From 2556980234a373cb40b2786b3c5256959801beb3 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 18:35:25 -0500 Subject: [PATCH 01/21] Update README.md --- README.md | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 8f9b8d7..b7bc412 100644 --- a/README.md +++ b/README.md @@ -1 +1,31 @@ -# glass-dhcpd-isc +# Glass + +## Dashboard +* Glass has a dashboard containing quick-glance important information pertaining to the health of the server and the pools configured + * DHCP Leases per second / minute + * Total Active Leases + * Server CPU Utilization + * Shared Network Utilization + * Subnet Utilization + +![dashboard_1](https://user-images.githubusercontent.com/3319450/31204215-6b805826-a930-11e7-8e07-4731c958bda4.gif) + +## DHCP Config Editing +* A built in config web editor that uses the dhcp server binary to check syntax before over-writing the production config with a bad configuration + +![dhcp_config](https://user-images.githubusercontent.com/3319450/31204509-bb583c00-a931-11e7-982c-186ef8c33e61.gif) + +## DHCP Config Snapshots +* Mess up a config? Snapshots are quickly available through the snapshots sidebar as long as you've been editing the config through the Glass interface + +![dhcp_config_snapshots](https://user-images.githubusercontent.com/3319450/31204512-bd1f07da-a931-11e7-810d-41f88ca55265.gif) + +## DHCP Server Restart +* Server Stop / Start / Restarting can all be done through the Glass interface + +![dhcp_server_restart](https://user-images.githubusercontent.com/3319450/31204517-c06001ba-a931-11e7-8e8a-1bf2779b9497.gif) + +## Glass API +* Glass has a small but powerful REST API exposing data not otherwise available easily through raw isc-dhcp-server formats + +![api_examples](https://user-images.githubusercontent.com/3319450/31204191-3e197804-a930-11e7-871e-2c469480b906.gif) From 89add0bf555f22b186772178e03a112539a79527 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 18:37:52 -0500 Subject: [PATCH 02/21] Update README.md --- README.md | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index b7bc412..81c588a 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,15 @@ -# Glass +![glass_logo](https://user-images.githubusercontent.com/3319450/31204769-06a0f9da-a933-11e7-87d5-efda1059ccfe.png) + +# Glass + ## Dashboard * Glass has a dashboard containing quick-glance important information pertaining to the health of the server and the pools configured - * DHCP Leases per second / minute - * Total Active Leases - * Server CPU Utilization - * Shared Network Utilization - * Subnet Utilization + * DHCP Leases per second / minute + * Total Active Leases + * Server CPU Utilization + * Shared Network Utilization + * Subnet Utilization ![dashboard_1](https://user-images.githubusercontent.com/3319450/31204215-6b805826-a930-11e7-8e07-4731c958bda4.gif) From 5813dd5c66293d67385b79c9898ee1ec34709433 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 18:59:22 -0500 Subject: [PATCH 03/21] Update README.md --- README.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 81c588a..aeb9fbe 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ ![glass_logo](https://user-images.githubusercontent.com/3319450/31204769-06a0f9da-a933-11e7-87d5-efda1059ccfe.png) # Glass - +* Glass was created as a quick side project out of necessity to fulfill requirements not readily available through our production ISC DHCP Servers ## Dashboard * Glass has a dashboard containing quick-glance important information pertaining to the health of the server and the pools configured @@ -28,6 +28,18 @@ ![dhcp_server_restart](https://user-images.githubusercontent.com/3319450/31204517-c06001ba-a931-11e7-8e8a-1bf2779b9497.gif) +## Statistics +* Glass exposes useful statistical information in the Web interface that is also available through the raw API interface + +![statistics_1](https://user-images.githubusercontent.com/3319450/31204863-80c1cf82-a933-11e7-8682-ac3ebffeb6f5.gif) + +## Log Streaming +* Stream the DHCP syslog via Websockets to your browser, making troubleshooting efforts super easy by being able to add realtime filters and have MAC address be translated realtime to the vendor for readability + +![dhcp_log_stream_filter](https://user-images.githubusercontent.com/3319450/31205190-9c97e4b0-a935-11e7-9c2c-d26f476cfa14.gif) + +![log_stream](https://user-images.githubusercontent.com/3319450/31204870-89cccc94-a933-11e7-97fc-27547c90892c.gif) + ## Glass API * Glass has a