From 81c75b3d92e302494ef52f88d5ff349db6d3d486 Mon Sep 17 00:00:00 2001 From: Adam Amstrong Date: Wed, 19 Nov 2008 12:12:54 +0000 Subject: [PATCH] bug fixes and security fixes git-svn-id: http://www.observium.org/svn/observer/trunk@307 61d68cd4-352d-0410-923a-c4978735b2b8 --- cleanup.php | 26 +++++++++++------------ cron-hourly.sh | 2 +- html/netcmd.php | 2 +- html/pages/device/dev-ifs.inc | 2 +- includes/discovery/cisco-pw.php | 30 +++++++++++++++++++++++---- includes/discovery/interfaces.php | 18 ++++++++++++---- includes/discovery/ipv6-addresses.php | 4 +++- includes/functions.php | 23 +++++++++++++++++--- includes/polling/interfaces.inc.php | 2 +- poll-device.php | 2 +- test-discovery.php | 4 ++-- 11 files changed, 83 insertions(+), 32 deletions(-) diff --git a/cleanup.php b/cleanup.php index 3e1b664f2..e743f2b00 100755 --- a/cleanup.php +++ b/cleanup.php @@ -6,21 +6,21 @@ include("config.php"); include("includes/functions.php"); -#$query = "SELECT *,A.id as id FROM ipaddr AS A, interfaces as I, devices as D -# WHERE A.interface_id = I.interface_id AND I.device_id = D.device_id AND D.status = '1'"; +$query = "SELECT *,A.id as id FROM ipaddr AS A, interfaces as I, devices as D + WHERE A.interface_id = I.interface_id AND I.device_id = D.device_id AND D.status = '1'"; -#$data = mysql_query($query); -#while($row = mysql_fetch_array($data)) { +$data = mysql_query($query); +while($row = mysql_fetch_array($data)) { -# $mask = trim(shell_exec($config['ipcalc'] . " ".$row['addr']."/".$row['cidr']." | grep Netmask: | cut -d \" \" -f 4")); -# $response = trim(`snmpget -v2c -Osq -c $row[community] $row[hostname] ipAdEntIfIndex.$row[addr] | cut -d " " -f 2`); -# $maskcheck = trim(`snmpget -v2c -Osq -c $row[community] $row[hostname] ipAdEntNetMask.$row[addr] | cut -d " " -f 2`); -# if($response == $row['ifIndex'] && $mask == $maskcheck) { -# } else { -# mysql_query("delete from ipaddr where id = '$row[id]'"); -# echo("Deleted $row[addr] from $row[hostname]\n"); -# } -#} + $mask = trim(shell_exec($config['ipcalc'] . " ".$row['addr']."/".$row['cidr']." | grep Netmask: | cut -d \" \" -f 4")); + $response = trim(`snmpget -v2c -Osq -c $row[community] $row[hostname] ipAdEntIfIndex.$row[addr] | cut -d " " -f 2`); + $maskcheck = trim(`snmpget -v2c -Osq -c $row[community] $row[hostname] ipAdEntNetMask.$row[addr] | cut -d " " -f 2`); + if($response == $row['ifIndex'] && $mask == $maskcheck) { + } else { + mysql_query("delete from ipaddr where id = '$row[id]'"); + echo("Deleted $row[addr] from $row[hostname]\n"); + } +} $sql = "SELECT * FROM devices WHERE status = '1'"; $query = mysql_query($sql); diff --git a/cron-hourly.sh b/cron-hourly.sh index ee8174dbd..674a9fcfe 100755 --- a/cron-hourly.sh +++ b/cron-hourly.sh @@ -2,7 +2,7 @@ ./discovery.php --even & ./discovery.php --odd & ./update-interface.php -./discover-cdp.php +#./discover-cdp.php ./cleanup.php ./generate-map.sh ./check-errors.php diff --git a/html/netcmd.php b/html/netcmd.php index 3512c1531..43633779c 100644 --- a/html/netcmd.php +++ b/html/netcmd.php @@ -17,7 +17,7 @@ include("includes/authenticate.inc"); if($_GET['query'] && $_GET['cmd']) { $host = $_GET['query']; - if(Net_IPv6::checkIPv6($host)||Net_IPv4::validateip($host)||preg_match("/^[a-zA-Z0-9.]