diff --git a/pandora_console/extensions/net_tools.php b/pandora_console/extensions/net_tools.php
index f6736f366a..2f18a569d4 100644
--- a/pandora_console/extensions/net_tools.php
+++ b/pandora_console/extensions/net_tools.php
@@ -154,100 +154,105 @@ function main_net_tools () {
$operation = get_parameter ("operation", 0);
$community = get_parameter ("community", "public");
$ip = get_parameter("select_ips");
-
- switch($operation) {
- case 1:
- $traceroute = whereis_the_command ('traceroute');
- if (empty($traceroute)) {
- ui_print_error_message(__('Traceroute executable does not exist.'));
- }
- else {
- echo "".__("Traceroute to "). $ip. "
";
- echo "";
- echo system ("$traceroute $ip");
- echo "";
- }
- break;
- case 2:
- $ping = whereis_the_command ('ping');
- if (empty($ping)) {
- ui_print_error_message(__('Ping executable does not exist.'));
- }
- else {
- echo "" . __("Ping to %s", $ip) . "
";
- echo "";
- echo system ("$ping -c 5 $ip");
- echo "";
- }
- break;
- case 4:
- $nmap = whereis_the_command ('nmap');
- if (empty($nmap)) {
- ui_print_error_message(__('Nmap executable does not exist.'));
- }
- else {
- echo "".__("Basic TCP Scan on "). $ip. "
";
- echo "";
- echo system ("$nmap -F $ip");
- echo "";
- }
- break;
- case 5:
- echo "".__("Domain and IP information for "). $ip. "
";
-
- $dig = whereis_the_command ('dig');
- if (empty($dig)) {
- ui_print_error_message(__('Dig executable does not exist.'));
- }
- else {
- echo "";
- echo system ("dig $ip");
- echo "";
- }
-
- $whois = whereis_the_command ('whois');
- if (empty($whois)) {
- ui_print_error_message(__('Whois executable does not exist.'));
- }
- else {
- echo "";
- echo system ("whois $ip");
- echo "";
- }
- break;
- case 3:
- echo "".__("SNMP information for "). $ip. "
";
-
- $snmpget = whereis_the_command ('snmpget');
- if (empty($snmpget)) {
- ui_print_error_message(__('SNMPget executable does not exist.'));
- }
- else {
- echo "" . __("Uptime") . "
";
- echo "";
- echo exec ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.3.0 ");
- echo "";
- echo "" . __("Device info") . "
";
- echo "";
-
- echo system ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.1.0 ");
- echo "";
-
- echo "Interface Information
";
- echo "";
- echo "| ".__("Interface");
- echo " | ".__("Status");
-
- $int_max = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.1.0 ");
-
- for ($ax=0; $ax < $int_max; $ax++) {
- $interface = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.2.$ax ");
- $estado = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.8.$ax ");
- echo " |
|---|
| $interface | $estado";
+
+ if(!validate_address($ip)){
+ ui_print_error_message(__('The ip or dns name entered cannot be resolved'));
+ }
+ else{
+ switch($operation) {
+ case 1:
+ $traceroute = whereis_the_command ('traceroute');
+ if (empty($traceroute)) {
+ ui_print_error_message(__('Traceroute executable does not exist.'));
}
- echo " |
";
- }
- break;
+ else {
+ echo "".__("Traceroute to "). $ip. "
";
+ echo "";
+ echo system ("$traceroute $ip");
+ echo "";
+ }
+ break;
+ case 2:
+ $ping = whereis_the_command ('ping');
+ if (empty($ping)) {
+ ui_print_error_message(__('Ping executable does not exist.'));
+ }
+ else {
+ echo "" . __("Ping to %s", $ip) . "
";
+ echo "";
+ echo system ("$ping -c 5 $ip");
+ echo "";
+ }
+ break;
+ case 4:
+ $nmap = whereis_the_command ('nmap');
+ if (empty($nmap)) {
+ ui_print_error_message(__('Nmap executable does not exist.'));
+ }
+ else {
+ echo "".__("Basic TCP Scan on "). $ip. "
";
+ echo "";
+ echo system ("$nmap -F $ip");
+ echo "";
+ }
+ break;
+ case 5:
+ echo "".__("Domain and IP information for "). $ip. "
";
+
+ $dig = whereis_the_command ('dig');
+ if (empty($dig)) {
+ ui_print_error_message(__('Dig executable does not exist.'));
+ }
+ else {
+ echo "";
+ echo system ("dig $ip");
+ echo "";
+ }
+
+ $whois = whereis_the_command ('whois');
+ if (empty($whois)) {
+ ui_print_error_message(__('Whois executable does not exist.'));
+ }
+ else {
+ echo "";
+ echo system ("whois $ip");
+ echo "";
+ }
+ break;
+ case 3:
+ echo "".__("SNMP information for "). $ip. "
";
+
+ $snmpget = whereis_the_command ('snmpget');
+ if (empty($snmpget)) {
+ ui_print_error_message(__('SNMPget executable does not exist.'));
+ }
+ else {
+ echo "" . __("Uptime") . "
";
+ echo "";
+ echo exec ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.3.0 ");
+ echo "";
+ echo "" . __("Device info") . "
";
+ echo "";
+
+ echo system ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.1.0 ");
+ echo "";
+
+ echo "Interface Information
";
+ echo "";
+ echo "| ".__("Interface");
+ echo " | ".__("Status");
+
+ $int_max = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.1.0 ");
+
+ for ($ax=0; $ax < $int_max; $ax++) {
+ $interface = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.2.$ax ");
+ $estado = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.8.$ax ");
+ echo " |
|---|
| $interface | $estado";
+ }
