mirror of
https://github.com/pandorafms/pandorafms.git
synced 2025-07-29 16:55:05 +02:00
Merge branch '2497-Especificar-version-SNMP-en-tarea-de-reconocimiento-Lead-21487' into 'develop'
Modified trecon_task table See merge request artica/pandorafms!1765
This commit is contained in:
commit
567cf3fe7f
@ -24,6 +24,13 @@ ALTER TABLE `tlayout_template_data` ADD COLUMN `linked_layout_node_id` INT(10) N
|
||||
|
||||
ALTER TABLE `treport` ADD COLUMN `hidden` tinyint(1) NOT NULL DEFAULT 0;
|
||||
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_version` varchar(5) NOT NULL default '1';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_auth_user` varchar(255) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_auth_pass` varchar(255) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_auth_method` varchar(25) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_privacy_method` varchar(25) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_privacy_pass` varchar(255) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_security_level` varchar(25) NOT NULL default '';
|
||||
ALTER TABLE `tpolicy_modules_inventory` ADD COLUMN `custom_fields` MEDIUMBLOB NOT NULL;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `tlog_graph_models` (
|
||||
|
@ -1791,3 +1791,10 @@ INSERT INTO tlog_graph_models VALUES (1, 'Apache log model',
|
||||
|
||||
ALTER TABLE `treport` ADD COLUMN `hidden` tinyint(1) NOT NULL DEFAULT 0;
|
||||
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_version` varchar(5) NOT NULL default '1';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_auth_user` varchar(255) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_auth_pass` varchar(255) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_auth_method` varchar(25) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_privacy_method` varchar(25) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_privacy_pass` varchar(255) NOT NULL default '';
|
||||
ALTER TABLE `trecon_task` ADD COLUMN `snmp_security_level` varchar(25) NOT NULL default '';
|
||||
|
@ -97,6 +97,14 @@ if ((isset ($_GET["update"])) OR ((isset ($_GET["create"])))) {
|
||||
$field2 = get_parameter ("_field2_", "");
|
||||
$field3 = get_parameter ("_field3_", "");
|
||||
$field4 = get_parameter ("_field4_", "");
|
||||
$snmp_version = get_parameter_post ("snmp_version");
|
||||
$snmp3_auth_user = get_parameter_post ("snmp_auth_user");
|
||||
$snmp3_auth_pass = get_parameter_post ("snmp_auth_pass");
|
||||
$snmp3_privacy_method = get_parameter_post ("snmp_privacy_method");
|
||||
$snmp3_privacy_pass = get_parameter_post ("snmp_privacy_pass");
|
||||
$snmp3_auth_method = get_parameter_post ("snmp_auth_method");
|
||||
$snmp3_security_level = get_parameter_post ("snmp_security_level");
|
||||
|
||||
|
||||
if ($mode == "network_sweep")
|
||||
$id_recon_script = 0;
|
||||
@ -154,9 +162,31 @@ if (isset($_GET["update"])) {
|
||||
'macros' => $macros,
|
||||
'alias_as_name' => $alias_as_name,
|
||||
'snmp_enabled' => $snmp_enabled,
|
||||
'vlan_enabled' => $vlan_enabled
|
||||
'vlan_enabled' => $vlan_enabled,
|
||||
'snmp_version' => $snmp_version
|
||||
);
|
||||
|
||||
$values_v3 = array(
|
||||
'snmp_auth_user' => $snmp3_auth_user,
|
||||
'snmp_auth_pass' => $snmp3_auth_pass,
|
||||
'snmp_privacy_method' => $snmp3_privacy_method,
|
||||
'snmp_privacy_pass' => $snmp3_privacy_pass,
|
||||
'snmp_auth_method' => $snmp3_auth_method,
|
||||
'snmp_security_level' => $snmp3_security_level
|
||||
);
|
||||
if($values['snmp_version'] == '1' || $values['snmp_version'] == '2' || $values['snmp_version'] == '2c'){
|
||||
$values_v3 = array(
|
||||
'snmp_auth_user' => '',
|
||||
'snmp_auth_pass' => '',
|
||||
'snmp_privacy_method' => '',
|
||||
'snmp_privacy_pass' => '',
|
||||
'snmp_auth_method' => '',
|
||||
'snmp_security_level' => ''
|
||||
);
|
||||
}
|
||||
|
||||
$values = array_merge($values, $values_v3);
|
||||
|
||||
$where = array('id_rt' => $id);
|
||||
|
||||
$reason = '';
|
||||
@ -217,13 +247,37 @@ if (isset($_GET["create"])) {
|
||||
'macros' => $macros,
|
||||
