tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-04-08 18:55:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' into ent-12042-16242-cambiar-el-uso-de-chkconfig-para-dependencias-de-agentes-en-rhel9

Browse Source
This commit is contained in:
rafael 2024-02-05 10:03:01 +01:00
commit 9c9dabcfa7
28 changed files with 500 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pandora_console/extensions/grafana/query.php
View File

@ -23,6 +23,9 @@ if ($headers['Authorization']) {
list($user, $password) = explode(':', base64_decode($headers['Authorization']));
// Prevent sql injection.
$user = mysqli_real_escape_string($config['dbconnection'], $user);
// Check user login
$user_in_db = process_user_login($user, $password, true);

3
pandora_console/extensions/grafana/search.php
View File

@ -24,6 +24,9 @@ if ($headers['Authorization']) {
list($user, $password) = explode(':', base64_decode($headers['Authorization']));
// Prevent sql injection.
$user = mysqli_real_escape_string($config['dbconnection'], $user);
// Check user login
$user_in_db = process_user_login($user, $password, true);

2
pandora_console/extras/mr/68.sql
View File

@ -56,5 +56,7 @@ ADD COLUMN `id_agent_data` int not null default 0 AFTER `script_type`;
ALTER TABLE `tusuario` CHANGE COLUMN `metaconsole_data_section` `metaconsole_data_section` TEXT NOT NULL DEFAULT '' ;
ALTER TABLE `tmensajes` ADD COLUMN `icon_notification` VARCHAR(250) NULL DEFAULT NULL AFTER `url`;
UPDATE `tncm_template` SET `vendors` = CONCAT('["', TRIM(BOTH '"' FROM TRIM(BOTH ']' FROM TRIM(BOTH '[' FROM vendors))), '"]'), `models` = CONCAT('["', TRIM(BOTH '"' FROM TRIM(BOTH ']' FROM TRIM(BOTH '[' FROM models))), '"]');
UPDATE `tncm_agent_data_template` SET `vendors` = CONCAT('["', TRIM(BOTH '"' FROM TRIM(BOTH ']' FROM TRIM(BOTH '[' FROM vendors))), '"]'), `models` = CONCAT('["', TRIM(BOTH '"' FROM TRIM(BOTH ']' FROM TRIM(BOTH '[' FROM models))), '"]');
COMMIT;

33
pandora_console/general/header.php
View File

@ -1021,11 +1021,14 @@ echo sprintf('<div id="header_table" class="header_table_%s">', $menuTypeClass);
modal: {
title: "<?php echo __('Welcome to').' '.io_safe_output(get_product_name()); ?>",
cancel: '<?php echo __('Do not show anymore'); ?>',
ok: '<?php echo __('Close'); ?>'
ok: '<?php echo __('Close'); ?>',
overlay: true,
overlayExtraClass: 'welcome-overlay',
},
onshow: {
page: 'include/ajax/welcome_window',
method: 'loadWelcomeWindow',
width: 1000,
},
oncancel: {
page: 'include/ajax/welcome_window',
@ -1043,6 +1046,34 @@ echo sprintf('<div id="header_table" class="header_table_%s">', $menuTypeClass);
}
})
}
},
onload: () => {
$(document).ready(function () {
var buttonpane = $("div[aria-describedby='welcome_modal_window'] .ui-dialog-buttonpane.ui-widget-content.ui-helper-clearfix");
$(buttonpane).append(`
<div class="welcome-wizard-buttons">
<label>
<input type="checkbox" class="welcome-wizard-do-not-show" value="1" />
<?php echo __('Do not show anymore'); ?>
</label>
<button class="close-wizard-button"><?php echo __('Close wizard'); ?></button>
</div>
`);
var closeWizard = $("button.close-wizard-button");
$(closeWizard).click(function (e) {
var close = $("div[aria-describedby='welcome_modal_window'] button.sub.ok.submit-next.ui-button");
var cancel = $("div[aria-describedby='welcome_modal_window'] button.sub.upd.submit-cancel.ui-button");
var checkbox = $("div[aria-describedby='welcome_modal_window'] .welcome-wizard-do-not-show:checked").length;
if (checkbox === 1) {
$(cancel).click();
} else {
$(close).click()
}
});
});
}
});
});

