fixed error ip validate

pandora_console/extensions/net_tools.php

@@ -155,99 +155,104 @@ function main_net_tools () {
 	$community = get_parameter ("community", "public");
 	$ip = get_parameter("select_ips");
 
-	switch($operation) {
-		case 1:
-			$traceroute = whereis_the_command ('traceroute');
-			if (empty($traceroute)) {
-				ui_print_error_message(__('Traceroute executable does not exist.'));
-			}
-			else {
-				echo "<h3>".__("Traceroute to "). $ip. "</h3>";
-				echo "<pre>";
-				echo system ("$traceroute $ip");
-				echo "</pre>";
-			}
-			break;
-		case 2: 
-			$ping = whereis_the_command ('ping');
-			if (empty($ping)) {
-				ui_print_error_message(__('Ping executable does not exist.'));
-			}
-			else {
-				echo "<h3>" . __("Ping to %s", $ip) . "</h3>";
-				echo "<pre>";
-				echo system ("$ping -c 5 $ip");
-				echo "</pre>";
-			}
-			break;
-		case 4:
-			$nmap = whereis_the_command ('nmap');
-			if (empty($nmap)) {
-				ui_print_error_message(__('Nmap executable does not exist.'));
-			}
-			else {
-				echo "<h3>".__("Basic TCP Scan on "). $ip. "</h3>";
-				echo "<pre>";
-				echo system ("$nmap -F $ip");
-				echo "</pre>";
-			}
-			break;
-		case 5: 
-			echo "<h3>".__("Domain and IP information for "). $ip. "</h3>";
-			
-			$dig = whereis_the_command ('dig');
-			if (empty($dig)) {
-				ui_print_error_message(__('Dig executable does not exist.'));
-			}
-			else {
-				echo "<pre>";
-				echo system ("dig $ip");
-				echo "</pre>";
-			}
-			
-			$whois = whereis_the_command ('whois');
-			if (empty($whois)) {
-				ui_print_error_message(__('Whois executable does not exist.'));
-			}
-			else {
-				echo "<pre>";
-				echo system ("whois $ip");
-				echo "</pre>";
-			}
-			break;
-		case 3:
-			echo "<h3>".__("SNMP information for "). $ip. "</h3>";
-			
-			$snmpget = whereis_the_command ('snmpget');
-			if (empty($snmpget)) {
-				ui_print_error_message(__('SNMPget executable does not exist.'));
-			}
-			else {
-				echo "<h4>" . __("Uptime") . "</h4>";
-				echo "<pre>";
-				echo exec ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.3.0 ");
-				echo "</pre>";
-				echo "<h4>" . __("Device info") . "</h4>";
-				echo "<pre>";
-				
-				echo system ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.1.0 ");
-				echo "</pre>";
-				
-				echo "<h4>Interface Information</h4>";
-				echo "<table class=databox>";
-				echo "<tr><th>".__("Interface");
-				echo "<th>".__("Status");
-				
-				$int_max =  exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.1.0 ");
-				
-				for ($ax=0; $ax < $int_max; $ax++) {
-					$interface = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.2.$ax ");
-					$estado = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.8.$ax ");
-					echo "<tr><td>$interface<td>$estado";
+	if(!validate_address($ip)){
+		ui_print_error_message(__('The ip or dns name entered cannot be resolved'));
+	}
+	else{
+		switch($operation) {
+			case 1:
+				$traceroute = whereis_the_command ('traceroute');
+				if (empty($traceroute)) {
+					ui_print_error_message(__('Traceroute executable does not exist.'));
 				}
-				echo "</table>";
-			}
-			break;
+				else {
+					echo "<h3>".__("Traceroute to "). $ip. "</h3>";
+					echo "<pre>";
+					echo system ("$traceroute $ip");
+					echo "</pre>";
+				}
+				break;
+			case 2: 
+				$ping = whereis_the_command ('ping');
+				if (empty($ping)) {
+					ui_print_error_message(__('Ping executable does not exist.'));
+				}
+				else {
+					echo "<h3>" . __("Ping to %s", $ip) . "</h3>";
+					echo "<pre>";
+					echo system ("$ping -c 5 $ip");
+					echo "</pre>";
+				}
+				break;
+			case 4:
+				$nmap = whereis_the_command ('nmap');
+				if (empty($nmap)) {
+					ui_print_error_message(__('Nmap executable does not exist.'));
+				}
+				else {
+					echo "<h3>".__("Basic TCP Scan on "). $ip. "</h3>";
+					echo "<pre>";
+					echo system ("$nmap -F $ip");
+					echo "</pre>";
+				}
+				break;
+			case 5: 
+				echo "<h3>".__("Domain and IP information for "). $ip. "</h3>";
+				
+				$dig = whereis_the_command ('dig');
+				if (empty($dig)) {
+					ui_print_error_message(__('Dig executable does not exist.'));
+				}
+				else {
+					echo "<pre>";
+					echo system ("dig $ip");
+					echo "</pre>";
+				}
+				
+				$whois = whereis_the_command ('whois');
+				if (empty($whois)) {
+					ui_print_error_message(__('Whois executable does not exist.'));
+				}
+				else {
+					echo "<pre>";
+					echo system ("whois $ip");
+					echo "</pre>";
+				}
+				break;
+			case 3:
+				echo "<h3>".__("SNMP information for "). $ip. "</h3>";
+				
+				$snmpget = whereis_the_command ('snmpget');
+				if (empty($snmpget)) {
+					ui_print_error_message(__('SNMPget executable does not exist.'));
+				}
+				else {
+					echo "<h4>" . __("Uptime") . "</h4>";
+					echo "<pre>";
+					echo exec ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.3.0 ");
+					echo "</pre>";
+					echo "<h4>" . __("Device info") . "</h4>";
+					echo "<pre>";
+					
+					echo system ("$snmpget -Ounv -v1 -c $community $ip .1.3.6.1.2.1.1.1.0 ");
+					echo "</pre>";
+					
+					echo "<h4>Interface Information</h4>";
+					echo "<table class=databox>";
+					echo "<tr><th>".__("Interface");
+					echo "<th>".__("Status");
+					
+					$int_max =  exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.1.0 ");
+					
+					for ($ax=0; $ax < $int_max; $ax++) {
+						$interface = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.2.$ax ");
+						$estado = exec ("$snmpget -Oqunv -v1 -c $community $ip .1.3.6.1.2.1.2.2.1.8.$ax ");
+						echo "<tr><td>$interface<td>$estado";
+					}
+					echo "</table>";
+				}
+				break;
+		}
 	}
 	