'alias_as_name' => $alias_as_name,
|
||||
'snmp_enabled' => $snmp_enabled,
|
||||
'vlan_enabled' => $vlan_enabled
|
||||
'vlan_enabled' => $vlan_enabled,
|
||||
'snmp_version' => $snmp_version
|
||||
);
|
||||
|
||||
$values_v3 = array(
|
||||
'snmp_auth_user' => $snmp3_auth_user,
|
||||
'snmp_auth_pass' => $snmp3_auth_pass,
|
||||
'snmp_privacy_method' => $snmp3_privacy_method,
|
||||
'snmp_privacy_pass' => $snmp3_privacy_pass,
|
||||
'snmp_auth_method' => $snmp3_auth_method,
|
||||
'snmp_security_level' => $snmp3_security_level
|
||||
);
|
||||
if($values['snmp_version'] == '1' || $values['snmp_version'] == '2' || $values['snmp_version'] == '2c'){
|
||||
$values_v3 = array(
|
||||
'snmp_auth_user' => '',
|
||||
'snmp_auth_pass' => '',
|
||||
'snmp_privacy_method' => '',
|
||||
'snmp_privacy_pass' => '',
|
||||
'snmp_auth_method' => '',
|
||||
'snmp_security_level' => ''
|
||||
);
|
||||
}
|
||||
if ($values['snmp_version'] == '3'){
|
||||
$values['vlan_enabled'] = 0;
|
||||
}
|
||||
|
||||
$values = array_merge($values, $values_v3);
|
||||
|
||||
$name = io_safe_output($name);
|
||||
$name = trim($name, ' ');
|
||||
$name = io_safe_input($name);
|
||||
|
||||
$reason = "";
|
||||
|
||||
if ($name != "") {
|
||||
@ -293,7 +347,7 @@ else {
|
||||
$color=1;
|
||||
if ($result !== false) {
|
||||
$table = new StdClass();
|
||||
$table->head = array (__('Name'), __('Network'), __('Mode'), __('Group'), __('Incident'), __('OS'), __('Interval'), __('Ports'), __('Action'));
|
||||
$table->head = array (__('Name'), __('Network'), __('Mode'), __('Group'), __('SNMP Version'), __('Incident'), __('OS'), __('Interval'), __('Ports'), __('Action'));
|
||||
$table->align = array ("left","left","left","left","left","left","left","left");
|
||||
$table->width = "100%";
|
||||
$table->cellpadding = 4;
|
||||
@ -336,48 +390,64 @@ if ($result !== false) {
|
||||
$data[3] = "-";
|
||||
}
|
||||
|
||||
//SNMP VERSION
|
||||
if ($row["snmp_version"] == '1'){
|
||||
$data[4] = "v. 1";
|
||||
}
|
||||
elseif($row["snmp_version"] == '2'){
|
||||
$data[4] = "v. 2";
|
||||
}
|
||||
elseif($row["snmp_version"] == '2c'){
|
||||
$data[4] = "v. 2c";
|
||||
}
|
||||
elseif($row["snmp_version"] == '3'){
|
||||
$data[4] = "v. 3";
|
||||
}
|
||||
|
||||
|
||||
|
||||
// INCIDENT
|
||||
$data[4] = (($row["create_incident"] == 1) ? __('Yes') : __('No'));
|
||||
$data[5] = (($row["create_incident"] == 1) ? __('Yes') : __('No'));
|
||||
|
||||
// OS
|
||||
if ($row["id_recon_script"] == 0) {
|
||||
$data[5] =(($row["id_os"] > 0) ? ui_print_os_icon ($row["id_os"], false, true) : __('Any'));
|
||||
$data[6] =(($row["id_os"] > 0) ? ui_print_os_icon ($row["id_os"], false, true) : __('Any'));
|
||||
}
|
||||
else {
|
||||
$data[5] = "-";
|
||||
$data[6] = "-";
|
||||
}
|
||||
// INTERVAL
|
||||
if ($row["interval_sweep"]==0)
|
||||
$data[6] = __("Manual");
|
||||
$data[7] = __("Manual");
|
||||
else
|
||||
$data[6] =human_time_description_raw($row["interval_sweep"]);
|
||||
$data[7] =human_time_description_raw($row["interval_sweep"]);
|
||||
|
||||
// PORTS
|
||||
if ($row["id_recon_script"] == 0) {
|
||||
$data[7] = substr($row["recon_ports"],0,15);
|
||||
$data[8] = substr($row["recon_ports"],0,15);
|
||||
}
|
||||
else {
|
||||
$data[7] = "-";
|
||||
$data[8] = "-";
|
||||
}
|
||||
|
||||
// ACTION
|
||||
$task_group = $row["id_group"];
|
||||
|
||||
if (in_array($task_group, $user_groups_w)){
|
||||
$data[8] = '<a href="index.php?sec=estado&sec2=operation/servers/recon_view">' . html_print_image("images/eye.png", true) . '</a>';
|
||||
$data[8] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&delete='.$row["id_rt"].'">' . html_print_image("images/cross.png", true, array("border" => '0')) . '</a>';
|
||||
$data[9] = '<a href="index.php?sec=estado&sec2=operation/servers/recon_view">' . html_print_image("images/eye.png", true) . '</a>';
|
||||
$data[9] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&delete='.$row["id_rt"].'">' . html_print_image("images/cross.png", true, array("border" => '0')) . '</a>';
|
||||
if($mode_name != 'IPAM Recon'){