+ echo " |
";
+ }
+ break;
+ }
}
echo "";
diff --git a/pandora_console/godmode/agentes/agent_manager.php b/pandora_console/godmode/agentes/agent_manager.php
index 42e71093ab..d8a7190ed9 100644
--- a/pandora_console/godmode/agentes/agent_manager.php
+++ b/pandora_console/godmode/agentes/agent_manager.php
@@ -168,9 +168,6 @@ if(!$new_agent && $alias != ''){
}
}
-
-
-
// Remote configuration available
if (!$new_agent) {
if (isset($filename)) {
diff --git a/pandora_console/godmode/agentes/configurar_agente.php b/pandora_console/godmode/agentes/configurar_agente.php
index c62dfcb28c..c7c2a3318f 100644
--- a/pandora_console/godmode/agentes/configurar_agente.php
+++ b/pandora_console/godmode/agentes/configurar_agente.php
@@ -151,11 +151,21 @@ $module_macros = array ();
// Create agent
if ($create_agent) {
+ $mssg_warning = 0;
$alias = (string) get_parameter_post("alias",'');
$alias_as_name = (int) get_parameter_post("alias_as_name", 0);
$direccion_agente = (string) get_parameter_post("direccion",'');
+
+ //safe_output only validate ip
$direccion_agente = trim(io_safe_output($direccion_agente));
+
+ if(!validate_address($direccion_agente)){
+ $mssg_warning = 1;
+ }
+
+ //safe-input before validate ip
$direccion_agente = io_safe_input($direccion_agente);
+
$nombre_agente = hash("sha256",$alias . "|" .$direccion_agente ."|". time() ."|". sprintf("%04d", rand(0,10000)));
$grupo = (int) get_parameter_post ("grupo");
$intervalo = (string) get_parameter_post ("intervalo", SECONDS_5MINUTES);
@@ -184,7 +194,7 @@ if ($create_agent) {
foreach ($fields as $field) {
$field_values[$field['id_field']] = (string) get_parameter_post ('customvalue_'.$field['id_field'], '');
}
-
+
// Check if agent exists (BUG WC-50518-2)
if ($alias == "") {
$agent_creation_error = __('No agent alias specified');
@@ -233,8 +243,8 @@ if ($create_agent) {
// Create custom fields for this agent
foreach ($field_values as $key => $value) {
$update_custom = db_process_sql_insert ('tagent_custom_data',
- array('id_field' => $key, 'id_agent' => $id_agente,
- 'description' => $value));
+ array('id_field' => $key, 'id_agent' => $id_agente,
+ 'description' => $value));
}
// Create address for this agent in taddress
if ( $direccion_agente != '') {
@@ -637,6 +647,10 @@ if ($create_agent) {
ui_print_result_message ($agent_created_ok,
__('Successfully created'),
$agent_creation_error);
+
+ if($mssg_warning){
+ ui_print_warning_message(__('The ip or dns name entered cannot be resolved'));
+ }
}
// Fix / Normalize module data
@@ -678,13 +692,22 @@ $update_agent = (bool) get_parameter ('update_agent');
// Update AGENT
if ($update_agent) { // if modified some agent paramenter
+ $mssg_warning = 0;
$id_agente = (int) get_parameter_post ("id_agente");
$nombre_agente = str_replace('`','‘',(string) get_parameter_post ("agente", ""));
$alias = str_replace('`','‘',(string) get_parameter_post ("alias", ""));
$alias_as_name = (int) get_parameter_post ('alias_as_name', 0);
$direccion_agente = (string) get_parameter_post ("direccion", '');
+ //safe_output only validate ip
$direccion_agente = trim(io_safe_output($direccion_agente));
+
+ if(!validate_address($direccion_agente)){
+ $mssg_warning = 1;
+ }
+
+ //safe-input before validate ip
$direccion_agente = io_safe_input($direccion_agente);
+
$address_list = (string) get_parameter_post ("address_list", '');
if ($address_list != $direccion_agente &&
@@ -728,7 +751,6 @@ if ($update_agent) { // if modified some agent paramenter
$field_values[$field['id_field']] = (string) get_parameter_post ('customvalue_'.$field['id_field'], '');
}
-
foreach ($field_values as $key => $value) {
$old_value = db_get_all_rows_filter('tagent_custom_data',
array('id_agent' => $id_agente, 'id_field' => $key));
@@ -748,6 +770,10 @@ if ($update_agent) { // if modified some agent paramenter
}
}
}
+
+ if($mssg_warning){
+ ui_print_warning_message(__('The ip or dns name entered cannot be resolved'));
+ }
//Verify if there is another agent with the same name but different ID
if ($alias == "") {
diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php
index 1aee87943a..3caa79ad05 100644
--- a/pandora_console/include/functions.php
+++ b/pandora_console/include/functions.php
@@ -2789,5 +2789,25 @@ function register_pass_change_try ($id_user, $success) {
$values['success'] = $success;
db_process_sql_insert('treset_pass_history', $values);
}
-
+/**
+ * returns true or false if it is a valid ip
+ * checking ipv4 and ipv6 or resolves the name dns
+ * @param string address
+ *
+*/
+function validate_address($address){
+ if($address){
+ if(!filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+ if(!filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+ $ip_address_dns = gethostbyname($address);
+ if(!filter_var($ip_address_dns, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+ if(!filter_var($ip_address_dns, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+ return false;
+ }
+ }
+ }
+ }
+ }
+ return true;
+}
?>