function nmap_scan_results()
{
if (!is_file("/etc/artica-postfix/nmap.map")) {
return;
}
$f = explode("\n", @file_get_contents("/etc/artica-postfix/nmap.map"));
while (list($index, $ligne) = each($f)) {
if (preg_match("#Nmap scan report for\\s+(.+?)\\s+\\(([0-9\\.]+)#", $ligne, $re)) {
$ipaddr = $re[2];
$computer[$ipaddr]["IPADDR"] = $re[2];
$computer[$ipaddr]["HOSTNAME"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} hostname= {$re[1]}";
continue;
}
if (preg_match("#Nmap scan report for ([0-9\\.]+)\$#", trim($ligne), $re)) {
$ipaddr = $re[1];
$computer[$ipaddr]["IPADDR"] = $re[1];
$LOGS[] = "Found {$ipaddr} without computername ";
continue;
}
if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($ligne), $re)) {
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$computer[$ipaddr]["MAC"] = trim($re[1]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} ";
$MACSSCAN[trim($re[1])] = true;
continue;
}
if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $ligne, $re)) {
if (isset($MACSSCAN[trim($re[1])])) {
continue;
}
$MACSSCAN[trim($re[1])] = true;
$computer[$ipaddr]["MAC"] = trim($re[1]);
$computer[$ipaddr]["MACHINE_TYPE"] = trim($re[2]);
$LOGS[] = "Found {$ipaddr} with mac {$re[1]} and machine type {$re[2]}";
continue;
}
if (preg_match("#^Running:(.+)#", $ligne, $re)) {
$computer[$ipaddr]["RUNNING"] = trim($re[1]);
continue;
}
if (preg_match("#^OS details:(.+)#", $ligne, $re)) {
$LOGS[] = "Found {$ipaddr} with OS {$re[1]}";
$computer[$ipaddr]["OS"] = trim($re[1]);
continue;
}
}
nmap_logs(count($f) . " analyzed lines", @implode("\n", $LOGS));
$c = 0;
while (list($ipaddr, $array) = each($computer)) {
if (isset($already[$mac])) {
continue;
}
$mac = trim($array["MAC"]);
if ($mac == null) {
continue;
}
$c++;
$already[$mac] = true;
$ldap_ipaddr = null;
$ComputerRealName = null;
$uid = null;
$RAISON = array();
if (!isset($array["HOSTNAME"])) {
$array["HOSTNAME"] = null;
}
if (!isset($array["OS"])) {
$array["OS"] = null;
}
if (!isset($array["RUNNING"])) {
$array["RUNNING"] = null;
}
if (!isset($array["MACHINE_TYPE"])) {
$array["MACHINE_TYPE"] = null;
}
$cmp = new computers(null);
$uid = $cmp->ComputerIDFromMAC($mac);
if ($uid != null) {
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\n";
}
$cmp = new computers($uid);
$ldap_ipaddr = $cmp->ComputerIP;
$ComputerRealName = $cmp->ComputerRealName;
if ($GLOBALS["VERBOSE"]) {
echo "{$mac} = {$uid}\nLDAP:{$ldap_ipaddr}<>NMAP:{$ipaddr}\nLDAP CMP:{$ComputerRealName}<>NMAP:{$array["HOSTNAME"]}";
}
if ($array["HOSTNAME"] != null) {
$EXPECTED_UID = strtoupper($array["HOSTNAME"]) . "\$";
if ($EXPECTED_UID != $uid) {
$RAISON[] = "UID: {$uid} is different from {$EXPECTED_UID}";
nmap_logs("EDIT UID: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_uid($EXPECTED_UID);
}
}
if ($ldap_ipaddr != $ipaddr) {
writelogs("Change {$ldap_ipaddr} -> to {$ipaddr} for {$cmp->uid}", __FUNCTION__, __FILE__, __LINE__);
$RAISON[] = "LDAP IP ADDR: {$ldap_ipaddr} is different from {$ipaddr}";
$RAISON[] = "DN: {$cmp->dn}";
$RAISON[] = "UID: {$cmp->uid}";
$RAISON[] = "MAC: {$cmp->ComputerMacAddress}";
if (!$cmp->update_ipaddr($ipaddr)) {
$RAISON[] = "ERROR:{$cmp->ldap_last_error}";
}
nmap_logs("EDIT IP: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
}
if ($array["OS"] != null) {
if (strtolower($cmp->ComputerOS == "Unknown")) {
$cmp->ComputerOS = null;
}
if ($cmp->ComputerOS == null) {
$RAISON[] = "LDAP OS: {$cmp->ComputerOS} is different from {$array["OS"]}";
nmap_logs("EDIT OS: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), $uid);
$cmp->update_OS($array["OS"]);
}
}
} else {
if ($array["HOSTNAME"] != null) {
$uid = "{$array["HOSTNAME"]}\$";
} else {
$uid = "{$ipaddr}\$";
}
nmap_logs("ADD NEW: {$mac}:[{$array["HOSTNAME"]}] ({$ipaddr})", @implode("\n", $array) . "\n" . @implode("\n", $RAISON), "{$uid}");
$cmp = new computers();
$cmp->ComputerIP = $ipaddr;
$cmp->ComputerMacAddress = $mac;
$cmp->uid = "{$uid}";
$cmp->ComputerOS = $array["OS"];
$cmp->ComputerRunning = $array["RUNNING"];
$cmp->ComputerMachineType = $array["MACHINE_TYPE"];
