function is_ipv4_valid($ipv4_address, $ipv4_prefixlen = NULL) { if (strpos($ipv4_address, '/') !== FALSE) { list($ipv4_address, $ipv4_prefixlen) = explode('/', $ipv4_address); } if (strpos($ipv4_prefixlen, '.')) { $ipv4_prefixlen = netmask2cidr($ipv4_prefixlen); } // False if prefix less or equal 0 and more 32 if (is_numeric($ipv4_prefixlen) && ($ipv4_prefixlen < '0' || $ipv4_prefixlen > '32')) { return FALSE; } // False if invalid IPv4 syntax if (!Net_IPv4::validateIP($ipv4_address)) { return FALSE; } // False if 0.0.0.0 if ($ipv4_address == '0.0.0.0') { return FALSE; } return TRUE; }
</dl>'; } echo "</a></li>"; } /// SEARCH IP ADDRESSES list($addr, $mask) = explode('/', $queryString); $address_type = "ipv4"; if (is_numeric(stripos($queryString, ':abcdef'))) { $address_type = 'ipv6'; } switch ($address_type) { case 'ipv6': $ip_valid = Net_IPv6::checkIPv6($addr); break; case 'ipv4': $ip_valid = Net_IPv4::validateIP($addr); break; } # if ($ip_valid) # { # // If address valid -> seek occurrence in network # if (!$mask) { $mask = ($address_type === 'ipv4') ? '32' : '128'; }# # } else { // If address not valid -> seek LIKE $where .= ' AND A.`ipv4_address` LIKE ?'; $param[] = '%' . $addr . '%'; # } // FIXME no v6 yet. $query = 'SELECT * '; $query .= 'FROM `ipv4_addresses` AS A '; $query .= 'LEFT JOIN `ports` ON `A`.`port_id` = `ports`.`port_id` ';
/** * Converts a dot-quad formmated IP address into a hexadecimal string */ function atoh($addr) { if (!Net_IPv4::validateIP($addr)) { return FALSE; } $ap = explode(".", $addr); return sprintf("%02x%02x%02x%02x", $ap[0], $ap[1], $ap[2], $ap[3]); }
ini_set('error_reporting', E_ALL); } include "../includes/defaults.inc.php"; include "../config.php"; include_once "../includes/definitions.inc.php"; include "includes/functions.inc.php"; include "../includes/functions.inc.php"; include "includes/authenticate.inc.php"; if (!$_SESSION['authenticated']) { echo "unauthenticated"; exit; } if ($_GET['query'] && $_GET['cmd']) { $host = $_GET['query']; $ip = ''; if (Net_IPv4::validateIP($host)) { $ip = $host; $ip_version = 4; } elseif (Net_IPv6::checkIPv6($host)) { $ip = $host; $ip_version = 6; } else { $ip = gethostbyname($host); if ($ip && $ip != $host) { $ip_version = 4; } else { $ip = gethostbyname6($host, FALSE); if ($ip) { $ip_version = 6; } }
include $config['install_dir'] . "/includes/common.inc.php"; $start = utime(); // Needs common.php include $config['install_dir'] . "/includes/dbFacile.php"; include $config['install_dir'] . "/includes/rewrites.inc.php"; include $config['install_dir'] . "/includes/rrdtool.inc.php"; include $config['install_dir'] . "/includes/entities.inc.php"; include $config['html_dir'] . "/includes/functions.inc.php"; if (isset($config['allow_unauth_graphs']) && $config['allow_unauth_graphs']) { $auth = TRUE; // hardcode auth for all with config function print_debug('认证旁路 $config[\'allow_unauth_graphs\'].'); } elseif (isset($config['allow_unauth_graphs_cidr']) && count($config['allow_unauth_graphs_cidr'])) { foreach ($config['allow_unauth_graphs_cidr'] as $range) { list($net, $mask) = explode('/', trim($range)); if (Net_IPv4::validateIP($net)) { // IPv4 $mask = $mask != NULL ? $mask : '32'; $range = $net . '/' . $mask; if ($mask >= 0 && $mask <= 32 && Net_IPv4::ipInNetwork($_SERVER['REMOTE_ADDR'], $range)) { $auth = TRUE; // hardcode authenticated for matched subnet print_debug("认证的CIDR匹配IPv4 {$range}."); break; } } elseif (Net_IPv6::checkIPv6($net)) { // IPv6 $mask = $mask != NULL ? $mask : '128'; $range = $net . '/' . $mask; if ($mask >= 0 && $mask <= 128 && Net_IPv6::isInNetmask($_SERVER['REMOTE_ADDR'], $range)) { $auth = TRUE;