16
pandora_console/godmode/agentes/agent_manager.php
View File

@ -507,14 +507,16 @@ if (enterprise_installed()) {
// Read configuration file.
$files = config_agents_get_agent_config_filenames($id_agente);
$file_name = $files['conf'];
$agent_config = file_get_contents($file_name);
$encoding = 'UTF-8';
$agent_config_utf8 = mb_convert_encoding($agent_config, 'UTF-8', $encoding);
if ($agent_config_utf8 !== false) {
$agent_config = $agent_config_utf8;
}
if (empty($file_name) === false) {
$agent_config = file_get_contents($file_name);
$encoding = 'UTF-8';
$agent_config_utf8 = mb_convert_encoding($agent_config, 'UTF-8', $encoding);
if ($agent_config_utf8 !== false) {
$agent_config = $agent_config_utf8;
}
$broker = str_contains($agent_config, '#broker active');
$broker = str_contains($agent_config, '#broker active');
}
}
if ($broker === false) {

2
pandora_console/godmode/agentes/module_manager.php
View File

@ -575,7 +575,7 @@ $where = sprintf('delete_pending = 0 AND id_agente = %s', $id_agente);
$search_string_entities = io_safe_input($search_string);
$basic_where = sprintf(
"(REPLACE(nombre, '&#x20;', ' ') LIKE '%%%s%%' OR REPLACE(nombre, '&#x20;', ' ') LIKE '%%%s%%' OR REPLACE(descripcion, '&#x20;', ' ') LIKE '%%%s%%' OR REPLACE(descripcion, '&#x20;', ' ') LIKE '%%%s%%') AND",
"(nombre LIKE '%%%s%%' OR nombre LIKE '%%%s%%' OR descripcion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%') AND",
$search_string,
$search_string_entities,
$search_string,

47
pandora_console/godmode/menu.php
View File

@ -518,7 +518,18 @@ if ($access_console_node === true) {
}
if ((bool) check_acl($config['id_user'], 0, 'PM') === true || (bool) check_acl($config['id_user'], 0, 'DM') === true) {
if ((bool) check_acl($config['id_user'], 0, 'AW') === true) {
$show_ipam = false;
$ipam = db_get_all_rows_sql('SELECT users_operator FROM tipam_network');
foreach ($ipam as $row) {
if (str_contains($row['users_operator'], '-1') || str_contains($row['users_operator'], $config['id_user'])) {
$show_ipam = true;
break;
}
}
}
if ((bool) check_acl($config['id_user'], 0, 'PM') === true || (bool) check_acl($config['id_user'], 0, 'DM') === true || $show_ipam === true) {
$menu_godmode['gextensions']['text'] = __('Admin tools');
$menu_godmode['gextensions']['sec2'] = 'godmode/extensions';
$menu_godmode['gextensions']['id'] = 'god-extensions';
@ -535,8 +546,6 @@ if ((bool) check_acl($config['id_user'], 0, 'PM') === true || (bool) check_acl($
$sub['tools/diagnostics']['text'] = __('Diagnostic info');
$sub['tools/diagnostics']['id'] = 'diagnostic_info';
enterprise_hook('omnishell');
enterprise_hook('ipam_submenu');
$sub['godmode/setup/news']['text'] = __('Site news');
$sub['godmode/setup/news']['id'] = 'site_news';
}
@ -558,9 +567,15 @@ if ((bool) check_acl($config['id_user'], 0, 'PM') === true || (bool) check_acl($
}
}
$sub['godmode/events/configuration_sounds']['text'] = __('Acoustic console setup');
$sub['godmode/events/configuration_sounds']['id'] = 'Acoustic console setup';
$sub['godmode/events/configuration_sounds']['pages'] = ['godmode/events/configuration_sounds'];
if (((bool) check_acl($config['id_user'], 0, 'PM') === true && $access_console_node === true) || $show_ipam === true) {
enterprise_hook('ipam_submenu');
}
if ((bool) check_acl($config['id_user'], 0, 'PM') === true || (bool) check_acl($config['id_user'], 0, 'DM') === true) {
$sub['godmode/events/configuration_sounds']['text'] = __('Acoustic console setup');
$sub['godmode/events/configuration_sounds']['id'] = 'Acoustic console setup';
$sub['godmode/events/configuration_sounds']['pages'] = ['godmode/events/configuration_sounds'];
}
$menu_godmode['gextensions']['sub'] = $sub;
}
@ -638,16 +653,18 @@ if ($access_console_node === true) {
}
// Complete the submenu.
$extension_view = [];
$extension_view['godmode/extensions']['id'] = 'extension_manager_view';
$extension_view['godmode/extensions']['text'] = __('Extension manager view');
$extension_submenu = array_merge($extension_view, $sub2);
if (users_is_admin($config['id_user']) === true) {
$extension_view = [];
$extension_view['godmode/extensions']['id'] = 'extension_manager_view';
$extension_view['godmode/extensions']['text'] = __('Extension manager view');
$extension_submenu = array_merge($extension_view, $sub2);
$sub['godmode/extensions']['sub2'] = $extension_submenu;
$sub['godmode/extensions']['text'] = __('Extension manager');
$sub['godmode/extensions']['id'] = 'extension_manager';
$sub['godmode/extensions']['type'] = 'direct';
$sub['godmode/extensions']['subtype'] = 'nolink';
$sub['godmode/extensions']['sub2'] = $extension_submenu;
$sub['godmode/extensions']['text'] = __('Extension manager');
$sub['godmode/extensions']['id'] = 'extension_manager';
$sub['godmode/extensions']['type'] = 'direct';
$sub['godmode/extensions']['subtype'] = 'nolink';
}
if (is_array($menu_godmode['gextensions']['sub']) === true) {
$submenu = array_merge($menu_godmode['gextensions']['sub'], $sub);