$cmp->Add();
}
}
nmap_logs("{$c} hosts analyzed in databases");
@unlink("/etc/artica-postfix/nmap.map");
//print_r($computer);
}
function nmap_scan_period()
{
if (system_is_overloaded(basename(__FILE__))) {
writelogs("Overloaded system, aborting", __FUNCTION__, __FILE__, __LINE__);
return;
}
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/exec.nmapscan.php.nmap_scan_period.pid";
$pidtime = "/etc/artica-postfix/pids/exec.nmapscan.php.nmap_scan_period.time";
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
die;
}
@unlink($pidfile);
@file_put_contents($pidfile, getmypid());
$sock = new sockets();
$EnableScanComputersNet = $sock->GET_INFO("EnableScanComputersNet");
if (!is_numeric($EnableScanComputersNet)) {
$EnableScanComputersNet = 0;
}
if ($EnableScanComputersNet == 0) {
die;
}
$EnableScanComputersNetSchedule = $sock->GET_INFO("EnableScanComputersNetSchedule");
if (!is_numeric($EnableScanComputersNetSchedule)) {
$EnableScanComputersNetSchedule = 15;
}
if ($EnableScanComputersNetSchedule < 5) {
$EnableScanComputersNetSchedule = 5;
}
$time = $unix->file_time_min($pidtime);
if ($time < $EnableScanComputersNetSchedule) {
die;
}
@unlink($pidtime);
@file_put_contents($pidtime, time());
$sql = "SELECT MACADDR,IPADDRESS FROM networks";
$q = new mysql();
$results = $q->QUERY_SQL($sql, "ocsweb");
$computer = new computers();
if (!$q->ok) {
if (preg_match("#Unknown database#", $q->mysql_error)) {
$sock = new sockets();
$sock->getFrameWork("services.php?mysql-ocs=yes");
$results = $q->QUERY_SQL($sql, "ocsweb");
}
return;
}
if (!$q->FIELD_EXISTS("networks", "isActive", "ocsweb")) {
$q->QUERY_SQL("ALTER TABLE `networks` ADD `isActive` SMALLINT( 1 ) NOT NULL DEFAULT '0',ADD INDEX ( `isActive` ) ", "ocsweb");
}
$users = new usersMenus();
if (!is_file("{$users->NMAP_PATH}")) {
return null;
}
$cmp = new computers();
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$MACADDR = $ligne["MACADDR"];
$IPADDRESS = $ligne["IPADDRESS"];
$cmd = $users->NMAP_PATH . " -v -F -PE -PN -O {$IPADDRESS} --system-dns --version-light 2>&1";
$resultsScan = array();
exec($cmd, $resultsScan);
$PORTS = array();
$osDetails = null;
$uid = null;
$UpTime = null;
$LIVE = false;
$MACSSCAN = null;
while (list($index, $line) = each($resultsScan)) {
if (preg_match("#Nmap scan report for.+?host down#", $line)) {
if ($GLOBALS["VERBOSE"]) {
echo "{$MACADDR} ({$IPADDRESS}) DOWN\n";
}
nmap_scan_period_save($IPADDRESS, $MACADDR, 0);
break;
}
if (preg_match("#([0-9]+).+?open\\s+(.+)#", $line, $re)) {
$PORTS[$re[1]] = $re[2];
continue;
}
if (preg_match("#^OS details:(.+)#", $line, $re)) {
$osDetails = trim($re[1]);
if (preg_match("#Microsoft.+?Windows.+?7#i", $osDetails)) {
$osDetails = "Windows 7";
}
continue;
}
if (preg_match("#^Uptime guess:\\s+(.+)#", $line, $re)) {
$UpTime = $re[1];
continue;
}
if (preg_match("#^MAC Address:\\s+([0-9A-Z:]+)\$#", trim($line), $re)) {
$MACSSCAN = trim(strtolower($re[1]));
continue;
}
if (preg_match("#^MAC Address:(.+).+?\\((.+?)\\)#", $line, $re)) {
$MACSSCAN = trim(strtolower($re[1]));
continue;
}
}
if (count($PORTS) > 0) {
AddPorts($PORTS, $MACADDR);
if (is_array($PORTS)) {
$uid = $cmp->ComputerIDFromMAC($MACADDR);
$cmp = new computers($uid);
$portser = serialize($PORTS);
$cmp->UpdateComputerOpenPorts(base64_encode($portser));
$PORTS = array();
$LIVE = true;
}
}
if ($MACADDR == "unknown") {
if ($MACSSCAN != null) {
$MACADDR = $MACSSCAN;
}
}
if ($osDetails != null) {
if ($uid == null) {
$uid = $cmp->ComputerIDFromMAC($MACADDR);
$cmp = new computers($uid);
}
if ($cmp->ComputerOS != $osDetails) {
$cmp->update_OS($osDetails);
}
$LIVE = true;
}
if ($UpTime != null) {
if ($uid == null) {
$uid = $cmp->ComputerIDFromMAC($MACADDR);
$cmp = new computers($uid);
}
$cmp->UpdateComputerUpTime($UpTime);
$LIVE = true;
}
if ($LIVE) {
if ($GLOBALS["VERBOSE"]) {
echo "{$IPADDRESS}/{$MACADDR} " . count($PORTS) . " ports ({$osDetails}) TTL:{$UpTime}\n";
}
nmap_scan_period_save($IPADDRESS, $MACADDR, 1);
$LIVE = false;
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "{$IPADDRESS}/{$MACADDR} DOWN\n";
}
}
}