/** * convert an IP address into a hex value * * @param string $IP * @return string */ protected function convertIpToHex($host) { if (!isset($host) || empty($host) || !is_string($host)) { static::raiseError(__METHOD__ . '(), $host parameter is invalid!'); return false; } global $ms; $ipv4 = new Net_IPv4(); $parsed = $ipv4->parseAddress($host); // if CIDR contains no netmask or was unparsable, we assume /32 if (empty($parsed->netmask)) { $parsed->netmask = "255.255.255.255"; } if (!$ipv4->validateIP($parsed->ip)) { $ms->throwError(_("Incorrect IP address! Can not convert it to hex!")); } if (!$ipv4->validateNetmask($parsed->netmask)) { $ms->throwError(_("Incorrect Netmask! Can not convert it to hex!")); } if (($hex_host = $ipv4->atoh($parsed->ip)) == false) { $ms->throwError(_("Failed to convert " . $parsed->ip . " to hex!")); } if (($hex_subnet = $ipv4->atoh($parsed->netmask)) == false) { $ms->throwError(_("Failed to convert " . $parsed->netmask . " to hex!")); } return array('ip' => $hex_host, 'netmask' => $hex_subnet); }
/** * verify ip address /mask 10.10.10.10./24 - CIDR * * if subnet == 0 we dont check if IP is subnet -> needed for ipCalc */ function verifyCidr($cidr, $issubnet = 1) { /* split it to network and subnet */ $temp = explode("/", $cidr); $network = $temp[0]; $netmask = $temp[1]; //if one part is missing die if (empty($network) || empty($netmask)) { $errors[] = _("Invalid CIDR format!"); } /* Identify address type */ $type = IdentifyAddress($network); /* IPv4 verification */ if ($type == 'IPv4') { require_once 'PEAR/Net/IPv4.php'; $Net_IPv4 = new Net_IPv4(); if ($net = $Net_IPv4->parseAddress($cidr)) { //validate IP if (!$Net_IPv4->validateIP($net->ip)) { $errors[] = _("Invalid IP address!"); } elseif ($net->network != $net->ip && $issubnet == 1) { $errors[] = _("IP address cannot be subnet! (Consider using") . " " . $net->network . ")"; } elseif (!$Net_IPv4->validateNetmask($net->netmask)) { $errors[] = _('Invalid netmask') . ' ' . $net->netmask; } } else { $errors[] = _('Invalid CIDR format!'); } } else { require_once 'PEAR/Net/IPv6.php'; $Net_IPv6 = new Net_IPv6(); //validate IPv6 if (!$Net_IPv6->checkIPv6($cidr)) { $errors[] = _("Invalid IPv6 address!"); } else { //validate subnet $subnet = $Net_IPv6->getNetmask($cidr); $subnet = $Net_IPv6->compress($subnet); //get subnet part $subnetParse = explode("/", $cidr); $subnetMask = $subnetParse[1]; $subnetNet = $subnetParse[0]; if ($subnetNet != $subnet && $issubnet == 1) { $errors[] = _("IP address cannot be subnet! (Consider using") . " " . $subnet . "/" . $subnetMask . ")"; } } } /* return array of errors */ return $errors; }
/** * Display IPv4/IPv6 addresses. * * Display pages with IP addresses from device Interfaces. * * @param array $vars * @return none * */ function print_addresses($vars) { // With pagination? (display page numbers in header) $pagination = isset($vars['pagination']) && $vars['pagination']; pagination($vars, 0, TRUE); // Get default pagesize/pageno $pageno = $vars['pageno']; $pagesize = $vars['pagesize']; $start = $pagesize * $pageno - $pagesize; if (in_array($vars['search'], array('6', 'v6', 'ipv6')) || in_array($vars['view'], array('6', 'v6', 'ipv6'))) { $address_type = 'ipv6'; } else { $address_type = 'ipv4'; } $ip_array = array(); $param = array(); $where = ' WHERE 1 '; $param_netscaler = array(); $where_netscaler = " WHERE `vsvr_ip` != '0.0.0.0' AND `vsvr_ip` != '' "; foreach ($vars as $var => $value) { if ($value != '') { switch ($var) { case 'device': case 'device_id': $where .= generate_query_values($value, 'I.device_id'); $where_netscaler .= generate_query_values($value, 'N.device_id'); break; case 'interface': $where .= generate_query_values($value, 'I.ifDescr', 'LIKE%'); break; case 'network': list($net, $mask) = explode('/', $value); if (is_numeric(stripos($net, ':abcdef'))) { $address_type = 'ipv6'; } $where .