
foreach ($e->getReasons() as $reason) {
echo " {$reason}" . PHP_EOL;
}
}
if ($transport === 'tcp') {
// tried both udp and tcp without success
$stats['failed']++;
if ($vdebug) {
echo "Failed to Add Device" . PHP_EOL . PHP_EOL;
} else {
echo '-';
}
}
}
}
}
echo PHP_EOL;
}
$where .= " AND I.device_id = '" . $_POST['device_id'] . "'";
}
if ($_POST['interface']) {
$where .= " AND I.ifDescr LIKE '" . $_POST['interface'] . "'";
}
$sql = "SELECT * FROM `ipv4_addresses` AS A, `ports` AS I, `devices` AS D, `ipv4_networks` AS N WHERE I.interface_id = A.interface_id AND I.device_id = D.device_id AND N.ipv4_network_id = A.ipv4_network_id {$where} ORDER BY A.ipv4_address";
$query = mysql_query($sql);
echo "<tr class=tablehead><th>Device</a></th><th>Interface</th><th>Address</th><th>Description</th></tr>";
$row = 1;
while ($interface = mysql_fetch_array($query)) {
if ($_POST['address']) {
list($addy, $mask) = explode("/", $_POST['address']);
if (!$mask) {
$mask = "32";
}
if (!match_network($addy . "/" . $mask, $interface['ipv4_address'])) {
$ignore = 1;
}
}
if (!$ignore) {
if (is_integer($row / 2)) {
$row_colour = $list_colour_a;
} else {
$row_colour = $list_colour_b;
}
$speed = humanspeed($interface['ifSpeed']);
$type = humanmedia($interface['ifType']);
list($prefix, $length) = explode("/", $interface['ipv4_network']);
if ($interface['in_errors'] > 0 || $interface['out_errors'] > 0) {
$error_img = generateiflink($interface, "<img src='images/16/chart_curve_error.png' alt='Interface Errors' border=0>", errors);
} else {
function DBLogInContest($name, $pass, $contest, $msg = true)
{
$b = DBGetRow("select * from contesttable where contestnumber={$contest}", 0, null, "DBLogIn(get active contest)");
if ($b == null) {
LOGLevel("There is no contest {$contest}.", 0);
if ($msg) {
MSGError("There is no contest {$contest}, contact an admin.");
}
return false;
}
$d = DBSiteInfo($b["contestnumber"], $b["contestlocalsite"], null, false);
if ($d == null) {
if ($msg) {
MSGError("There is no active site, contact an admin.");
}
return false;
}
$a = DBGetRow("select * from usertable where username='******' and contestnumber=" . $b["contestnumber"] . " and " . "usersitenumber=" . $b["contestlocalsite"], 0, null, "DBLogIn(get user)");
if ($a == null) {
if ($msg) {
LOGLevel("User {$name} tried to log in contest {$contest} but it does not exist.", 2);
MSGError("User does not exist or incorrect password.");
}
return false;
}
$a = DBUserInfo($b["contestnumber"], $b["contestlocalsite"], $a['usernumber'], null, false);
$_SESSION['usertable'] = $a;
$p = myhash($a["userpassword"] . session_id());
$_SESSION['usertable']['userpassword'] = $p;
if ($a["userpassword"] != "" && $p != $pass) {
LOGLevel("User {$name} tried to log in contest {$contest} but password was incorrect.", 2);
if ($msg) {
MSGError("Incorrect password.");
}
unset($_SESSION["usertable"]);
return false;
}
if ($d["sitepermitlogins"] == "f" && $a["usertype"] != "admin" && $a["usertype"] != "judge" && $a["usertype"] != "site") {
LOGLevel("User {$name} tried to login contest {$contest} but logins are denied.", 2);
if ($msg) {
MSGError("Logins are not allowed.");
}
unset($_SESSION["usertable"]);
return false;
}
if ($a["userenabled"] != "t") {
LOGLevel("User {$name} tried to log in contest {$contest} but it is disabled.", 2);
if ($msg) {
MSGError("User disabled.");
}
unset($_SESSION["usertable"]);
return false;
}
$gip = getIP();
if ($a["userip"] != $gip && $a["userip"] != "" && $a["usertype"] != "score") {
LOGLevel("User {$name} is using two different IPs: " . $a["userip"] . "(" . dateconv($a["userlastlogin"]) . ") and " . $gip, 1);
if ($msg && $a["usertype"] != "admin") {
MSGError("You are using two distinct IPs. Admin notified.");
}
}
if ($a["userpermitip"] != "") {
$ips = explode(';', $a["userpermitip"]);
$gips = explode(';', $gip);
if (count($gips) < count($ips)) {
