From 208ffaeddbe636f7aec569902328c1d5182f4441 Mon Sep 17 00:00:00 2001 From: slerena Date: Wed, 19 Aug 2009 19:38:29 +0000 Subject: [PATCH] 2009-08-19 Sancho Lerena * pandoradb.sql: A missing table was necessary to be added to allow recon to make scans depending on TCP ports profile (recon_ports field). * manage_recontask.php, manage_recontask_form.php: Added recon_port field to recon management system. Added some links and some aditional formatting. * include/funcions_db.php: Improved format_array_to_where_clause_sql() to accept condicionals like > and < in the array field. * operation/servers/view_server_detail.php: Quick link to recontask server admin. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1867 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 18 ++++++++++ .../godmode/servers/manage_recontask.php | 21 ++++++----- .../godmode/servers/manage_recontask_form.php | 35 +++++++++++-------- pandora_console/include/functions_db.php | 16 ++++++--- pandora_console/include/styles/pandora.css | 3 +- .../operation/servers/view_server_detail.php | 6 +++- pandora_console/pandoradb.sql | 3 ++ 7 files changed, 73 insertions(+), 29 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index f17c252b32..5178cdb91f 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,17 @@ +2009-08-19 Sancho Lerena + + * pandoradb.sql: A missing table was necessary to be added to allow recon + to make scans depending on TCP ports profile (recon_ports field). + + * manage_recontask.php, manage_recontask_form.php: Added recon_port field + to recon management system. Added some links and some aditional formatting. + + * include/funcions_db.php: Improved format_array_to_where_clause_sql() + to accept condicionals like > and < in the array field. + + * operation/servers/view_server_detail.php: Quick link to recontask server + admin. + 2009-08-18 Miguel de Dios * install.php: change the style of "div#wizard", "div#install_img" and add @@ -18,21 +32,25 @@ 2009-08-18 Miguel de Dios + * include/functions_config.php: add to save the attachment_store config value. 2009-08-18 Miguel de Dios + * godmode/reporting/reporting_builder.php: add filter parameter in ajax that pick the modules for select in form. The parameter is filter that don't search rows are pending to delete. Fixes: 2824695 2009-08-18 Miguel de Dios + * godmode/agentes/agent_template.php: refine the query to extract modules from DB, now the query don't search modules are pending to delete. Fixes: 2826447 2009-08-18 Miguel de Dios + * ChangeLog: add comments of last commits, I forget update file. * godmode/reporting/map_builder.php: add check in javascript for form for to diff --git a/pandora_console/godmode/servers/manage_recontask.php b/pandora_console/godmode/servers/manage_recontask.php index eaf1be3950..b3fea20458 100644 --- a/pandora_console/godmode/servers/manage_recontask.php +++ b/pandora_console/godmode/servers/manage_recontask.php @@ -52,6 +52,7 @@ if ((isset ($_GET["update"])) OR ((isset ($_GET["create"])))) { $id_group = get_parameter_post ("id_group"); $create_incident = get_parameter_post ("create_incident"); $id_network_profile = get_parameter_post ("id_network_profile"); + $recon_ports = get_parameter_post ("recon_ports", ""); $id_os = get_parameter_post ("id_os", 10); } @@ -62,7 +63,7 @@ if (isset($_GET["update"])) { $id = get_parameter_get ("update"); $sql = sprintf ("UPDATE trecon_task SET id_os = %d, name = '%s', subnet = '%s', description = '%s', id_recon_server = %d, create_incident = %b, id_group = %d, interval_sweep = %u, - id_network_profile = %d WHERE id_rt = %u",$id_os,$name,$network,$description,$id_recon_server,$create_incident,$id_group,$interval,$id_network_profile,$id); + id_network_profile = %d, recon_ports = '%s' WHERE id_rt = %u",$id_os,$name,$network,$description,$id_recon_server,$create_incident,$id_group,$interval,$id_network_profile,$recon_ports, $id); if (process_sql ($sql) !== false) { echo '

'.__('Successfully updated recon task').'

'; @@ -76,8 +77,8 @@ if (isset($_GET["update"])) { // -------------------------------- if (isset($_GET["create"])) { $sql = sprintf ("INSERT INTO trecon_task - (name, subnet, description, id_recon_server, create_incident, id_group, id_network_profile, interval_sweep, id_os) - VALUES ( '%s', '%s', '%s', %u, %b, %d, %d, %u, %d)",$name,$network,$description,$id_recon_server,$create_incident,$id_group,$id_network_profile,$interval,$id_os); + (name, subnet, description, id_recon_server, create_incident, id_group, id_network_profile, interval_sweep, id_os, recon_ports) + VALUES ( '%s', '%s', '%s', %u, %b, %d, %d, %u, %d, '%s')",$name,$network,$description,$id_recon_server,$create_incident,$id_group,$id_network_profile,$interval,$id_os, $recon_ports); if (process_sql ($sql) !== false) { echo '

'.__('Successfully created recon task').'