= generate_query_values($value, 'N.ip_network', 'LIKE%'); break; case 'address': list($addr, $mask) = explode('/', $value); if (is_numeric(stripos($addr, ':abcdef'))) { $address_type = 'ipv6'; } switch ($address_type) { case 'ipv6': $ip_valid = Net_IPv6::checkIPv6($addr); break; case 'ipv4': $ip_valid = Net_IPv4::validateIP($addr); break; } if ($ip_valid) { // If address valid -> seek occurrence in network if (!$mask) { $mask = $address_type === 'ipv4' ? '32' : '128'; } $where_netscaler .= generate_query_values($addr, 'N.vsvr_ip'); } else { // If address not valid -> seek LIKE $where .= generate_query_values($addr, 'A.ip_address', '%LIKE%'); $where_netscaler .= generate_query_values($addr, 'N.vsvr_ip', '%LIKE%'); } break; } } } $query_device_permitted = generate_query_permitted(array('device'), array('device_table' => 'D')); $query_port_permitted = generate_query_permitted(array('port'), array('port_table' => 'I')); // Also search netscaler Vserver IPs $query_netscaler = 'FROM `netscaler_vservers` AS N '; $query_netscaler .= 'LEFT JOIN `devices` AS D ON N.`device_id` = D.`device_id` '; $query_netscaler .= $where_netscaler . $query_device_permitted; //$query_netscaler_count = 'SELECT COUNT(`vsvr_id`) ' . $query_netscaler; $query_netscaler = 'SELECT * ' . $query_netscaler; $query_netscaler .= ' ORDER BY N.`vsvr_ip`'; // Override by address type if ($address_type == 'ipv6') { $query_netscaler = str_replace(array('vsvr_ip', '0.0.0.0'), array('vsvr_ipv6', '0:0:0:0:0:0:0:0'), $query_netscaler); //$query_netscaler_count = str_replace(array('vsvr_ip', '0.0.0.0'), array('vsvr_ipv6', '0:0:0:0:0:0:0:0'), $query_netscaler_count); } $entries = dbFetchRows($query_netscaler, $param_netscaler); // Rewrite netscaler addresses foreach ($entries as $entry) { $ip_address = $address_type == 'ipv4' ? $entry['vsvr_ip'] : $entry['vsvr_' . $address_type]; $ip_network = $address_type == 'ipv4' ? $entry['vsvr_ip'] . '/32' : $entry['vsvr_' . $address_type] . '/128'; $ip_array[] = array('type' => 'netscaler_vsvr', 'device_id' => $entry['device_id'], 'hostname' => $entry['hostname'], 'vsvr_id' => $entry['vsvr_id'], 'vsvr_label' => $entry['vsvr_label'], 'ifAlias' => 'Netscaler: ' . $entry['vsvr_type'] . '/' . $entry['vsvr_entitytype'], $address_type . '_address' => $ip_address, $address_type . '_network' => $ip_network); } //print_message($query_netscaler_count); $query = 'FROM `ip_addresses` AS A '; $query .= 'LEFT JOIN `ports` AS I ON I.`port_id` = A.`port_id` '; $query .= 'LEFT JOIN `devices` AS D ON I.`device_id` = D.`device_id` '; $query .= 'LEFT JOIN `ip_networks` AS N ON N.`ip_network_id` = A.`ip_network_id` '; $query .= $where . $query_port_permitted; //$query_count = 'SELECT COUNT(`ip_address_id`) ' . $query; $query = 'SELECT * ' . $query; $query .= ' ORDER BY A.`ip_address`'; if ($ip_valid) { $pagination = FALSE; } // Override by address type $query = str_replace(array('ip_address', 'ip_network'), array($address_type . '_address', $address_type . '_network'), $query); //$query_count = str_replace(array('ip_address', 'ip_network'), array($address_type.'_address', $address_type.'_network'), $query_count); // Query addresses $entries = dbFetchRows($query, $param); $ip_array = array_merge($ip_array, $entries); $ip_array = array_sort($ip_array, $address_type . '_address'); // Query address count //if ($pagination) { $count = dbFetchCell($query_count, $param); } if ($pagination) { $count = count($ip_array); $ip_array = array_slice($ip_array, $start, $pagesize); } $list = array('device' => FALSE); if (!isset($vars['device']) || empty($vars['device']) || $vars['page'] == 'search') { $list['device'] = TRUE; } $string = generate_box_open($vars['header']); $string .= '<table class="' . OBS_CLASS_TABLE_STRIPED . '">' . PHP_EOL; if (!$short) { $string .= ' <thead>' . PHP_EOL; $string .= ' <tr>' . PHP_EOL; if ($list['device']) { $string .= ' <th>Device</th>' . PHP_EOL; } $string .= ' <th>Interface</th>' . PHP_EOL; $string .= ' <th>Address</th>' . PHP_EOL; $string .