|
||||
$data[8] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask_form&update='.$row["id_rt"].'">' .html_print_image("images/config.png", true) . '</a>';
|
||||
$data[9] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask_form&update='.$row["id_rt"].'">' .html_print_image("images/config.png", true) . '</a>';
|
||||
} else {
|
||||
$sql_ipam = 'select id from tipam_network where id_recon_task =' . $row["id_rt"];
|
||||
$id_recon_ipam = db_get_sql($sql_ipam);
|
||||
$data[8] .= '<a href="index.php?sec=godmode/extensions&sec2=enterprise/extensions/ipam&action=edit&id=' . $id_recon_ipam . '">' . html_print_image("images/config.png", true) . '</a>';
|
||||
$data[9] .= '<a href="index.php?sec=godmode/extensions&sec2=enterprise/extensions/ipam&action=edit&id=' . $id_recon_ipam . '">' . html_print_image("images/config.png", true) . '</a>';
|
||||
}
|
||||
if($row["disabled"] == 0) {
|
||||
$data[8] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&id='.$row["id_rt"].'&disabled=1">' .html_print_image("images/lightbulb.png", true) . '</a>';
|
||||
$data[9] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&id='.$row["id_rt"].'&disabled=1">' .html_print_image("images/lightbulb.png", true) . '</a>';
|
||||
}
|
||||
else {
|
||||
$data[8] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&id='.$row["id_rt"].'&disabled=0">' .html_print_image("images/lightbulb_off.png", true) . '</a>';
|
||||
$data[9] .= '<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&id='.$row["id_rt"].'&disabled=0">' .html_print_image("images/lightbulb_off.png", true) . '</a>';
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -108,6 +108,13 @@ if (isset($_GET["update"]) || (isset($_GET["upd"]))) {
|
||||
$id_os = $row["id_os"];
|
||||
$recon_ports = $row["recon_ports"];
|
||||
$snmp_community = $row["snmp_community"];
|
||||
$snmp_version = $row["snmp_version"];
|
||||
$snmp3_auth_user = $row["snmp_auth_user"];
|
||||
$snmp3_auth_pass = $row["snmp_auth_pass"];
|
||||
$snmp3_privacy_method = $row["snmp_privacy_method"];
|
||||
$snmp3_privacy_pass = $row["snmp_privacy_pass"];
|
||||
$snmp3_auth_method = $row["snmp_auth_method"];
|
||||
$snmp3_security_level = $row["snmp_security_level"];
|
||||
$id_recon_script = $row["id_recon_script"];
|
||||
$field1 = $row["field1"];
|
||||
$field2 = $row["field2"];
|
||||
@ -156,6 +163,13 @@ elseif (isset($_GET["create"]) || isset($_GET["crt"])) {
|
||||
$id_group = 0;
|
||||
$create_incident = 1;
|
||||
$snmp_community = "public";
|
||||
$snmp3_auth_user = '';
|
||||
$snmp3_auth_pass = '';
|
||||
$snmp_version = 1;
|
||||
$snmp3_privacy_method = '';
|
||||
$snmp3_privacy_pass = '';
|
||||
$snmp3_auth_method = '';
|
||||
$snmp3_security_level = '';
|
||||
$id_network_profile = 0;
|
||||
$id_os = -1; // Any
|
||||
$recon_ports = ""; // Any
|
||||
@ -212,6 +226,13 @@ $table->rowclass[20] = "network_sweep";
|
||||
$table->rowclass[21] = "network_sweep";
|
||||
$table->rowclass[22] = "network_sweep";
|
||||
$table->rowclass[23] = "network_sweep";
|
||||
$table->rowclass[24] = "network_sweep";
|
||||
$table->rowclass[25] = "network_sweep recon_v3";
|
||||
$table->rowclass[26] = "network_sweep recon_v3";
|
||||
$table->rowclass[27] = "network_sweep recon_v3";
|
||||
$table->rowclass[28] = "network_sweep recon_v3";
|
||||
$table->rowclass[29] = "network_sweep recon_v3";
|
||||
$table->rowclass[30] = "network_sweep recon_v3";
|
||||
|
||||
$table->rowclass[6] = "recon_script";
|
||||
$table->rowclass[13] = "recon_script";
|
||||
@ -327,6 +348,34 @@ $table->data[12][0] = "<b>".__('SNMP Default community');
|
||||
$table->data[12][0] .= ui_print_help_tip (__('You can specify several values, separated by commas, for example: public,mysecret,1234'), true);
|
||||
$table->data[12][1] = html_print_input_text ('snmp_community', $snmp_community, '', 35, 0, true);
|
||||
|
||||
//SNMP version
|
||||
|
||||
$snmp_versions['1'] = 'v. 1';
|
||||
$snmp_versions['2'] = 'v. 2';
|
||||
$snmp_versions['2c'] = 'v. 2c';
|
||||
$snmp_versions['3'] = 'v. 3';
|
||||
$table->data[24][0] ="<b>". _('SNMP version');