*$/", $host)) { + if(Net_IPv6::checkIPv6($host)||Net_IPv4::validateip($host)||preg_match("/^[a-zA-Z0-9.-]*$/", $host)) { switch ($_GET['cmd']) { case 'whois': $output = `/usr/bin/whois $host | grep -v \%`; diff --git a/html/pages/device/dev-ifs.inc b/html/pages/device/dev-ifs.inc index f50620381..2251c8d94 100644 --- a/html/pages/device/dev-ifs.inc +++ b/html/pages/device/dev-ifs.inc @@ -4,7 +4,7 @@ $hostname = gethostbyid($_GET[id]); echo("
"); $i = "1"; - $interface_query = mysql_query("select * from interfaces WHERE device_id = '$_GET[id]' ORDER BY `ifDescr` ASC"); + $interface_query = mysql_query("select * from interfaces WHERE device_id = '$_GET[id]' AND deleted = '0' ORDER BY `ifDescr` ASC"); while($interface = mysql_fetch_array($interface_query)) { include("includes/print-interface.inc"); } diff --git a/includes/discovery/cisco-pw.php b/includes/discovery/cisco-pw.php index cf0b5cdcc..859dc5341 100755 --- a/includes/discovery/cisco-pw.php +++ b/includes/discovery/cisco-pw.php @@ -1,6 +1,7 @@ $interface_descr($if_id)) \n"); - +# echo("Oid: " . $cpwOid . " cpwVcID: " . $cpwVcID . " Remote Id: " . $cpw_remote_id . "($hostname(".$cpw_remote_device.") -> $interface_descr($if_id)) \n"); if(mysql_result(mysql_query("SELECT count(*) FROM pseudowires WHERE `interface_id` = '$if_id' AND `cpwVcID`='".$cpwVcID."'"),0)) { - echo("already have! \n"); + echo("."); } else { $insert_query = "INSERT INTO `pseudowires` (`interface_id`,`peer_device_id`,`peer_ldp_id`,`cpwVcID`,`cpwOid`) "; $insert_query .= "VALUES ('$if_id','$cpw_remote_device','$cpw_remote_id','$cpwVcID', '$cpwOid')"; mysql_query($insert_query); + echo("+"); + # echo($device['device_id'] . " $cpwOid $cpw_remote_device $if_id $cpwVcID\n"); } - + $cpw_exists[] = $device['device_id'] . " $cpwOid $cpw_remote_device $if_id $cpwVcID"; } } } } +$sql = "SELECT * FROM pseudowires AS P, interfaces AS I, devices as D WHERE P.interface_id = I.interface_id AND I.device_id = D.device_id AND D.device_id = '".$device['device_id']."'"; +$query = mysql_query($sql); + +while ($cpw = mysql_fetch_array($query)) { + unset($exists); + $i = 0; + while ($i < count($cpw_exists) && !$exists) { + $this_cpw = $cpw['device_id'] . " " . $cpw['cpwOid'] . " " . $cpw['peer_device_id'] . " " . $cpw['interface_id'] . " " . $cpw['cpwVcID']; + if ($cpw_exists[$i] == $this_cpw) { $exists = 1; +# echo($cpw_exists[$i]. " || $this_cpw \n"); + } + $i++; + } + if(!$exists) { + echo("-"); +# echo($this_cpw . "\n"); + mysql_query("DELETE FROM pseudowires WHERE pseudowire_id = '" . $cpw['pseudowire_id'] . "'"); + } +} + ?> diff --git a/includes/discovery/interfaces.php b/includes/discovery/interfaces.php index 97b25d063..f6a3302f6 100755 --- a/includes/discovery/interfaces.php +++ b/includes/discovery/interfaces.php @@ -17,6 +17,10 @@ $entry = trim($entry); list($ifIndex, $ifName) = explode("||", $entry); + $ifDescr = $config['snmpget'] . " -O qv -" . $device['snmpver'] . " -c " . $device['community'] . " " . $device['hostname'] . " ifAlias.