112
pandora_console/godmode/setup/setup_general.php
View File

@ -960,60 +960,6 @@ echo '<legend>'.__('Mail configuration').'</legend>';
);
echo '</form>';
/**
* Print the modal window for the summary of each alerts group
*
* @param string $id Id.
*
* @return void
*/
function print_email_test_modal_window($id)
{
// Email config table.
$table_mail_test = new stdClass();
$table_mail_test->width = '100%';
$table_mail_test->class = 'filter-table-adv';
$table_mail_test->data = [];
$table_mail_test->data[0][] = html_print_label_input_block(
__('Address'),
html_print_input_text(
'email_test_address',
'',
'',
35,
100,
true
)
);
$table_mail_test->data[1][] = '&nbsp&nbsp<span id="email_test_sent_message" class="invisible"><b>Email sent</b></span><span id="email_test_failure_message" class=invisible"><b>Email could not be sent</b></span>';
// $table_mail_test->colspan[2][0] = 2;
$submitButton = html_print_div(
[
'class' => 'action-buttons-right-forced',
'content' => html_print_button(
__('Send'),
'email_test',
false,
'',
[
'icon' => 'cog',
'mode' => 'mini',
],
true
),
],
true
);
echo '<div id="email_test_'.$id.'" title="'.__('Check mail configuration').'" class="invisible">'.html_print_table($table_mail_test, true).$submitButton.'</div>';
}
?>
<script type="text/javascript">
function show_timezone () {
@ -1033,62 +979,6 @@ function show_timezone () {
});
}
function show_email_test(id) {
$('#email_test_sent_message').hide();
$('#email_test_failure_message').hide();
$("#email_test_"+id).dialog({
resizable: true,
draggable: true,
modal: true,
width: 450,
overlay: {
opacity: 0.5,
background: "black"
}
});
}
function perform_email_test () {
$('#email_test_sent_message').hide();
$('#email_test_failure_message').hide();
var test_address = $('#text-email_test_address').val();
params = {
email_smtpServer : $('#text-email_smtpServer').val(),
email_smtpPort : $('#text-email_smtpPort').val(),
email_username : $('#text-email_username').val(),
email_password : $('#password-email_password').val(),
email_encryption : $( "#email_encryption option:selected" ).val(),
email_from_dir : $('#text-email_from_dir').val(),
email_from_name : $('#text-email_from_name').val()
};
$.ajax({
type: "POST",
url: "ajax.php",
data : {
page: "godmode/setup/setup_general",
test_address: test_address,
params: params
},
dataType: "json",
success: function(data) {
if (parseInt(data) === 1) {
$('#email_test_sent_message').show();
$('#email_test_failure_message').hide();
} else {
$('#email_test_failure_message').show();
$('#email_test_sent_message').hide();
}
},
error: function() {
$('#email_test_failure_message').show();
$('#email_test_sent_message').hide();
},
});
}
$(document).ready (function () {
$("#zone").attr("hidden", true);
@ -1146,8 +1036,6 @@ $(document).ready (function () {
}
})
$('#button-email_test').click(perform_email_test);
$("#right_iblacklist").click (function () {
jQuery.each($("select[name='inventory_changes_blacklist_out[]'] option:selected"), function (key, value) {
imodule_name = $(value).html();