|
||||
$table->data[24][1] = html_print_select ($snmp_versions, 'snmp_version', $snmp_version, '', '', 0, true);
|
||||
|
||||
$table->data[25][0] ="<b>".__('Auth user');
|
||||
$table->data[25][1] = html_print_input_text ('snmp_auth_user', $snmp3_auth_user, '', 15, 60, true, '',
|
||||
false, '', '');
|
||||
$table->data[26][0] ="<b>". __('Auth password') . ui_print_help_tip(__("The pass length must be eight character minimum."), true);
|
||||
$table->data[26][1] = html_print_input_password ('snmp_auth_pass', $snmp3_auth_pass, '', 15, 60, true, '',
|
||||
false, '');
|
||||
$table->data[26][1] .= html_print_input_hidden_extended('active_snmp_v3', 0, 'active_snmp_v3_mmen', true);
|
||||
|
||||
$table->data[27][0] ="<b>". __('Privacy method');
|
||||
$table->data[27][1] = html_print_select(array('DES' => __('DES'), 'AES' => __('AES')), 'snmp_privacy_method', $snmp3_privacy_method, '', '', '', true, false, false, '', '');
|
||||
$table->data[28][0] ="<b>". __('Privacy pass') . ui_print_help_tip(__("The pass length must be eight character minimum."), true);
|
||||
$table->data[28][1] = html_print_input_password ('snmp_privacy_pass', $snmp3_privacy_pass, '', 15, 60, true, '',
|
||||
false, '');
|
||||
$table->data[29][0] ="<b>". __('Auth method');
|
||||
$table->data[29][1] = html_print_select(array('MD5' => __('MD5'), 'SHA' => __('SHA')), 'snmp_auth_method', $snmp3_auth_method, '', '', '', true, false, false, '', '');
|
||||
$table->data[30][0] ="<b>". __('Security level');
|
||||
$table->data[30][1] = html_print_select(array('noAuthNoPriv' => __('Not auth and not privacy method'),
|
||||
'authNoPriv' => __('Auth and not privacy method'), 'authPriv' => __('Auth and privacy method')), 'snmp_security_level', $snmp3_security_level, '', '', '', true, false, false, '', '');
|
||||
|
||||
// Explanation
|
||||
$explanation = db_get_value('description', 'trecon_script', 'id_recon_script', $id_recon_script);
|
||||
|
||||
@ -461,9 +510,24 @@ $('select#id_recon_script').change(function() {
|
||||
get_explanation_recon_script($(this).val());
|
||||
});
|
||||
|
||||
$('select#snmp_version').change(function () {
|
||||
if (this.value == "3") {
|
||||
$(".recon_v3").show();
|
||||
$("input[name=active_snmp_v3]").val(1);
|
||||
$("input[name=snmp_community]").attr("disabled", true);
|
||||
$("input[name=vlan_enabled]").removeAttr("checked");
|
||||
$("input[name=vlan_enabled]").attr("disabled", true);
|
||||
}
|
||||
else {
|
||||
$(".recon_v3").hide();
|
||||
$("input[name=active_snmp_v3]").val(0);
|
||||
$("input[name=snmp_community]").removeAttr('disabled');
|
||||
$("input[name=vlan_enabled]").removeAttr('disabled');
|
||||
}
|
||||
});
|
||||
|
||||
$('select#mode').change(function() {
|
||||
var type = $(this).val();
|
||||
|
||||
if (type == 'recon_script') {
|
||||
$(".recon_script").show();
|
||||
$(".network_sweep").hide();
|
||||
@ -474,6 +538,7 @@ $('select#mode').change(function() {
|
||||
$(".recon_script").hide();
|
||||
$(".network_sweep").show();
|
||||
$('.macro_field').remove();
|
||||
$('select#snmp_version').trigger('change');
|
||||
}
|
||||
}).change();
|
||||
|
||||
@ -543,5 +608,5 @@ function get_explanation_recon_script (id) {
|
||||
});
|
||||
taskManager.addTask(xhr);
|
||||
}
|
||||
/* ]]> */
|
||||
|
||||
</script>
|
||||
|
@ -775,6 +775,13 @@ CREATE TABLE IF NOT EXISTS `trecon_task` (
|
||||
`alias_as_name` tinyint(2) NOT NULL default '0',
|
||||
`snmp_enabled` tinyint(1) unsigned default '0',
|
||||
`vlan_enabled` tinyint(1) unsigned default '0',
|
||||
`snmp_version` varchar(5) NOT NULL default '1',
|
||||
`snmp_auth_user` varchar(255) NOT NULL default '',
|
||||
`snmp_auth_pass` varchar(255) NOT NULL default '',
|
||||
`snmp_auth_method` varchar(25) NOT NULL default '',
|
||||
`snmp_privacy_method` varchar(25) NOT NULL default '',
|
||||
`snmp_privacy_pass` varchar(255) NOT NULL default '',
|
||||
`snmp_security_level` varchar(25) NOT NULL default '',
|
||||
PRIMARY KEY (`id_rt`),
|
||||
KEY `recon_task_daemon` (`id_recon_server`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