$ifIndex"; + $ifDescr = str_replace("No Such Object available on this agent at this OID", "", $ifDescr); + $ifDescr = str_replace("No Such Instance currently exists at this OID", "", $ifDescr); + if(!strstr($entry, "irtual")) { $ifName = trim(str_replace("\"", "", $ifName)); $if = trim(strtolower($ifName)); @@ -30,7 +34,7 @@ if (preg_match('/ng[0-9]+$/', $if)) { $nullintf = '1'; } if ($nullintf == 0) { if(mysql_result(mysql_query("SELECT COUNT(*) FROM `interfaces` WHERE `device_id` = '".$device['device_id']."' AND `ifIndex` = '$ifIndex'"), 0) == '0') { - mysql_query("INSERT INTO `interfaces` (`device_id`,`ifIndex`,`ifDescr`) VALUES ('".$device['device_id']."','$ifIndex','$ifName')"); + mysql_query("INSERT INTO `interfaces` (`device_id`,`ifIndex`,`ifDescr`) VALUES ('".$device['device_id']."','$ifIndex','$ifDescr')"); # Add Interface echo("+"); } else { @@ -43,9 +47,15 @@ } $int_exists[] = "$ifIndex"; } else { - # Ignored Interface - echo("$if \n"); - echo("X"); + # Ignored Interface + #echo("$if \n"); + if(mysql_result(mysql_query("SELECT COUNT(*) FROM `interfaces` WHERE `device_id` = '".$device['device_id']."' AND `ifIndex` = '$ifIndex'"), 0) != '0') { + mysql_query("UPDATE `interfaces` SET `deleted` = '1' WHERE `device_id` = '".$device['device_id']."' AND `ifIndex` = '$ifIndex'"); + # Delete Interface + echo("-"); ## Deleted Interface + } else { + echo("X"); ## Ignored Interface + } } } } diff --git a/includes/discovery/ipv6-addresses.php b/includes/discovery/ipv6-addresses.php index f2f34bacb..de7a993cd 100644 --- a/includes/discovery/ipv6-addresses.php +++ b/includes/discovery/ipv6-addresses.php @@ -6,9 +6,10 @@ $ipv6interfaces = shell_exec($config['snmpget']." -Ovnq -".$device['snmpver']." if($ipv6interfaces){ - $oids = trim(shell_exec($config['snmpwalk']." -".$device['snmpver']." -Ln -c ".$device['community']." ".$device['hostname']." ipAddressIfIndex.ipv6 -Osq | grep -v No")); + $oids = trim(trim(shell_exec($config['snmpwalk']." -".$device['snmpver']." -Ln -c ".$device['community']." ".$device['hostname']." ipAddressIfIndex.ipv6 -Osq | grep -v No"))); $oids = str_replace("ipAddressIfIndex.ipv6.", "", $oids); $oids = str_replace("\"", "", $oids); $oids = trim($oids); foreach(explode("\n", $oids) as $data) { + if($data) { $data = trim($data); list($ipv6addr,$ifIndex) = explode(" ", $data); $oid = ""; @@ -47,6 +48,7 @@ if($ipv6interfaces){ echo("A"); } } else { echo("."); } + } } } else { echo("None configured"); } diff --git a/includes/functions.php b/includes/functions.php index d097edcf8..c3155aadc 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -315,6 +315,14 @@ $type = strtolower($data['os']); } +function renamehost($id, $new) { + global $config; + $host = mysql_result(mysql_query("SELECT hostname FROM devices WHERE device_id = '$id'"), 0); + shell_exec("mv ".$config['rrd_dir']."/$host ".$config['rrd_dir']."