2
pandora_console/godmode/users/configure_user.php
View File

@ -770,7 +770,7 @@ if ($update_user) {
$id_user = (string) get_parameter('id_user', '');
if ($password_new != '') {
if ($config['auth'] !== 'mysql') {
if ($config['auth'] !== 'mysql' && $values['local_user'] === false) {
ui_print_error_message(__('It is not possible to change the password because external authentication is being used'));
} else {
$correct_password = false;

32
pandora_console/include/class/ConsoleSupervisor.php
View File

@ -1671,6 +1671,10 @@ class ConsoleSupervisor
ini_get('upload_max_filesize')
);
$PHPpost_max_size = config_return_in_bytes(
ini_get('post_max_size')
);
// PHP configuration.
$PHPmax_input_time = ini_get('max_input_time');
$PHPmemory_limit = config_return_in_bytes(ini_get('memory_limit'));
@ -1678,6 +1682,7 @@ class ConsoleSupervisor
$PHPsafe_mode = ini_get('safe_mode');
$PHPdisable_functions = ini_get('disable_functions');
$PHPupload_max_filesize_min = config_return_in_bytes('800M');
$PHPpost_max_size_min = config_return_in_bytes('800M');
$PHPmemory_limit_min = config_return_in_bytes('800M');
$PHPSerialize_precision = ini_get('serialize_precision');
@ -1728,7 +1733,7 @@ class ConsoleSupervisor
'message' => sprintf(
__('Recommended value is %s'),
'-1 ('.__('Unlimited').')'
).'<br><br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Do not forget to restart Apache process after)'),
).'<br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Do not forget to restart Apache process after)'),
'url' => $url,
'icon_notification' => self::ICON_INFORMATION,
]
@ -1753,7 +1758,7 @@ class ConsoleSupervisor
'message' => sprintf(
__('Recommended value is: %s'),
'0 ('.__('Unlimited').')'
).'<br><br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
).'<br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
'url' => $url,
'icon_notification' => self::ICON_INFORMATION,
]
@ -1778,7 +1783,7 @@ class ConsoleSupervisor
'message' => sprintf(
__('Recommended value is: %s'),
sprintf(__('%s or greater'), '800M')
).'<br><br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
).'<br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
'url' => $url,
'icon_notification' => self::ICON_INFORMATION,
]
@ -1808,7 +1813,7 @@ class ConsoleSupervisor
'message' => sprintf(
__('Recommended value is: %s'),
sprintf(__('%s or greater'), $recommended_memory)
).'<br><br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator'),
).'<br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator'),
'url' => $url,
'icon_notification' => self::ICON_INFORMATION,
]
@ -1915,6 +1920,25 @@ class ConsoleSupervisor
} else {
$this->cleanNotifications('NOTIF.PHP.VERSION.SUPPORT');
}
if ($PHPpost_max_size < $PHPpost_max_size_min && (int) $PHPpost_max_size !== -1) {
$url = 'https://www.php.net/manual/en/ini.core.php#ini.post-max-size';
$this->notify(
[
'type' => 'NOTIF.PHP.POST_MAX_SIZE',
'title' => __('PHP POST MAX SIZE'),
'message' => sprintf(
__('Recommended value is: %s'),
sprintf(__('%sM or greater'), ($PHPpost_max_size_min / 1024 / 1024))
).'<br>'.__('Please, change it on your PHP configuration file (php.ini) or contact with administrator'),
'url' => $url,
'icon_notification' => self::ICON_HEADSUP,
]
);
} else {
$this->cleanNotifications('NOTIF.PHP.POST_MAX_SIZE');
}
}