@ -96,6 +96,9 @@ sub new {
|
||||
# Working SNMP community for each device.
|
||||
community_cache => {},
|
||||
|
||||
# Cache of deviced discovered.
|
||||
dicovered_cache => {},
|
||||
|
||||
# Connections between devices.
|
||||
connections => {},
|
||||
|
||||
@ -147,8 +150,15 @@ sub new {
|
||||
recon_timing_template => 3,
|
||||
recon_ports => '',
|
||||
resolve_names => 0,
|
||||
snmp_auth_user => '',
|
||||
snmp_auth_pass => '',
|
||||
snmp_auth_method => '',
|
||||
snmp_checks => 2,
|
||||
snmp_privacy_method => '',
|
||||
snmp_privacy_pass => '',
|
||||
snmp_security_level => '',
|
||||
snmp_timeout => 2,
|
||||
snmp_version => 1,
|
||||
subnets => [],
|
||||
@_,
|
||||
|
||||
@ -157,8 +167,66 @@ sub new {
|
||||
# Perform some sanity checks.
|
||||
die("No subnet was specified.") unless defined($self->{'subnets'});
|
||||
|
||||
# Check SNMP params id SNMP is enabled
|
||||
if ($self->{'snmp_enabled'}) {
|
||||
# Check SNMP version
|
||||
if ($self->{'snmp_version'} ne '1' && $self->{'snmp_version'} ne '2'
|
||||
&& $self->{'snmp_version'} ne '2c' && $self->{'snmp_version'} ne '3'
|
||||
) {
|
||||
$self->{'snmp_enabled'} = 0;
|
||||
$self->call('message', "SNMP version " . $self->{'snmp_version'} . " not supported (only 1, 2, 2c and 3).", 5);
|
||||
}
|
||||
|
||||
# Check the version 3 parameters
|
||||
if ($self->{'snmp_version'} eq '3') {
|
||||
# Fixed some vars
|
||||
$self->{'communities'} = [];
|
||||
|
||||
# SNMP v3 checks
|
||||
if (
|
||||
$self->{'snmp_security_level'} ne 'noAuthNoPriv' &&
|
||||
$self->{'snmp_security_level'} ne 'authNoPriv' &&
|
||||
$self->{'snmp_security_level'} ne 'authPriv'
|
||||
) {
|
||||
$self->{'snmp_enabled'} = 0;
|
||||
$self->call('message', "Invalid SNMP security level " . $self->{'snmp_security_level'} . ".", 5);
|
||||
}
|
||||
if ($self->{'snmp_privacy_method'} ne 'DES' && $self->{'snmp_privacy_method'} ne 'AES') {
|
||||
$self->{'snmp_enabled'} = 0;
|
||||
$self->call('message', "Invalid SNMP privacy method " . $self->{'snmp_privacy_method'} . ".", 5);
|
||||
}
|
||||
if ($self->{'snmp_auth_method'} ne 'MD5' && $self->{'snmp_auth_method'} ne 'SHA') {
|
||||
$self->{'snmp_enabled'} = 0;
|
||||
$self->call('message', "Invalid SNMP authentication method " . $self->{'snmp_auth_method'} . ".", 5);
|
||||
}
|
||||
} else {
|
||||
# Fixed some vars
|
||||
$self->{'snmp_auth_user'} = '';
|
||||
$self->{'snmp_auth_pass'} = '';
|
||||
$self->{'snmp_auth_method'} = '';
|
||||
$self->{'snmp_privacy_method'} = '';
|
||||
$self->{'snmp_privacy_pass'} = '';
|
||||
$self->{'snmp_security_level'} = '';
|
||||
|
||||
# Disable SNMP scans if no community was given.
|
||||
$self->{'snmp_enabled'} = 0 if (scalar(@{$self->{'communities'}}) == 0);
|
||||
if (scalar(@{$self->{'communities'}}) == 0) {
|
||||
$self->{'snmp_enabled'} = 0;
|
||||
$self->call('message', "There is not any SNMP community configured.", 5);
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Remove all snmp related values if disabled
|
||||
if (!$self->{'snmp_enabled'}) {
|
||||
$self->{'communities'} = [];
|
||||
$self->{'snmp_auth_user'} = '';
|
||||
$self->{'snmp_auth_pass'} = '';
|
||||
$self->{'snmp_auth_method'} = '';
|
||||
$self->{'snmp_privacy_method'} = '';
|
||||
$self->{'snmp_privacy_pass'} = '';
|
||||
$self->{'snmp_security_level'} = '';
|
||||
}
|
||||
|
||||
return bless($self, $class);
|
||||
}
|
||||
@ -199,7 +267,7 @@ sub aft_connectivity($$) {
|
||||
my ($self, $switch) = @_;
|
||||
my (%mac_temp, @aft_temp);
|
||||
|
||||
return unless defined($self->get_community($switch));
|
||||
return unless ($self->is_snmp_discovered($switch));
|
||||
|
||||
$self->enable_vlan_cache();
|
||||
|
||||
@ -397,8 +465,7 @@ sub find_ifaces($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