small but powerful REST API exposing data not otherwise available easily through raw isc-dhcp-server formats From 2762011b34757a15065ba2a8e1aeb4e7120a3970 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 19:28:12 -0500 Subject: [PATCH 04/21] Update README.md --- README.md | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index aeb9fbe..54f1862 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,33 @@ -![glass_logo](https://user-images.githubusercontent.com/3319450/31204769-06a0f9da-a933-11e7-87d5-efda1059ccfe.png) +# Glass Glass +* Glass was created as a quick side project out of necessity to fulfill requirements not readily available through our production ISC DHCP Servers for our organization - I've decided to share it for anyone who would also find it useful +* More features and application-level things could be extended into the interface but my goals were simply the high yield features for our production network needs -# Glass -* Glass was created as a quick side project out of necessity to fulfill requirements not readily available through our production ISC DHCP Servers +## Features + * DHCP IPv4 Support (No IPv6 at this time) + * Realtime Alerting + * Shared Subnet Utilization Alerting + * Customize thresholds (IE: Warning: 80% Critical 95%) + * Leases Per Minute - If your disk fills up - or your SAN is unavailable - alerting your team on absolutely zero activity on your production server can allow you to be on the 8 ball + * Alerting Destinations + * Slack + * E-Mail + * SMS + * Statistics (Available through REST API) + * Shared Network Utilization + * Individual Network Utilization + * Vendor Counts by MAC + * OUI Count + * Excessive DHCP Requests + * Log Streaming (Realtime via Websockets) + * Lease Data + * Full active DHCP lease data available via API and searchable through the web interface + * All options are dynamically parsed into an easy to ingest JSON format + * Config Edit (Only supports single DHCP config file configurations) + * Edit the DHCP config using a full web-based text editor (Ace) + * Before saving the config - Glass will run a syntax check against the file + * Config editing through Glass creates a backup (snapshot) on success with no syntax errors and commits to production file + * Start / Stop / Restart server process + * Administrative Authentication enforced on administrative tasks (Restarts/Config/Glass Settings) ## Dashboard * Glass has a dashboard containing quick-glance important information pertaining to the health of the server and the pools configured From a82f00b7841ad6c375be10820f32a79df32dde51 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 19:43:45 -0500 Subject: [PATCH 05/21] Update README.md --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 54f1862..f9d0fce 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,10 @@ * More features and application-level things could be extended into the interface but my goals were simply the high yield features for our production network needs ## Features + * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime * DHCP IPv4 Support (No IPv6 at this time) + * Full OUI Database + * Has complete vendor to MAC OUI database - with a script to pull down and update live data * Realtime Alerting * Shared Subnet Utilization Alerting * Customize thresholds (IE: Warning: 80% Critical 95%) From c2ce503bc5f91b069a21d9d3f90d0d6ad94a6436 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 20:21:33 -0500 Subject: [PATCH 06/21] Create LICENSE --- LICENSE | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 LICENSE diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..fb90141 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2017 Chris Miles + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. From e82f2f88c37dbdeede37281ad9eb7627f4d4b628 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 20:43:00 -0500 Subject: [PATCH 07/21] Update README.md --- README.md | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index f9d0fce..e02a102 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,7 @@ -# Glass Glass +[![npm](https://img.shields.io/npm/v/npm.svg)]() +[![CocoaPods](https://img.shields.io/cocoapods/l/AFNetworking.svg)]() + +# Glass Glass * Glass was created as a quick side project out of necessity to fulfill requirements not readily available through our production ISC DHCP Servers for our organization - I've decided to share it for anyone who would also