IntrusionNotify("Invalid IP: " . $gip);
ForceLoad("index.php");
}
for ($ipss = 0; $ipss < count($ips); $ipss++) {
$gipi = $gips[$ipss];
$ipi = $ips[$ipss];
if (!match_network($ipi, $gipi)) {
IntrusionNotify("Invalid IP: " . $gip);
ForceLoad("index.php");
}
}
}
$c = DBConnect();
$t = time();
if ($a["usertype"] == "team" && $a["usermultilogin"] != "t" && $a["userpermitip"] == "") {
$r = DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userpermitip='" . $gip . "'," . "userlastlogin={$t}, usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update session)");
} else {
DBExec($c, "begin work");
$sql = "update usertable set usersessionextra='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"] . " and (usersessionextra='' or userip != '" . $gip . "' or userlastlogin<=" . ($t - 86400) . ")";
DBExec($c, $sql);
DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userlastlogin={$t}, " . "usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update user)");
if ($name == 'admin') {
list($clockstr, $clocktime) = siteclock();
if ($clocktime < -600) {
DBExec($c, "update contesttable set contestunlockkey='' where contestnumber=" . $b["contestnumber"], "DBLogInContest(update contest)");
}
}
DBExec($c, "commit work");
}
LOGLevel("User {$name} authenticated (" . $gip . ")", 2);
return $a;
}
}
if ($vars['page'] == "logout" && $_SESSION['authenticated']) {
if (auth_can_logout()) {
// No need for a feedback message if user requested a logout
session_logout(function_exists('auth_require_login'));
}
header('Location: ' . $config['base_url']);
exit;
}
$mcrypt_exists = check_extension_exists('mcrypt');
$user_unique_id = session_unique_id();
// Get unique user id and check if IP changed (if required by config)
// Check if allowed auth by CIDR
$auth_allow_cidr = TRUE;
if (isset($config['web_session_cidr']) && count($config['web_session_cidr'])) {
$auth_allow_cidr = match_network($_SERVER['REMOTE_ADDR'], $config['web_session_cidr']);
}
if (!$_SESSION['authenticated'] && isset($_GET['username']) && isset($_GET['password'])) {
$_SESSION['username'] = $_GET['username'];
$auth_password = $_GET['password'];
} else {
if (!$_SESSION['authenticated'] && isset($_POST['username']) && isset($_POST['password'])) {
$_SESSION['username'] = $_POST['username'];
$auth_password = $_POST['password'];
} else {
if ($mcrypt_exists && !$_SESSION['authenticated'] && isset($_COOKIE['ckey'])) {
$ckey = dbFetchRow("SELECT * FROM `users_ckeys` WHERE `user_uniq` = ? AND `user_ckey` = ? LIMIT 1", array($user_unique_id, $_COOKIE['ckey']));
if (is_array($ckey)) {
if ($ckey['expire'] > $currenttime && $auth_allow_cidr) {
$_SESSION['username'] = $ckey['username'];
$auth_password = decrypt($ckey['user_encpass'], $_COOKIE['dkey']);
function discover_new_device($hostname, $source = 'xdp', $protocol = NULL, $device = NULL, $port = 161)
{
global $config;
$source = strtolower($source);
if ($config['autodiscovery'][$source]) {
if (!$protocol) {
$protocol = strtoupper($source);
}
print_message("Discovering new host {$hostname} through {$protocol}");
// By first detect hostname is IP or domain name (IPv4/6 == 4/6, hostname == FALSE)
$ip_version = get_ip_version($hostname);
if ($ip_version) {
// Hostname is IPv4/IPv6
$use_ip = TRUE;
} else {
$use_ip = FALSE;
if (!empty($config['mydomain']) && isDomainResolves($hostname . '.' . $config['mydomain'])) {
$hostname .= '.' . $config['mydomain'];
}
$ip = gethostbyname6($hostname);
if ($ip) {
$ip_version = get_ip_version($ip);
print_debug("Host {$hostname} resolved as {$ip}");
} else {
// No DNS records
print_debug("Host {$hostname} not resolved, autodiscovery fails.");
return FALSE;
}
}
if (match_network($ip, $config['autodiscovery']['ip_nets'])) {
print_debug("Host {$hostname} ({$ip}) founded inside configured nets, try to adding:");
if (isPingable($ip)) {
// Check if device duplicated by IP