# Does it respond to SNMP?
|
||||
my $community = $self->get_community($device);
|
||||
return unless defined($community);
|
||||
return unless ($self->is_snmp_discovered($device));
|
||||
|
||||
my @output = $self->snmp_get_value_array($device, $PandoraFMS::Recon::Base::IFINDEX);
|
||||
foreach my $if_index (@output) {
|
||||
@ -476,11 +543,13 @@ sub get_device($$) {
|
||||
sub get_community($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
return '' if ($self->{'snmp_version'} eq "3");
|
||||
|
||||
if (defined($self->{'community_cache'}->{$device})) {
|
||||
return $self->{'community_cache'}->{$device};
|
||||
}
|
||||
|
||||
return undef;
|
||||
return '';
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
@ -787,6 +856,9 @@ sub get_visited_devices($) {
|
||||
sub get_vlans($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
# Disabled in verison 3
|
||||
return () if ($self->{'snmp_version'} eq "3");
|
||||
|
||||
# Is the VLAN cache disabled?
|
||||
return () unless ($self->{'__vlan_cache_enabled__'} == 1);
|
||||
|
||||
@ -945,6 +1017,17 @@ sub is_visited($$) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
# Returns 1 if the given device has responded successfully to a snmp request
|
||||
# Returns 0 otherwise.
|
||||
########################################################################################
|
||||
sub is_snmp_discovered($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
# Check if device is into discovered cache
|
||||
return (defined($self->{'discovered_cache'}->{$device})) ? 1 : 0;
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
# Mark the given devices as connected to each other on the given interfaces.
|
||||
########################################################################################
|
||||
@ -999,23 +1082,46 @@ sub mark_visited($$) {
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
# Looks for a working SNMP community for the given device. Returns 1 if one is
|
||||
# found, 0 otherwise. Updates the SNMP community cache.
|
||||
# Mark the given device as snmp discovered.
|
||||
########################################################################################
|
||||
sub mark_discovered($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
$self->{'discovered_cache'}->{$device} = 1;
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
# Validate the configuration for the given device.
|
||||
# Returns 1 if successfull snmp contact, 0 otherwise.
|
||||
# Updates the SNMP community cache on v1, v2 and v2c.
|
||||
########################################################################################
|
||||
sub snmp_responds($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
# We already have a working SNMP community for this device.
|
||||
return 1 if (defined($self->get_community($device)));
|
||||
return 1 if($self->is_snmp_discovered($device));
|
||||
|
||||
return ($self->{'snmp_version'} eq "3")
|
||||
? $self->snmp_responds_v3($device)
|
||||
: $self->snmp_responds_v122c($device);
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
# Looks for a working SNMP community for the given device. Returns 1 if one is
|
||||
# found, 0 otherwise. Updates the SNMP community cache.
|
||||
########################################################################################
|
||||
sub snmp_responds_v122c($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
foreach my $community (@{$self->{'communities'}}) {
|
||||
|
||||
# Clean blanks.
|
||||
$community =~ s/\s+//g;
|
||||
|
||||
`snmpwalk -M/dev/null -r$self->{'snmp_checks'} -t$self->{'snmp_timeout'} -v1 -On -Oe -c $community $device .0 2>/dev/null`;
|
||||
my $command = $self->snmp_get_command($device, ".0", $community);
|
||||
`$command`;
|
||||
if ($? == 0) {
|
||||
$self->set_community($device, $community);
|
||||
$self->mark_discovered($device);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
@ -1023,6 +1129,25 @@ sub snmp_responds($$) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
########################################################################################
|
||||
# Validate the SNMP v3 configuration for a device.
|
||||
# Returns 1 if successfull snmp contact, 0 otherwise.
|
||||
########################################################################################
|
||||
sub snmp_responds_v3($$) {
|
||||
my ($self, $device) = @_;
|
||||
|
||||
my $command = $self->snmp_get_command($device, ".0");
|
||||
`$command`;
|
||||
|
||||
if ($? == 0) {
|
||||
$self->mark_discovered($device);
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
##############################################################################
|
||||
# Parse the local ARP cache.
|
||||
##############################################################################
|
||||
@ -1309,8 +1434,8 @@ sub snmp_get($$$) {
|
||||
my ($self, $device, $oid) = @_;
|
||||
my @output;
|
||||
|
||||
return () unless defined $self->is_snmp_discovered($device);
|
||||
my $community = $self->get_community($device);
|
||||
return () unless defined ($community);