find it useful * More features and application-level things could be extended into the interface but my goals were simply the high yield features for our production network needs @@ -73,3 +76,15 @@ * Glass has a small but powerful REST API exposing data not otherwise available easily through raw isc-dhcp-server formats ![api_examples](https://user-images.githubusercontent.com/3319450/31204191-3e197804-a930-11e7-871e-2c469480b906.gif) + +# Alerting +* Glass currently supports the following alerting methods + +## E-Mail + + + +## Slack + +![snip20171004_11](https://user-images.githubusercontent.com/3319450/31207501-2e9fda58-a944-11e7-99b3-cdab2ae3f81f.png) + From e4abd90411827c110e2dcde374aceae32f3c974e Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 20:52:29 -0500 Subject: [PATCH 08/21] Update README.md --- README.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e02a102..711a59d 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,11 @@ ![api_examples](https://user-images.githubusercontent.com/3319450/31204191-3e197804-a930-11e7-871e-2c469480b906.gif) # Alerting -* Glass currently supports the following alerting methods +* Currently, Glass alerts on + * Shared Network Utilization % Thresholds (Warning & Critical) (Default 0 and 95) + * Leases per minute rate (Default 50) + * 0 values = Off +* Glass currently supports the following alerting delivery methods ## E-Mail @@ -86,5 +90,12 @@ ## Slack -![snip20171004_11](https://user-images.githubusercontent.com/3319450/31207501-2e9fda58-a944-11e7-99b3-cdab2ae3f81f.png) + + +## SMS - Simple Format +* SMS gets cut off at 140 characters - but you get the core alert and should only be used as a backup measure to other methods + + + + From dc7d51e86357e09e889d24b2dbf2b6387cd5db20 Mon Sep 17 00:00:00 2001 From: Akkadius Date: Wed, 4 Oct 2017 21:09:31 -0500 Subject: [PATCH 09/21] Update README.md --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 711a59d..0126883 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,10 @@ # Glass Glass * Glass was created as a quick side project out of necessity to fulfill requirements not readily available through our production ISC DHCP Servers for our organization - I've decided to share it for anyone who would also find it useful * More features and application-level things could be extended into the interface but my goals were simply the high yield features for our production network needs +* Disclaimer: Glass and its author has no affiliation with ISC and the authors of isc-dhcp-server +* Original Author: Chris Miles: chris.miles.e@gmail.com -## Features +# Features * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime * DHCP IPv4 Support (No IPv6 at this time) * Full OUI Database @@ -34,9 +36,11 @@ * Config editing through Glass creates a backup (snapshot) on success with no syntax errors and commits to production file * Start / Stop / Restart server process * Administrative Authentication enforced on administrative tasks (Restarts/Config/Glass Settings) + * Uses AdminBSB UI with customizations and tweaks + * Full Mobile support ## Dashboard -* Glass has a dashboard containing quick-glance important information pertaining to the health of the server and the pools configured +* Glass has a dashboard containing quick-glance important information pertaining to the health of the server and the pools configured - statistics update in realtime * DHCP Leases per second / minute * Total Active Leases * Server CPU Utilization @@ -73,7 +77,7 @@ ![log_stream](https://user-images.githubusercontent.com/3319450/31204870-89cccc94-a933-11e7-97fc-27547c90892c.gif) ## Glass API -* Glass has a small but powerful REST API exposing data not otherwise available easily through raw isc-dhcp-server formats +* Glass has a small but powerful REST API exposing data not otherwise available easily through raw isc-dhcp-server data formats ![api_examples](https://user-images.githubusercontent.com/3319450/31204191-3e197804-a930-11e7-871e-2c469480b906.gif) From 8f3d97438423c977cec5d42fe888d9621d0421af Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Wed, 4 Oct 2017 21:44:47 -0500 Subject: [PATCH 10/21] Update README.md --- README.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 0126883..e09d1db 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,8 @@ [![npm](https://img.shields.io/npm/v/npm.svg)]() [![CocoaPods](https://img.shields.io/cocoapods/l/AFNetworking.svg)]() -# Glass Glass +