= ' <th>Description</th>' . PHP_EOL; $string .= ' </tr>' . PHP_EOL; $string .= ' </thead>' . PHP_EOL; } $string .= ' <tbody>' . PHP_EOL; foreach ($ip_array as $entry) { $address_show = TRUE; if ($ip_valid) { // If address not in specified network, don't show entry. if ($address_type === 'ipv4') { $address_show = Net_IPv4::ipInNetwork($entry[$address_type . '_address'], $addr . '/' . $mask); } else { $address_show = Net_IPv6::isInNetmask($entry[$address_type . '_address'], $addr, $mask); } } if ($address_show) { list($prefix, $length) = explode('/', $entry[$address_type . '_network']); if (port_permitted($entry['port_id']) || $entry['type'] == 'netscaler_vsvr') { if ($entry['type'] == 'netscaler_vsvr') { $entity_link = generate_entity_link($entry['type'], $entry); } else { humanize_port($entry); if ($entry['ifInErrors_delta'] > 0 || $entry['ifOutErrors_delta'] > 0) { $port_error = generate_port_link($entry, '<span class="label label-important">Errors</span>', 'port_errors'); } $entity_link = generate_port_link($entry, $entry['port_label_short']) . ' ' . $port_error; } $device_link = generate_device_link($entry); $string .= ' <tr>' . PHP_EOL; if ($list['device']) { $string .= ' <td class="entity" style="white-space: nowrap">' . $device_link . '</td>' . PHP_EOL; } $string .= ' <td class="entity">' . $entity_link . '</td>' . PHP_EOL; if ($address_type === 'ipv6') { $entry[$address_type . '_address'] = Net_IPv6::compress($entry[$address_type . '_address']); } $string .= ' <td>' . generate_popup_link('ip', $entry[$address_type . '_address'] . '/' . $length) . '</td>' . PHP_EOL; $string .= ' <td>' . $entry['ifAlias'] . '</td>' . PHP_EOL; $string .= ' </tr>' . PHP_EOL; } } } $string .= ' </tbody>' . PHP_EOL; $string .= '</table>'; $string .= generate_box_close(); // Print pagination header if ($pagination) { $string = pagination($vars, $count) . $string . pagination($vars, $count); } // Print addresses echo $string; }
* * Requires PEAR GeoIP & IPv4 * GeoLiteCity.dat needs to be in path * */ if (isset($_FILES["datafile"])) { $datafile = $_FILES["datafile"]["tmp_name"]; require_once "Net/GeoIP.php"; require_once 'Net/IPv4.php'; $geoip = Net_GeoIP::getInstance("GeoLiteCity.dat"); $iplist = array(); $json = ""; $file_handle = fopen($datafile, "r"); while (!feof($file_handle)) { $line = fgets($file_handle); if (Net_IPv4::validateIP(trim($line))) { array_push($iplist, trim($line)); } } fclose($file_handle); if (count($iplist) > 0) { $json = "{ 'items': " . count($iplist) . ", 'map_width': 0, 'map_length': 0, 'map_title': 'none', 'markers': [ "; $first = true; foreach ($iplist as $ip) { try { $data = $geoip->lookupLocation($ip); if (!$first) { $json .= ", "; } else { $first = false; }
/** * Display IPv4/IPv6 addresses. * * Display pages with IP addresses from device Interfaces. * * @param array $vars * @return none * */ function print_addresses($vars) { // With pagination? (display page numbers in header) $pagination = isset($vars['pagination']) && $vars['pagination']; $pageno = isset($vars['pageno']) && !empty($vars['pageno']) ? $vars['pageno'] : 1; $pagesize = isset($vars['pagesize']) && !empty($vars['pagesize']) ? $vars['pagesize'] : 10; $start = $pagesize * $pageno - $pagesize; switch ($vars['search']) { case '6': case 'ipv6': case 'v6': $address_type = 'ipv6'; break; default: $address_type = 'ipv4'; } $param = array(); $where = ' WHERE 1 '; foreach ($vars as $var => $value) { if ($value != '') { switch ($var) { case 'device': case 'device_id': $where .= ' AND I.device_id = ?'; $param[] = $value; break; case 'interface': $where .= ' AND I.ifDescr LIKE ?'; $param[] = $value; break; case 'network': $where .