|
||||
|
||||
# Check the SNMP query cache first.
|
||||
if (defined($self->{'snmp_cache'}->{"${device}_${oid}"})) {
|
||||
@ -1320,13 +1445,15 @@ sub snmp_get($$$) {
|
||||
# Check VLANS.
|
||||
my @vlans = $self->get_vlans($device);
|
||||
if (scalar(@vlans) == 0) {
|
||||
@output = `snmpwalk -M/dev/null -r$self->{'snmp_checks'} -t$self->{'snmp_timeout'} -v1 -On -Oe -c $community $device $oid 2>/dev/null`;
|
||||
my $command = $self->snmp_get_command($device, $oid, $community);
|
||||
@output = `$command`;
|
||||
}
|
||||
else {
|
||||
# Handle duplicate lines.
|
||||
my %output_hash;
|
||||
foreach my $vlan (@vlans) {
|
||||
foreach my $line (`snmpwalk -M/dev/null -r$self->{'snmp_checks'} -t$self->{'snmp_timeout'} -v1 -On -Oe -c $community\@$vlan $device $oid 2>/dev/null`) {
|
||||
my $command = $self->snmp_get_command($device, $oid, $community, $vlan);
|
||||
foreach my $line (`$vlan`) {
|
||||
$output_hash{$line} = 1;
|
||||
}
|
||||
}
|
||||
@ -1339,6 +1466,30 @@ sub snmp_get($$$) {
|
||||
return @output;
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
# Get the snmpwalk command seing version 1, 2, 2c or 3.
|
||||
########################################################################################
|
||||
sub snmp_get_command {
|
||||
my ($self, $device, $oid, $community, $vlan) = @_;
|
||||
$vlan = defined($vlan) ? "\@" . $vlan : '';
|
||||
|
||||
my $command = "snmpwalk -M/dev/null -r$self->{'snmp_checks'} -t$self->{'snmp_timeout'} -v$self->{'snmp_version'} -On -Oe ";
|
||||
if ($self->{'snmp_version'} eq "3") {
|
||||
$command .= " -l$self->{'snmp_security_level'} ";
|
||||
if ($self->{'snmp_security_level'} ne "noAuthNoPriv") {
|
||||
$command .= " -u$self->{'snmp_auth_user'} -a$self->{'snmp_auth_method'} -A$self->{'snmp_auth_pass'} ";
|
||||
}
|
||||
if ($self->{'snmp_security_level'} eq "authPriv") {
|
||||
$command .= " -x$self->{'snmp_privacy_method'} -X$self->{'snmp_privacy_pass'} ";
|
||||
}
|
||||
} else {
|
||||
$command .= " -c$community$vlan ";
|
||||
}
|
||||
|
||||
return "$command $device $oid 2>/dev/null";
|
||||
|
||||
}
|
||||
|
||||
########################################################################################
|
||||
# Performs an SNMP WALK and returns the value of the given OID. Returns undef
|
||||
# on error.
|
||||
|
@ -173,7 +173,16 @@ sub data_consumer ($$) {
|
||||
pa_config => $pa_config,
|
||||
recon_ports => $task->{'recon_ports'},
|
||||
resolve_names => $task->{'resolve_names'},
|
||||
snmp_auth_user => $task->{'snmp_auth_user'},
|
||||
snmp_auth_pass => $task->{'snmp_auth_pass'},
|
||||
snmp_auth_method => $task->{'snmp_auth_method'},
|
||||
snmp_checks => $task->{'snmp_checks'},
|
||||
snmp_enabled => $task->{'snmp_enabled'},
|
||||
snmp_privacy_method => $task->{'snmp_privacy_method'},
|
||||
snmp_privacy_pass => $task->{'snmp_privacy_pass'},
|
||||
snmp_security_level => $task->{'snmp_security_level'},
|
||||
snmp_timeout => $task->{'snmp_timeout'},
|
||||
snmp_version => $task->{'snmp_version'},
|
||||
subnets => \@subnets,
|
||||
task_id => $task->{'id_rt'},
|
||||
vlan_cache_enabled => $task->{'vlan_enabled'},
|
||||
@ -313,6 +322,13 @@ sub PandoraFMS::Recon::Base::create_network_profile_modules($$$) {
|
||||
|
||||
# Use snmp_community from network task instead the component snmp_community
|
||||
$component->{'snmp_community'} = safe_output($self->get_community($device));
|
||||
$component->{'tcp_send'} = $self->{'snmp_version'};
|
||||
$component->{'custom_string_1'} = $self->{'snmp_privacy_method'};
|
||||
$component->{'custom_string_2'} = $self->{'snmp_privacy_pass'};
|
||||
$component->{'custom_string_3'} = $self->{'snmp_security_level'};
|
||||
$component->{'plugin_parameter'} = $self->{'snmp_auth_method'};
|
||||
$component->{'plugin_user'} = $self->{'snmp_auth_user'};
|
||||
$component->{'plugin_pass'} = $self->{'snmp_auth_pass'};
|
||||
|
||||
pandora_create_module_from_network_component($self->{'pa_config'}, $component, $agent_id, $self->{'dbh'});