Glass Glass

+ * Glass was created as a quick side project out of necessity to fulfill requirements not readily available through our production ISC DHCP Servers for our organization - I've decided to share it for anyone who would also find it useful * More features and application-level things could be extended into the interface but my goals were simply the high yield features for our production network needs * Disclaimer: Glass and its author has no affiliation with ISC and the authors of isc-dhcp-server @@ -15,7 +16,7 @@ * Realtime Alerting * Shared Subnet Utilization Alerting * Customize thresholds (IE: Warning: 80% Critical 95%) - * Leases Per Minute - If your disk fills up - or your SAN is unavailable - alerting your team on absolutely zero activity on your production server can allow you to be on the 8 ball + * Leases Per Minute - If your disk fills up - or your SAN is unavailable - alerting your team on absolutely zero activity on your production server can allow you to be on the 8-ball. This is a step-above process alerting because you can have the dhcp server process running and no leases being written * Alerting Destinations * Slack * E-Mail @@ -36,7 +37,7 @@ * Config editing through Glass creates a backup (snapshot) on success with no syntax errors and commits to production file * Start / Stop / Restart server process * Administrative Authentication enforced on administrative tasks (Restarts/Config/Glass Settings) - * Uses AdminBSB UI with customizations and tweaks + * Uses [AdminBSB UI](https://github.com/gurayyarar/AdminBSBMaterialDesign) with customizations and tweaks * Full Mobile support ## Dashboard @@ -51,6 +52,7 @@ ## DHCP Config Editing * A built in config web editor that uses the dhcp server binary to check syntax before over-writing the production config with a bad configuration +* Currently config editing only supports editing one single config file (No includes) due to syntax verificiation that glass performs ![dhcp_config](https://user-images.githubusercontent.com/3319450/31204509-bb583c00-a931-11e7-982c-186ef8c33e61.gif) @@ -82,7 +84,7 @@ ![api_examples](https://user-images.githubusercontent.com/3319450/31204191-3e197804-a930-11e7-871e-2c469480b906.gif) # Alerting -* Currently, Glass alerts on +* Glass alerts check once a minute for subnet utilization and every 5 seconds for lease-rate alerts * Shared Network Utilization % Thresholds (Warning & Critical) (Default 0 and 95) * Leases per minute rate (Default 50) * 0 values = Off From 33a1b07747e8ee7f082c415e89b42c3873a75696 Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Wed, 4 Oct 2017 22:02:21 -0500 Subject: [PATCH 11/21] Update README.md --- README.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/README.md b/README.md index e09d1db..e26bf72 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,22 @@ * Disclaimer: Glass and its author has no affiliation with ISC and the authors of isc-dhcp-server * Original Author: Chris Miles: chris.miles.e@gmail.com +**Table of Contents** + +- [ Glass ](#) +- [Features](#) + - [Dashboard](#) + - [DHCP Config Editing](#) + - [DHCP Config Snapshots](#) + - [DHCP Server Restart](#) + - [Statistics](#) + - [Log Streaming](#) + - [Glass API](#) +- [Alerting](#) + - [E-Mail](#) + - [Slack](#) + - [SMS - Simple Format](#) + # Features * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime * DHCP IPv4 Support (No IPv6 at this time) From ce516a5258576943eb01b9fcf9fe9d55843ab437 Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Wed, 4 Oct 2017 22:04:11 -0500 Subject: [PATCH 12/21] Update README.md --- README.md | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index e26bf72..03e60d3 100644 --- a/README.md +++ b/README.md @@ -10,19 +10,18 @@ **Table of Contents** -- [ Glass ](#) -- [Features](#) - - [Dashboard](#) - - [DHCP Config Editing](#) - - [DHCP Config Snapshots](#) - - [DHCP Server Restart](#) - - [Statistics](#) - - [Log Streaming](#) - - [Glass API](#) -- [Alerting](#) - - [E-Mail](#) - - [Slack](#) - - [SMS - Simple Format](#) +- [Features](#features) + * [Dashboard](#dashboard) + * [DHCP Config Editing](#dhcp-config-editing) + * [DHCP Config Snapshots](#dhcp-config-snapshots) + * [DHCP Server Restart](#dhcp-server-restart) + * [Statistics](#statistics) + * [Log Streaming](#log-streaming) + * [Glass API](#glass-api) +- [Alerting](#alerting) + * [E-Mail](#e-mail) + * [Slack](#slack) + * [SMS - Simple Format](#sms---simple-format) # Features * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime From 685e5afc6f10e8c1d62e066c0553e72bc04013b3 Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Wed, 4 Oct 2017 22:37:22 -0500 Subject: [PATCH 13/21] Update README.md --- README.md | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/README.md b/README.md index 03e60d3..42c74b7 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,7 @@ * [E-Mail](#e-mail) * [Slack](#slack) * [SMS - Simple Format](#sms---simple-format) +- [Installation](#Installation) # Features * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime @@ -118,5 +119,54 @@ +# Installation +* Instructions are per Debian/Ubuntu Distros +## Install NodeJS (If not installed) +
+curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
+sudo apt-get install -y nodejs
+
+ +## Install Glass +
+cd /opt
+git clone https://github.com/Akkadius/glass-isc-dhcp.git
+cd glass-isc-dhcp
+mkdir logs
+chmod u+x ./bin/ -R
+
+npm install
+npm start
+
+ +## Apparmor (Ubuntu LTS) + +* Ubuntu uses AppArmor by default - you will most likely run into file access issues without exemptions + +### Option 1) Add file exemptions to apparmor (For glass and dhcpd) + +