'; @@ -89,12 +90,14 @@ if (isset($_GET["create"])) { // -------------------------------- // SHOW TABLE WITH ALL RECON TASKs // -------------------------------- -echo "

".__('Pandora servers')." » ".__('Manage recontask')."

"; +echo "

"; +echo __('Pandora servers')." » ".__('Manage recontask'); +echo "

"; $result = get_db_all_rows_in_table ("trecon_task"); $color=1; if ($result !== false) { - $table->head = array (__('Name'), __('Network'), __('Module template'), __('Group'), __('Incident'), __('OS'), __('Interval'), __('Action')); + $table->head = array (__('Name'), __('Network'), __('Module template'), __('Group'), __('Incident'), __('OS'), __('Interval'), __('Ports'), __('Action')); $table->align = array ("","","","center","","","center","center"); $table->width = 700; $table->cellpadding = 4; @@ -116,10 +119,12 @@ if ($result !== false) { (($row["id_os"] > 0) ? print_os_icon ($row["id_os"], false, true) : __('Any')), // INTERVAL human_time_description_raw($row["interval_sweep"]), + // PORTS + substr($row["recon_ports"],0,15), // ACTION - ' -    - ' + " ". + '  + ' ); } print_table ($table); diff --git a/pandora_console/godmode/servers/manage_recontask_form.php b/pandora_console/godmode/servers/manage_recontask_form.php index 2c95a77de2..5522a0a80c 100644 --- a/pandora_console/godmode/servers/manage_recontask_form.php +++ b/pandora_console/godmode/servers/manage_recontask_form.php @@ -38,6 +38,7 @@ if (isset ($_GET["update"])) { // Edit mode $create_incident = $row["create_incident"]; $id_network_profile = $row["id_network_profile"]; $id_os = $row["id_os"]; + $recon_ports = $row["recon_ports"]; } elseif (isset ($_GET["create"])) { $id_rt = -1; $name = ""; @@ -49,28 +50,29 @@ if (isset ($_GET["update"])) { // Edit mode $create_incident = 1; $id_network_profile = 1; $id_os = -1; // Any + $recon_ports = ""; // Any } echo '

'.__('Pandora servers').' » '.__('Manage recontask'); print_help_icon ("recontask"); echo '