$ip = $ip_version == 4 ? $hostname : Net_IPv6::uncompress($hostname, TRUE);
$db = dbFetchRow('SELECT D.`hostname` FROM ipv' . $ip_version . '_addresses AS A
LEFT JOIN `ports` AS P ON A.`port_id` = P.`port_id`
LEFT JOIN `devices` AS D ON D.`device_id` = P.`device_id`
WHERE D.`disabled` = 0 AND A.`ipv' . $ip_version . '_address` = ?', array($ip));
if ($db) {
print_debug('Already have device ' . $db['hostname'] . " with {$ip}");
return FALSE;
}
// Detect snmp transport
$transport = $ip_version == 4 ? 'udp' : 'udp6';
$new_device = detect_device_snmpauth($ip, $port, $transport);
if ($new_device) {
if ($use_ip) {
// Detect FQDN hostname
// by sysName
$snmphost = snmp_get($new_device, "sysName.0", "-Oqv", "SNMPv2-MIB", mib_dirs());
if ($snmphost) {
$snmp_ip = gethostbyname6($snmphost);
}
if ($snmp_ip == $ip) {
$hostname = $snmphost;
} else {
// by PTR
$ptr = gethostbyaddr6($ip);
if ($ptr) {
$ptr_ip = gethostbyname6($ptr);
}
if ($ptr && $ptr_ip == $ip) {
$hostname = $ptr;
} else {
print_debug("Device IP {$ip} not have FQDN name");
return FALSE;
}
}
print_debug("Device IP {$ip} founded FQDN name: {$hostname}");
}
$new_device['hostname'] = $hostname;
if (!check_device_duplicated($new_device)) {
$v3 = array();
if ($new_device['snmpver'] === 'v3') {
$v3['authlevel'] = $new_device['authlevel'];
$v3['authname'] = $new_device['authname'];
$v3['authpass'] = $new_device['authpass'];
$v3['authalgo'] = $new_device['authalgo'];
$v3['cryptopass'] = $new_device['cryptopass'];
$v3['cryptoalgo'] = $new_device['cryptoalgo'];
}
$remote_device_id = createHost($new_device['hostname'], $new_device['community'], $new_device['snmpver'], $new_device['port'], $new_device['transport'], $v3);
if ($remote_device_id) {
$remote_device = device_by_id_cache($remote_device_id, 1);
if ($port) {
humanize_port($port);
log_event("Device autodiscovered through {$protocol} on " . $device['hostname'] . " (port " . $port['label'] . ")", $remote_device_id, 'port', $port['port_id']);
} else {
log_event("Device autodiscovered through {$protocol} on " . $device['hostname'], $remote_device_id, $protocol);
}
//array_push($GLOBALS['devices'], $remote_device); // createHost() already puth this
return $remote_device_id;
}
}
}
}
} else {
print_debug("IP {$ip} ({$hostname}) not permitted inside \$config['autodiscovery']['ip_nets'] in config.php");
}
print_debug('Autodiscovery for host ' . $hostname . ' fails.');
} else {
print_debug('Autodiscovery for protocol ' . $protocol . ' disabled.');
}
return FALSE;
}
/**
* @dataProvider providerMatchNetwork
* @group ip
*/
public function testMatchNetwork($result, $ip, $nets, $first = FALSE)
{
$this->assertSame($result, match_network($ip, $nets, $first));
}
* @subpackage graphing
* @author Adam Armstrong <*****@*****.**>
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited
*
*/
#ob_start(); // FIXME why no more?
include_once "../includes/sql-config.inc.php";
$start = utime();
// Needs common.php
include $config['html_dir'] . "/includes/functions.inc.php";
if (isset($config['allow_unauth_graphs']) && $config['allow_unauth_graphs']) {
$auth = TRUE;
// hardcode auth for all with config function
print_debug('Authentication bypassed by $config[\'allow_unauth_graphs\'].');
} elseif (isset($config['allow_unauth_graphs_cidr']) && count($config['allow_unauth_graphs_cidr'])) {
if (match_network($_SERVER['REMOTE_ADDR'], $config['allow_unauth_graphs_cidr'])) {
$auth = TRUE;
// hardcode authenticated for matched subnet
print_debug("Authentication by matched CIDR.");
}
}
if (!$auth) {
// Normal auth
include $config['html_dir'] . "/includes/authenticate.inc.php";
}
// Push $_GET into $vars to be compatible with web interface naming
$vars = get_vars('GET');
include $config['html_dir'] . "/includes/graphs/graph.inc.php";
$runtime = utime() - $start;
print_debug("Runtime " . $runtime . " secs");
// EOF