+sed -i '/\/etc\/dhcp\/\*\*/a\ \ \/var\/lib\/dhcp\/\*\* lrw,' /etc/apparmor.d/usr.sbin.dhcpd 
+sed -i '/\/etc\/dhcp\/\*\*/a\ \ \/opt\/glass-isc-dhcp\/\*\* lrw,' /etc/apparmor.d/usr.sbin.dhcpd 
+service apparmor restart
+
+ +### Option 2) Disable completely (not recommended) + +
+sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd /etc/apparmor.d/disable/
+sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd
+
+ +## Secure your Install + +* Glass runs on web port 3000 - if you're going to run this on a production server, make sure that you lock it down from the outside world if anyone can access it. Even if they don't have a password - vulnerabilities can surface at any point in the future and your system becomes a prime target + +### Iptables +
+iptables -A INPUT -p tcp --dport 3000 -s 127.0.0.0/8 -j ACCEPT
+iptables -A INPUT -p tcp --dport 3000 -s x.x.x.x/24 -j ACCEPT
+iptables -A INPUT -p tcp --dport 3000 -j REJECT --reject-with icmp-port-unreachable
+
From e9936940e7de4f0d4346c795b06a42b8986bba93 Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Wed, 4 Oct 2017 22:42:14 -0500 Subject: [PATCH 14/21] Update README.md --- README.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/README.md b/README.md index 42c74b7..b797c6f 100644 --- a/README.md +++ b/README.md @@ -170,3 +170,26 @@ iptables -A INPUT -p tcp --dport 3000 -s 127.0.0.0/8 -j ACCEPT iptables -A INPUT -p tcp --dport 3000 -s x.x.x.x/24 -j ACCEPT iptables -A INPUT -p tcp --dport 3000 -j REJECT --reject-with icmp-port-unreachable + +## Building dhcpd-pools (Optional) + +* Glass uses dhcpd-pools for shared network / subnet utilization and it is bundled by default (For Ubuntu and Debian) when you install. However, if you need to build the binary yourself on another distribution, use the following to build dhcpd-pools and it needs to be placed in the ./bin directory of glass +* Credit: dhcpd-pools: http://dhcpd-pools.sourceforge.net/ + +
+sudo apt-get install -y unzip
+sudo apt-get install -y libtool
+
+git clone https://github.com/Akkadius/dhcpd-pools.git
+
+cd /tmp
+wget https://github.com/troydhanson/uthash/archive/master.zip
+unzip master.zip
+
+cd /tmp/dhcpd-pools
+./bootstrap	# only when building git clone
+./configure --with-uthash=/tmp/uthash-master/include
+make -j4
+make check
+make install
+
From f56d3cfae6667785f5397f3bb3784246410b5ead Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Wed, 4 Oct 2017 22:53:10 -0500 Subject: [PATCH 15/21] Update README.md --- README.md | 45 ++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 42 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b797c6f..92701e2 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,16 @@ * [E-Mail](#e-mail) * [Slack](#slack) * [SMS - Simple Format](#sms---simple-format) -- [Installation](#Installation) +- [Installation](#installation) + * [Install NodeJS (If not installed)](#install-nodejs--if-not-installed-) + * [Install Glass](#install-glass) + * [Apparmor (Ubuntu LTS)](#apparmor--ubuntu-lts-) + + [Option 1) Add file exemptions to apparmor (For glass and dhcpd)](#option-1--add-file-exemptions-to-apparmor--for-glass-and-dhcpd-) + + [Option 2) Disable completely (not recommended)](#option-2--disable-completely--not-recommended-) + * [Glass Configuration](#glass-configuration) + * [Secure your Server](#secure-your-server) + + [iptables (Recommended)](#iptables--recommended-) + * [Building dhcpd-pools (Optional)](#building-dhcpd-pools--optional-) # Features * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime @@ -141,6 +150,10 @@ npm install npm start +* For Debian this is all that is needed and Glass should start immediately +* For Ubuntu users - you will have additional Apparmor config to add +* **Highly Recommended** to iptables port 3000 to close off Glass if you are facing the public on your server + ## Apparmor (Ubuntu LTS) * Ubuntu uses AppArmor by default - you will most likely run into file access issues without exemptions @@ -160,11 +173,36 @@ sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd /etc/apparmor.d/disable/ sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd -## Secure your Install +## Glass Configuration +* Glass configuration is stored in **./config/glass_config.json** +* All of these settings can be edited in both Glass Settings and Glass Alerts within the Web Interface, if you have custom file locations you will need to edit this config file before starting + +**Defaults** +
+{
+  "admin_user": "glassadmin",
+  "admin_password": "glassadmin",
+  "leases_file": "/var/lib/dhcp/dhcpd.leases",
+  "log_file": "/var/log/dhcp.log",
+  "config_file": "/etc/dhcp/dhcpd.conf",
+  "shared_network_critical_threshold": "95",
+  "shared_network_warning_threshold": "0",
+  "slack_webhook_url": "",
+  "slack_alert_channel": "",
+  "leases_per_minute_threshold": "50",
+  "ip_ranges_to_allow": [
+    ""
+  ],
+  "email_alert_to": "",
+  "sms_alert_to": ""
+}
+
+ +## Secure your Server * Glass runs on web port 3000 - if you're going to run this on a production server, make sure that you lock it down from the outside world if anyone can access it. Even if they don't have a password - vulnerabilities can surface at any point in the future and your system becomes a prime target -### Iptables +### iptables (Recommended) 
 iptables -A INPUT -p tcp --dport 3000 -s 127.0.0.0/8 -j ACCEPT
 iptables -A INPUT -p tcp --dport 3000 -s x.x.x.x/24 -j ACCEPT
@@ -174,6 +212,7 @@ iptables -A INPUT -p tcp --dport 3000 -j REJECT --reject-with icmp-port-unreacha
 ## Building dhcpd-pools (Optional)
 