= ' AND N.ip_network_id = ?'; $param[] = $value; break; case 'address': list($addr, $mask) = explode('/', $value); if (is_numeric(stripos($addr, ':abcdef'))) { $address_type = 'ipv6'; } switch ($address_type) { case 'ipv6': $ip_valid = Net_IPv6::checkIPv6($addr); break; case 'ipv4': $ip_valid = Net_IPv4::validateIP($addr); break; } if ($ip_valid) { // If address valid -> seek occurrence in network if (!$mask) { $mask = $address_type === 'ipv4' ? '32' : '128'; } } else { // If address not valid -> seek LIKE $where .= ' AND A.ip_address LIKE ?'; $param[] = '%' . $addr . '%'; } break; } } } if ($_SESSION['userlevel'] >= 5) { $query_perms = ''; $query_user = ''; } else { $query_perms = 'LEFT JOIN devices_perms AS P ON D.device_id = P.device_id '; $query_user = '******'; $param[] = $_SESSION['user_id']; } // Don't show ignored and disabled devices $query_device = ' AND D.ignore = 0 '; if (!$config['web_show_disabled']) { $query_device .= 'AND D.disabled = 0 '; } $query = 'FROM `ip_addresses` AS A '; $query .= 'LEFT JOIN `ports` AS I ON I.port_id = A.port_id '; $query .= 'LEFT JOIN `devices` AS D ON I.device_id = D.device_id '; $query .= 'LEFT JOIN `ip_networks` AS N ON N.ip_network_id = A.ip_network_id '; $query .= $query_perms; $query .= $where . $query_device . $query_user; $query_count = 'SELECT COUNT(ip_address_id) ' . $query; $query = 'SELECT * ' . $query; $query .= ' ORDER BY A.ip_address'; if ($ip_valid) { $pagination = FALSE; } else { $query .= " LIMIT {$start},{$pagesize}"; } // Override by address type $query = str_replace(array('ip_address', 'ip_network'), array($address_type . '_address', $address_type . '_network'), $query); $query_count = str_replace(array('ip_address', 'ip_network'), array($address_type . '_address', $address_type . '_network'), $query_count); // Query addresses $entries = dbFetchRows($query, $param); // Query address count if ($pagination) { $count = dbFetchCell($query_count, $param); } $list = array('device' => FALSE); if (!isset($vars['device']) || empty($vars['device']) || $vars['page'] == 'search') { $list['device'] = TRUE; } $string = '<table class="table table-bordered table-striped table-hover table-condensed">' . PHP_EOL; if (!$short) { $string .= ' <thead>' . PHP_EOL; $string .= ' <tr>' . PHP_EOL; if ($list['device']) { $string .= ' <th>Device</th>' . PHP_EOL; } $string .= ' <th>Interface</th>' . PHP_EOL; $string .= ' <th>Address</th>' . PHP_EOL; $string .= ' <th>Description</th>' . PHP_EOL; $string .= ' </tr>' . PHP_EOL; $string .= ' </thead>' . PHP_EOL; } $string .= ' <tbody>' . PHP_EOL; foreach ($entries as $entry) { $address_show = TRUE; if ($ip_valid) { // If address not in specified network, don't show entry. if ($address_type === 'ipv4') { $address_show = Net_IPv4::ipInNetwork($entry[$address_type . '_address'], $addr . '/' . $mask); } else { $address_show = Net_IPv6::isInNetmask($entry[$address_type . '_address'], $addr, $mask); } } if ($address_show) { list($prefix, $length) = explode('/', $entry[$address_type . '_network']); if (port_permitted($entry['port_id'])) { humanize_port($entry); if ($entry['ifInErrors_delta'] > 0 || $entry['ifOutErrors_delta'] > 0) { $port_error = generate_port_link($entry, '<span class="label label-important">Errors</span>', 'port_errors'); } $string .= ' <tr>' . PHP_EOL; if ($list['device']) { $string .= ' <td class="entity" nowrap>' . generate_device_link($entry) . '</td>' . PHP_EOL; } $string .= ' <td class="entity">' . generate_port_link($entry, makeshortif($entry['label'])) . ' ' . $port_error . '</td>' . PHP_EOL; if ($address_type === 'ipv6') { $entry[$address_type . '_address'] = Net_IPv6::compress($entry[$address_type . '_address']); } $string .= ' <td>' . $entry[$address_type . '_address'] . '/' . $length . '</td>' . PHP_EOL; $string .= ' <td>' . $entry['ifAlias'] . '</td>' . PHP_EOL; $string .= ' </tr>' . PHP_EOL; } } } $string .= ' </tbody>' . PHP_EOL; $string .= '</table>'; // Print pagination header if ($pagination) { echo pagination($vars, $count); } // Print addresses echo $string; }