 	echo "</div>";

pandora_console/godmode/agentes/agent_manager.php

@@ -168,9 +168,6 @@ if(!$new_agent && $alias != ''){
 	}
 }
 
-
-
-
 // Remote configuration available
 if (!$new_agent) {
 	if (isset($filename)) {

pandora_console/godmode/agentes/configurar_agente.php

@@ -151,11 +151,21 @@ $module_macros = array ();
 
 // Create agent
 if ($create_agent) {
+	$mssg_warning = 0;
 	$alias = (string) get_parameter_post("alias",'');
 	$alias_as_name = (int) get_parameter_post("alias_as_name", 0);
 	$direccion_agente = (string) get_parameter_post("direccion",'');
+
+	//safe_output only validate ip
 	$direccion_agente = trim(io_safe_output($direccion_agente));
+		
+	if(!validate_address($direccion_agente)){
+		$mssg_warning = 1;
+	}
+
+	//safe-input before validate ip
 	$direccion_agente = io_safe_input($direccion_agente);
+
 	$nombre_agente = hash("sha256",$alias . "|" .$direccion_agente ."|". time() ."|". sprintf("%04d", rand(0,10000)));
 	$grupo = (int) get_parameter_post ("grupo");
 	$intervalo = (string) get_parameter_post ("intervalo", SECONDS_5MINUTES);
@@ -233,8 +243,8 @@ if ($create_agent) {
 			// Create custom fields for this agent
 			foreach ($field_values as $key => $value) {
 				$update_custom = db_process_sql_insert ('tagent_custom_data',
-				 array('id_field' => $key, 'id_agent' => $id_agente,
-					'description' => $value));
+					array('id_field' => $key, 'id_agent' => $id_agente,
+						'description' => $value));
 			}
 			// Create address for this agent in taddress
 			if ( $direccion_agente != '') {
@@ -637,6 +647,10 @@ if ($create_agent) {
 	ui_print_result_message ($agent_created_ok,
 		__('Successfully created'),
 		$agent_creation_error);
+
+	if($mssg_warning){
+		ui_print_warning_message(__('The ip or dns name entered cannot be resolved'));
+	}
 }
 
 // Fix / Normalize module data
@@ -678,13 +692,22 @@ $update_agent = (bool) get_parameter ('update_agent');
 
 // Update AGENT
 if ($update_agent) { // if modified some agent paramenter
+	$mssg_warning = 0;
 	$id_agente = (int) get_parameter_post ("id_agente");
 	$nombre_agente = str_replace('`','‘',(string) get_parameter_post ("agente", ""));
 	$alias = str_replace('`','‘',(string) get_parameter_post ("alias", ""));
 	$alias_as_name = (int) get_parameter_post ('alias_as_name', 0);
 	$direccion_agente = (string) get_parameter_post ("direccion", '');
+	//safe_output only validate ip
 	$direccion_agente = trim(io_safe_output($direccion_agente));
+	
+	if(!validate_address($direccion_agente)){
+		$mssg_warning = 1;
+	}
+
+	//safe-input before validate ip
 	$direccion_agente = io_safe_input($direccion_agente);
+
 	$address_list = (string) get_parameter_post ("address_list", '');
 	
 	if ($address_list != $direccion_agente &&
@@ -728,7 +751,6 @@ if ($update_agent) { // if modified some agent paramenter
 		$field_values[$field['id_field']] = (string) get_parameter_post ('customvalue_'.$field['id_field'], '');
 	}
 	
-	
 	foreach ($field_values as $key => $value) {
 		$old_value = db_get_all_rows_filter('tagent_custom_data',
 			array('id_agent' => $id_agente, 'id_field' => $key));
@@ -749,6 +771,10 @@ if ($update_agent) { // if modified some agent paramenter
 		}
 	}
 
+	if($mssg_warning){
+		ui_print_warning_message(__('The ip or dns name entered cannot be resolved'));
+	}
+	
 	//Verify if there is another agent with the same name but different ID
 	if ($alias == "") {
 		ui_print_error_message(__('No agent alias specified'));

pandora_console/include/functions.php

@@ -2789,5 +2789,25 @@ function register_pass_change_try ($id_user, $success) {
 	$values['success'] = $success;
 	db_process_sql_insert('treset_pass_history', $values);
 }
-
+/**
+ * returns true or false if it is a valid ip 
+ * checking ipv4 and ipv6 or resolves the name dns
+ * @param string address
+ *
+*/
+function validate_address($address){
+	if($address){
+		if(!filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+			if(!filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+				$ip_address_dns = gethostbyname($address);
+				if(!filter_var($ip_address_dns, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+					if(!filter_var($ip_address_dns, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+						return false;
+					}
+				}
+			}
+		}
+	}
+	return true;
+}
 ?>