 * Glass uses dhcpd-pools for shared network / subnet utilization and it is bundled by default (For Ubuntu and Debian) when you install. However, if you need to build the binary yourself on another distribution, use the following to build dhcpd-pools and it needs to be placed in the ./bin directory of glass
+* Below shows use of apt-get of unzip/libtool - you will have to use your respective package management system to pull pre-requisites down
 * Credit: dhcpd-pools: http://dhcpd-pools.sourceforge.net/
 
 

From b00eb620c76fef7f713584f415607b0b877ac88f Mon Sep 17 00:00:00 2001
From: Chris Miles 
Date: Wed, 4 Oct 2017 23:07:45 -0500
Subject: [PATCH 16/21] Update README.md

---
 README.md | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 92701e2..e6fc443 100644
--- a/README.md
+++ b/README.md
@@ -138,7 +138,7 @@ curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
 sudo apt-get install -y nodejs
 

 
-## Install Glass
+## Install Glass (as root)
 
 cd /opt
 git clone https://github.com/Akkadius/glass-isc-dhcp.git
@@ -153,26 +153,18 @@ npm start
 * For Debian this is all that is needed and Glass should start immediately
 * For Ubuntu users - you will have additional Apparmor config to add
 * **Highly Recommended** to iptables port 3000 to close off Glass if you are facing the public on your server
+* [Glass Process Keepalive](#glass-process-keepalive)
 
-## Apparmor (Ubuntu LTS)
+## Apparmor
 
 * Ubuntu uses AppArmor by default - you will most likely run into file access issues without exemptions
 
-### Option 1) Add file exemptions to apparmor (For glass and dhcpd)
-
 
 sed -i '/\/etc\/dhcp\/\*\*/a\ \ \/var\/lib\/dhcp\/\*\* lrw,' /etc/apparmor.d/usr.sbin.dhcpd 
 sed -i '/\/etc\/dhcp\/\*\*/a\ \ \/opt\/glass-isc-dhcp\/\*\* lrw,' /etc/apparmor.d/usr.sbin.dhcpd 
 service apparmor restart
 

 
-### Option 2) Disable completely (not recommended)
-
-
-sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd /etc/apparmor.d/disable/
-sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd
-

-
 ## Glass Configuration
 * Glass configuration is stored in **./config/glass_config.json**
 * All of these settings can be edited in both Glass Settings and Glass Alerts within the Web Interface, if you have custom file locations you will need to edit this config file before starting
@@ -198,6 +190,16 @@ sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd
 }
 

 
+## Glass Process Keepalive
+* To keep your server alive through reboots, possible crashes and process restarts, we need to use a process monitor and for simplicity we will use NodeJS's **Forever**. Forever is already installed during Glass installation. We will add it to our **crontab**
+
+
+crontab -l > mycrontab
+echo "@reboot cd /opt/glass-isc-dhcp && /usr/bin/forever --minUptime 10000 --spinSleepTime 10000 -a -o ./logs/glass-process.log -e ./logs/glass-error.log ./bin/www" >> mycrontab
+crontab mycrontab
+rm mycrontab
+

+
 ## Secure your Server
 
 * Glass runs on web port 3000 - if you're going to run this on a production server, make sure that you lock it down from the outside world if anyone can access it. Even if they don't have a password - vulnerabilities can surface at any point in the future and your system becomes a prime target

From 040df51a76eef5ba38bc4f53720a30bb474de2ab Mon Sep 17 00:00:00 2001
From: Chris Miles 
Date: Wed, 4 Oct 2017 23:15:31 -0500
Subject: [PATCH 17/21] Update README.md