'; -$table->width=700; +$table->width=600; $table->cellspacing=4; $table->cellpadding=4; $table->class="databox_color"; // Name -$table->data[0][0] = __('Task name'); +$table->data[0][0] = "".__('Task name').""; $table->data[0][1] = print_input_text ('name', $name, '', 25, 0, true); // Recon server -$table->data[1][0] = __('Recon server').' '.__('You must select a Recon Server for the Task, otherwise the Recon Task will never run').''; +$table->data[1][0] = "".__('Recon server').' '.__('You must select a Recon Server for the Task, otherwise the Recon Task will never run').''; $table->data[1][1] = print_select_from_sql ('SELECT id_server, name FROM tserver WHERE server_type = 3 ORDER BY name', "id_recon_server", $id_recon_server, '', '', '', true); // Network -$table->data[2][0] = __('Network'); +$table->data[2][0] = "".__('Network'); $table->data[2][1] = print_input_text ('network', $network, '', 25, 0, true); // Interval @@ -85,40 +87,45 @@ $values[604800] = __('%d week', 1); $values[1209600] = __('%d weeks', 2); $values[2592000] = __('%d month', 1); -$table->data[3][0] = __('Interval'); +$table->data[3][0] = "".__('Interval'); $table->data[3][1] = print_select ($values, "interval", $interval, '', '', '', true); // Module template -$table->data[4][0] = __('Module template'); +$table->data[4][0] = "".__('Module template'); $table->data[4][1] = print_select_from_sql ('SELECT id_np, name FROM tnetwork_profile', "id_network_profile", $id_network_profile, '', '', '', true); // OS -$table->data[5][0] = __('OS'); +$table->data[5][0] = "".__('OS'); $table->data[5][1] = print_select_from_sql ('SELECT id_os, name FROM tconfig_os ORDER BY name', "id_os", $id_os, '', __('Any'), -1, true); +// Recon ports +$table->data[6][0] = "".__('Ports'); +$table->data[6][1] = print_input_text ('recon_ports', $recon_ports, '', 25, 0, true); +$table->data[6][1] .= ' '.__('Ports defined like: 80 or 80,443,512 or even 0-1024 (Like Nmap command line format). If dont want to do a sweep using portscan, left it in blank').''; + // Group -$table->data[6][0] = __('Group'); -$table->data[6][1] = print_select_from_sql ('SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1 ORDER BY nombre', "id_group", $id_group, '', '', 0, true); +$table->data[7][0] = "".__('Group'); +$table->data[7][1] = print_select_from_sql ('SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1 ORDER BY nombre', "id_group", $id_group, '', '', 0, true); // Incident $values = array (0 => __('No'), 1 => __('Yes')); -$table->data[7][0] = __('Incident'); -$table->data[7][1] = print_select ($values, "create_incident", $create_incident, +$table->data[8][0] = "".__('Incident'); +$table->data[8][1] = print_select ($values, "create_incident", $create_incident, '','','',true); // Comments -$table->data[8][0] = __('Comments'); -$table->data[8][1] = print_textarea ("description", 2, 70, $description, '', true); +$table->data[9][0] = "".__('Comments'); +$table->data[9][1] = print_input_text ('description', $description, '', 45, 0, true); // Different Form url if it's a create or if it's a update form echo '
'; print_table ($table); -echo '
'; +echo '
'; if ($id_rt != -1) print_submit_button (__('Update'), "crt", false, 'class="sub upd"'); else diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index a7364f9380..62db1d37a5 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -1658,7 +1658,6 @@ function get_db_row_filter ($table, $filter, $fields = false, $where_join = 'AND $filter = 'WHERE '.$filter; else $filter = ''; - $sql = sprintf ('SELECT %s FROM %s %s', $fields, $table, $filter); @@ -1739,9 +1738,8 @@ function get_db_all_rows_filter ($table, $filter, $fields = false, $where_join = } else { $filter = ''; } - + $sql = sprintf ('SELECT %s FROM %s %s', $fields, $table, $filter); - return get_db_all_rows_sql ($sql); } @@ -2105,7 +2103,17 @@ function format_array_to_where_clause_sql ($values, $join = 'AND', $prefix = fal } elseif (is_array ($value)) { $query .= sprintf ('%s IN ("%s")', $field, implode ('", "', $value)); } else { - $query .= sprintf ("%s = '%s'", $field, $value); + if ($value[0] == ">"){ + $value = substr($value,1,strlen($value)-1); + $query .= sprintf ("%s > '%s'", $field, $value); + } + else if ($value[0] == "<"){ + $value = substr($value,1,strlen($value)-1); + $query .= sprintf ("%s < '%s'", $field, $value); + } + else { + $query .= sprintf ("%s = '%s'", $field, $value); + } } if ($i < $max) { diff --git a/pandora_console/include/styles/pandora.css b/pandora_console/include/styles/pandora.css index e84109b2e9..5c8a507343 100644 --- a/pandora_console/include/styles/pandora.css +++ b/pandora_console/include/styles/pandora.css @@ -5,7 +5,6 @@ Name: Default theme Description: The default Pandora FMS theme layout // Pandora FMS - the Flexible Monitoring System -// ============================================= // Copyright (c) 2004-2009 Artica Soluciones Tecnológicas S.L // This program is free software; you can redistribute it and/or @@ -95,7 +94,7 @@ h4 { color: #000; } a { - color: #486787; + color: #000; text-decoration: none; } a:hover { diff --git a/pandora_console/operation/servers/view_server_detail.php b/pandora_console/operation/servers/view_server_detail.php index a1d8c2a787..4963765d36 100644 --- a/pandora_console/operation/servers/view_server_detail.php +++ b/pandora_console/operation/servers/view_server_detail.php @@ -49,7 +49,11 @@ $recon_tasks = get_db_all_rows_field_filter ("trecon_task", "id_recon_server", $ echo "

". __('Configuration detail') . " - ".safe_input ($server_name); echo ' '; print_image ("images/refresh.png"); -echo "

"; +echo " "; +if (check_acl ($config["id_user"],0,"PW")){ + echo ""; +} +echo ""; // Show network tasks for Recon Server diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index eb7a58368e..3f89f0ac9b 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -564,10 +564,13 @@ CREATE TABLE IF NOT EXISTS `trecon_task` ( `interval_sweep` int(10) unsigned NOT NULL default '0', `id_recon_server` int(10) unsigned NOT NULL default '0', `id_os` tinyint(4) NOT NULL default '0', + `recon_ports` varchar(250) NOT NULL default '', PRIMARY KEY (`id_rt`), KEY `recon_task_daemon` (`id_recon_server`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; + + CREATE TABLE IF NOT EXISTS `tserver` ( `id_server` int(10) unsigned NOT NULL auto_increment, `name` varchar(100) NOT NULL default '',