|
||||
}
|
||||
@ -466,8 +482,8 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
}
|
||||
|
||||
# Add interfaces to the agent if it responds to SNMP.
|
||||
return $agent_id unless ($self->is_snmp_discovered($device));
|
||||
my $community = $self->get_community($device);
|
||||
return $agent_id unless defined($community);
|
||||
|
||||
my @output = $self->snmp_get_value_array($device, $PandoraFMS::Recon::Base::IFINDEX);
|
||||
foreach my $if_index (@output) {
|
||||
@ -506,7 +522,13 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
'descripcion' => $if_desc,
|
||||
'id_agente' => $agent_id,
|
||||
'ip_target' => $device,
|
||||
'tcp_send' => 1,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
'snmp_community' => $community,
|
||||
'snmp_oid' => "$PandoraFMS::Recon::Base::IFOPERSTATUS.$if_index"
|
||||
);
|
||||
@ -516,6 +538,14 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
'descripcion' => $if_desc,
|
||||
'ip_target' => $device,
|
||||
'snmp_community' => $community,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
);
|
||||
pandora_update_module_from_hash ($self->{'pa_config'}, \%module, 'id_agente_modulo', $module_id, $self->{'dbh'});
|
||||
}
|
||||
@ -531,7 +561,13 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
'descripcion' => 'The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets.',
|
||||
'id_agente' => $agent_id,
|
||||
'ip_target' => $device,
|
||||
'tcp_send' => 1,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
'snmp_community' => $community,
|
||||
'snmp_oid' => "$PandoraFMS::Recon::Base::IFHCINOCTECTS.$if_index");
|
||||
pandora_create_module_from_hash ($self->{'pa_config'}, \%module, $self->{'dbh'});
|
||||
@ -539,6 +575,13 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
my %module = (
|
||||
'ip_target' => $device,
|
||||
'snmp_community' => $community,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
);
|
||||
pandora_update_module_from_hash ($self->{'pa_config'}, \%module, 'id_agente_modulo', $module_id, $self->{'dbh'});
|
||||
}
|
||||
@ -553,7 +596,13 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
'descripcion' => 'The total number of octets received on the interface, including framing characters.',
|
||||
'id_agente' => $agent_id,
|
||||
'ip_target' => $device,
|
||||
'tcp_send' => 1,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
'snmp_community' => $community,
|
||||
'snmp_oid' => "$PandoraFMS::Recon::Base::IFINOCTECTS.$if_index");
|
||||
pandora_create_module_from_hash ($self->{'pa_config'}, \%module, $self->{'dbh'});
|
||||
@ -561,6 +610,13 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
my %module = (
|
||||
'ip_target' => $device,
|
||||
'snmp_community' => $community,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
);
|
||||
pandora_update_module_from_hash ($self->{'pa_config'}, \%module, 'id_agente_modulo', $module_id, $self->{'dbh'});
|
||||
}
|
||||
@ -577,7 +633,13 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
'descripcion' => 'The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifOutOctets.',
|
||||
'id_agente' => $agent_id,
|
||||
'ip_target' => $device,
|
||||
'tcp_send' => 1,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
'snmp_community' => $community,
|
||||
'snmp_oid' => "$PandoraFMS::Recon::Base::IFHCOUTOCTECTS.$if_index");
|
||||
pandora_create_module_from_hash ($self->{'pa_config'}, \%module, $self->{'dbh'});
|
||||
@ -585,6 +647,14 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
my %module = (
|
||||
'ip_target' => $device,
|
||||
'snmp_community' => $community,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
);
|
||||
pandora_update_module_from_hash ($self->{'pa_config'}, \%module, 'id_agente_modulo', $module_id, $self->{'dbh'});
|
||||
}
|
||||
@ -599,7 +669,13 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
'descripcion' => 'The total number of octets received on the interface, including framing characters.',
|
||||
'id_agente' => $agent_id,
|
||||
'ip_target' => $device,
|
||||
'tcp_send' => 1,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
'snmp_community' => $community,
|
||||
'snmp_oid' => "$PandoraFMS::Recon::Base::IFOUTOCTECTS.$if_index");
|
||||
pandora_create_module_from_hash ($self->{'pa_config'}, \%module, $self->{'dbh'});
|
||||
@ -607,6 +683,14 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
|
||||
my %module = (
|
||||
'ip_target' => $device,
|
||||
'snmp_community' => $community,
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'tcp_send' => $self->{'snmp_version'},
|
||||
'custom_string_1' => $self->{'snmp_privacy_method'},
|
||||
'custom_string_2' => $self->{'snmp_privacy_pass'},
|
||||
'custom_string_3' => $self->{'snmp_security_level'},
|
||||
'plugin_parameter' => $self->{'snmp_auth_method'},
|
||||
'plugin_user' => $self->{'snmp_auth_user'},
|
||||
'plugin_pass' => $self->{'snmp_auth_pass'},
|
||||
);
|
||||
pandora_update_module_from_hash ($self->{'pa_config'}, \%module, 'id_agente_modulo', $module_id, $self->{'dbh'});
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user