---
 README.md | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index e6fc443..494fc71 100644
--- a/README.md
+++ b/README.md
@@ -24,11 +24,10 @@
   * [SMS - Simple Format](#sms---simple-format)
 - [Installation](#installation)
   * [Install NodeJS (If not installed)](#install-nodejs--if-not-installed-)
-  * [Install Glass](#install-glass)
-  * [Apparmor (Ubuntu LTS)](#apparmor--ubuntu-lts-)
-    + [Option 1) Add file exemptions to apparmor (For glass and dhcpd)](#option-1--add-file-exemptions-to-apparmor--for-glass-and-dhcpd-)
-    + [Option 2) Disable completely (not recommended)](#option-2--disable-completely--not-recommended-)
+  * [Install Glass (as root)](#install-glass--as-root-)
+  * [Apparmor](#apparmor)
   * [Glass Configuration](#glass-configuration)
+  * [Glass Process Keepalive](#glass-process-keepalive)
   * [Secure your Server](#secure-your-server)
     + [iptables (Recommended)](#iptables--recommended-)
   * [Building dhcpd-pools (Optional)](#building-dhcpd-pools--optional-)
@@ -150,10 +149,10 @@ npm install
 npm start
-* For Debian this is all that is needed and Glass should start immediately +* For Debian this is all that is needed and Glass should start immediately, you can browse via http://server-ip:3000 * For Ubuntu users - you will have additional Apparmor config to add -* **Highly Recommended** to iptables port 3000 to close off Glass if you are facing the public on your server -* [Glass Process Keepalive](#glass-process-keepalive) +* **Recommended** to iptables port 3000 to close off Glass if you are facing the public on your server +* **Recommended** to keep Glass up through reboots, see [Glass Process Keepalive](#glass-process-keepalive) ## Apparmor From bc18a353e00d80690080b2ef0db640c210ab5b5b Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Wed, 4 Oct 2017 23:19:10 -0500 Subject: [PATCH 18/21] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 494fc71..58bfc33 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ ## DHCP Config Editing * A built in config web editor that uses the dhcp server binary to check syntax before over-writing the production config with a bad configuration -* Currently config editing only supports editing one single config file (No includes) due to syntax verificiation that glass performs +* Currently config editing only supports editing one single config file (No includes) due to syntax verification that glass performs ![dhcp_config](https://user-images.githubusercontent.com/3319450/31204509-bb583c00-a931-11e7-982c-186ef8c33e61.gif) From 92dabdc4b358335f6d7f49529046a0a8c41c6c03 Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Thu, 5 Oct 2017 00:00:31 -0500 Subject: [PATCH 19/21] Update README.md --- README.md | 169 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 169 insertions(+) diff --git a/README.md b/README.md index 58bfc33..2a67ff0 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,16 @@ * [Secure your Server](#secure-your-server) + [iptables (Recommended)](#iptables--recommended-) * [Building dhcpd-pools (Optional)](#building-dhcpd-pools--optional-) +- [Glass API](#glass-api-1) + * [Use Cases](#use-cases) + * [Example Calls](#example-calls) + + [GET: /api/get_active_leases](#get---api-get-active-leases) + + [GET: /api/get_subnet_details](#get---api-get-subnet-details) + + [GET: /api/get_mac_oui_list](#get---api-get-mac-oui-list) + + [GET: /api/get_server_info](#get---api-get-server-info) + + [GET: /api/get_vendor_count](#get---api-get-vendor-count) + + [GET: /api/get_mac_oui_count_by_vendor](#get---api-get-mac-oui-count-by-vendor) + + [GET: /api/get_dhcp_requests](#get---api-get-dhcp-requests) # Features * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime @@ -233,3 +243,162 @@ make -j4 make check make install + +# Glass API + +## Use Cases +* If none of the in-web management features are appealing - at the very least the exposed real time data the Glass agent can expose via the API can be valuable in integrating with 3rd party applications. For example - if you need to query 5 DHCP servers for one device on a network - this makes it incredibly efficient to do so with real-time and accurate data +* If you want to get all subnet details/utilization exposed into a 3rd party application, (For example graphing utilization in grafana) you can use the API calls to ingest into your InfluxDB or otherwise + +## Example Calls + +### GET: /api/get_active_leases + +**Output example truncated - some info redacted** +
+  "64.90.X.X": {
+    "start": 1507177832,
+    "end": 1507181432,
+    "mac": "14:91:82:6e:77:0a",
+    "mac_oui_vendor": "Belkin International Inc.",
+    "options": {
+      "ClientMac": "14:91:82:6e:77:a",
+      "ClientIP": "64.90.X.X",
+      "vendor-class-identifier": "udhcp 1.19.4",
+      "vendor-string": "udhcp 1.19.4",