/$new"); + mysql_query("UPDATE devices SET hostname = '$new' WHERE device_id = '$id'"); + mysql_query("INSERT INTO eventlog (host, datetime, message) VALUES ('" . $id . "', NULL, NOW(), 'Hostname changed -> $new (console)')"); +} + function delHost($id) { global $config; $host = mysql_result(mysql_query("SELECT hostname FROM devices WHERE device_id = '$id'"), 0); @@ -388,11 +396,21 @@ function scanUDP ($host, $port, $timeout) { function humanmedia($media) { $media = preg_replace("/^ethernetCsmacd$/", "Ethernet", $media); - $media = preg_replace("/^softwareLoopback$/", "Software Loopback", $media); + $media = preg_replace("/^softwareLoopback$/", "Loopback", $media); $media = preg_replace("/^tunnel$/", "Tunnel", $media); - $media = preg_replace("/^propVirtual$/", "Ethernet VLAN", $media); + $media = preg_replace("/^propVirtual$/", "Virtual Int", $media); $media = preg_replace("/^ppp$/", "PPP", $media); + $media = preg_replace("/^ds1$/", "DS1", $media); + $media = preg_replace("/^pos$/", "POS", $media); + $media = preg_replace("/^sonet$/", "SONET", $media); $media = preg_replace("/^slip$/", "SLIP", $media); + $media = preg_replace("/^mpls$/", "MPLS Layer", $media); + $media = preg_replace("/^l2vlan$/", "VLAN Subif", $media); + $media = preg_replace("/^atm$/", "ATM", $media); + $media = preg_replace("/^aal5$/", "ATM AAL5", $media); + $media = preg_replace("/^atmSubInterface$/", "ATM Subif", $media); + $media = preg_replace("/^propPointToPointSerial$/", "PtP Serial", $media); + return $media; } @@ -577,7 +595,6 @@ function fixifName ($inf) { return $inf; } - function fixIOSFeatures($features){ $features = preg_replace("/^PK9S$/", "IP w/SSH LAN Only", $features); $features = str_replace("LANBASEK9", "Lan Base Crypto", $features); diff --git a/includes/polling/interfaces.inc.php b/includes/polling/interfaces.inc.php index 2907db381..622118535 100644 --- a/includes/polling/interfaces.inc.php +++ b/includes/polling/interfaces.inc.php @@ -18,7 +18,7 @@ while ($interface = mysql_fetch_array($interface_query)) { echo("Looking at " . $interface['ifDescr'] . " on " . $device['hostname'] . "\n"); - $snmp_cmd = "snmpget -O qv -" . $device['snmpver'] . " -c " . $device['community'] . " " . $device['hostname']; + $snmp_cmd = $config['snmpget'] . " -O qv -" . $device['snmpver'] . " -c " . $device['community'] . " " . $device['hostname']; $snmp_cmd .= " ifAdminStatus." . $interface['ifIndex'] . " ifOperStatus." . $interface['ifIndex'] . " ifAlias." . $interface['ifIndex']; $snmp_output = trim(`$snmp_cmd`); diff --git a/poll-device.php b/poll-device.php index e1a05ca51..16018cbee 100755 --- a/poll-device.php +++ b/poll-device.php @@ -196,7 +196,7 @@ while ($device = mysql_fetch_array($device_query)) { include("includes/polling/device-netstats.inc.php"); echo("Polling interfaces\n"); - $where = "WHERE device_id = '" . $device['device_id'] . "'"; + $where = "WHERE device_id = '" . $device['device_id'] . "' AND deleted = '0'"; include("includes/polling/interfaces.inc.php"); } else { diff --git a/test-discovery.php b/test-discovery.php index 10302c3e8..501fa3d91 100755 --- a/test-discovery.php +++ b/test-discovery.php @@ -38,9 +38,9 @@ while ($device = mysql_fetch_array($device_query)) { # include("includes/discovery/unix-memory.php"); -# include("cisco-pw.php"); + include("includes/discovery/ipv6-addresses.php"); - include("includes/discovery/cisco-vrf.php"); +# include("includes/discovery/cisco-pw.php"); echo("\n"); $devices_polled++; }