+      "agent.remote-id": "3:c:0:0:d1:d4:29:81:f6:3:2:8a:0:be"
+    },
+    "host": "Vargo"
+  },
+  "209.212.X.X": {
+    "start": 1507177401,
+    "end": 1507181001,
+    "mac": "20:aa:4b:12:bd:9b",
+    "mac_oui_vendor": "Cisco-Linksys, LLC",
+    "options": {
+      "ClientMac": "20:aa:4b:12:bd:9b",
+      "ClientIP": "209.212.X.X",
+      "agent.remote-id": "3:c:0:0:d1:d4:29:81:f6:3:1:4e:4:51"
+    },
+    "host": "snarley55"
+  },
+...
+
+ +### GET: /api/get_subnet_details + +**Output example truncated - some info redacted** +
+{
+  "subnets": [
+    {
+      "location": "69.168.x.x/26",
+      "range": "69.168.x.x - 69.168.x.x",
+      "defined": 55,
+      "used": 0,
+      "touched": 0,
+      "free": 55
+    },
+    {
+      "location": "10.70.48.0/21",
+      "range": "10.70.48.2 - 10.70.55.254",
+      "defined": 2045,
+      "used": 0,
+      "touched": 0,
+      "free": 2045
+    },
+...
+
+ +### GET: /api/get_mac_oui_list + +**Output example truncated - some info redacted** +
+{
+  "100000": "Private",
+  "100501": "PEGATRON CORPORATION",
+  "100723": "IEEE Registration Authority",
+  "101212": "Vivo International Corporation Pty Ltd",
+  "101218": "Korins Inc.",
+  "101248": "ITG, Inc.",
+  "101250": "Integrated Device Technology (Malaysia) Sdn. Bhd.",
+  "101331": "Technicolor",
+  "102279": "ZeroDesktop, Inc.",
+...
+
+ +### GET: /api/get_server_info + +**Output example** +
+{
+  "cpu_utilization": 3.1,
+  "leases_per_second": 4,
+  "leases_per_minute": 310,
+  "host_name": "DHCP-Server"
+}
+
+ +### GET: /api/get_vendor_count + +**Output example truncated** +
+{
+  "Belkin International Inc.": 1230,
+  "Cisco-Linksys, LLC": 1345,
+  "Calix Inc.": 4368,
+  "Billion Electric Co. Ltd.": 404,
+  "Apple, Inc.": 528,
+  "Wistron Corporation": 18,
+  "ASUSTek COMPUTER INC.": 266,
+  "Zyxel Communications Corporation": 320,
+  "Billion Electric Co., Ltd.": 611,
+  "NETGEAR": 2797,
+  "Cisco Systems, Inc": 65,
+  "Hewlett Packard": 87,
+  "Sonicwall": 11,
+...
+
+ +### GET: /api/get_mac_oui_count_by_vendor + +**Output example truncated** +
+{
+  "149182": {
+    "count": 131,
+    "mac_prefix": "149182",
+    "vendor": "Belkin International Inc."
+  },
+  "180373": {
+    "count": 4,
+    "mac_prefix": "180373",
+    "vendor": "Dell Inc."
+  },
+  "186590": {
+    "count": 1,
+    "mac_prefix": "186590",
+    "vendor": "Apple, Inc."
+  },
+...
+
+ +### GET: /api/get_dhcp_requests + +**Output example truncated - some info redacted** +
+{
+  "20:aa:4b:1d:d0:17": {
+    "request_for": "68.170.X.X",
+    "request_via": "209.212.X.X",
+    "request_count": 139,
+    "request_vendor": "Cisco-Linksys, LLC"
+  },
+  "58:6d:8f:aa:37:6a": {
+    "request_for": "68.170.X.X",
+    "request_via": "209.212.X.X",
+    "request_count": 171,
+    "request_vendor": "Cisco-Linksys, LLC"
+  },
+...
+
From efef33d3292d8dfa7fb8b90bb1c75ca05e97808f Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Thu, 5 Oct 2017 00:03:38 -0500 Subject: [PATCH 20/21] Update README.md --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 2a67ff0..c9b9d3d 100644 --- a/README.md +++ b/README.md @@ -34,13 +34,13 @@ - [Glass API](#glass-api-1) * [Use Cases](#use-cases) * [Example Calls](#example-calls) - + [GET: /api/get_active_leases](#get---api-get-active-leases) - + [GET: /api/get_subnet_details](#get---api-get-subnet-details) - + [GET: /api/get_mac_oui_list](#get---api-get-mac-oui-list) - + [GET: /api/get_server_info](#get---api-get-server-info) - + [GET: /api/get_vendor_count](#get---api-get-vendor-count) - + [GET: /api/get_mac_oui_count_by_vendor](#get---api-get-mac-oui-count-by-vendor) - + [GET: /api/get_dhcp_requests](#get---api-get-dhcp-requests) + + GET: /api/get_active_leases + + GET: /api/get_subnet_details + + GET: /api/get_mac_oui_list + + GET: /api/get_server_info + + GET: /api/get_vendor_count + + GET: /api/get_mac_oui_count_by_vendor + + GET: /api/get_dhcp_requests # Features * Standalone NodeJS application that has a web interface, listens to the dhcp log and the leases file to collect analytics and data realtime From 00e67f25c4cd59fcbe8c26f4edbd6d3540f2b7a1 Mon Sep 17 00:00:00 2001 From: Chris Miles Date: Thu, 5 Oct 2017 00:07:06 -0500 Subject: [PATCH 21/21] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c9b9d3d..aa16ce9 100644 --- a/README.md +++ b/README.md @@ -23,8 +23,8 @@ * [Slack](#slack) * [SMS - Simple Format](#sms---simple-format) - [Installation](#installation) - * [Install NodeJS (If not installed)](#install-nodejs--if-not-installed-) - * [Install Glass (as root)](#install-glass--as-root-) + * [Install NodeJS (If not installed)](#install-nodejs-if-not-installed) + * [Install Glass (as root)](#install-glass-as-root) * [Apparmor](#apparmor) * [Glass Configuration](#glass-configuration) * [Glass Process Keepalive](#glass-process-keepalive)