43
pandora_console/include/class/Diagnostics.class.php
View File

@ -483,7 +483,7 @@ class Diagnostics extends Wizard
],
'isEnterprise' => [
'name' => __('Enterprise installed'),
'value' => (enterprise_installed()) ? __('true') : __('false'),
'value' => $this->getStatusLicense(),
],
'customerKey' => [
'name' => __('Update Key'),
@ -505,6 +505,29 @@ class Diagnostics extends Wizard
}
/**
* Return status of license.
*
* @return string
*/
private function getStatusLicense():string
{
global $config;
if (enterprise_installed() === true) {
if (isset($config['license_mode'])
&& (int) $config['license_mode'] === 1
) {
return __('FREE/TRIAL');
} else {
return __('LICENSED');
}
} else {
return __('OpenSource');
}
}
/**
* PHP Status.
*
@ -517,23 +540,31 @@ class Diagnostics extends Wizard
$result = [
'error' => false,
'data' => [
'phpVersion' => [
'phpVersion' => [
'name' => __('PHP Version'),
'value' => phpversion(),
],
'maxExecutionTime' => [
'maxExecutionTime' => [
'name' => __('PHP Max execution time'),
'value' => ini_get('max_execution_time'),
],
'maxInputTime' => [
'maxInputTime' => [
'name' => __('PHP Max input time'),
'value' => ini_get('max_input_time'),
],
'memoryLimit' => [
'memoryLimit' => [
'name' => __('PHP Memory limit'),
'value' => ini_get('memory_limit'),
],
'sessionLifetime' => [
'postMaxSize' => [
'name' => __('PHP Post max size'),
'value' => ini_get('post_max_size'),
],
'uploadMaxFilesize' => [
'name' => __('PHP Upload max file size'),
'value' => ini_get('upload_max_filesize'),
],
'sessionLifetime' => [
'name' => __('Session cookie lifetime'),
'value' => ini_get('session.cookie_lifetime'),
],

1
pandora_console/include/class/ExtensionsDiscovery.class.php
View File

@ -452,6 +452,7 @@ class ExtensionsDiscovery extends Wizard
*/
public function run()
{
ui_require_javascript_file('select2.min');
ui_require_javascript_file('extensions_discovery');
$_iniFile = $this->loadIni();
if ($_iniFile === false) {

15
pandora_console/include/functions_api.php
View File

@ -3683,6 +3683,7 @@ function api_set_create_network_module($id, $thrash1, $other, $thrash3)
'warning_inverse' => $other['data'][29],
'ff_type' => $other['data'][30],
'ignore_unknown' => $other['data'][32],
'warning_time' => $other['data'][33],
];
if (! $values['descripcion']) {
@ -3848,6 +3849,7 @@ function api_set_update_network_module($id_module, $thrash1, $other, $thrash3)
'policy_linked',
'ff_type',
'ignore_unknown',
'warning_time',
];
$values = [];
@ -3962,6 +3964,7 @@ function api_set_create_plugin_module($id, $thrash1, $other, $thrash3)
'warning_inverse' => $other['data'][34],
'ff_type' => $other['data'][35],
'ignore_unknown' => $other['data'][37],
'warning_time' => $other['data'][38],
];
$plugin = db_get_row('tplugin', 'id', $values['id_plugin']);
@ -4124,6 +4127,7 @@ function api_set_update_plugin_module($id_module, $thrash1, $other, $thrash3)
'policy_linked',
'ff_type',
'ignore_unknown',
'warning_time',
];
$values = [];
@ -4251,6 +4255,7 @@ function api_set_create_data_module($id, $thrash1, $other, $thrash3)
'warning_inverse' => $other['data'][25],
'ff_type' => $other['data'][26],
'ignore_unknown' => $other['data'][27],
'warning_time' => $other['data'][28],
];
if (! $values['descripcion']) {
@ -4774,6 +4779,7 @@ function api_set_update_data_module($id_module, $thrash1, $other, $thrash3)
'policy_linked',
'ff_type',
'ignore_unknown',
'warning_time',
];
$values = [];
@ -4915,6 +4921,7 @@ function api_set_create_snmp_module($id, $thrash1, $other, $thrash3)
'min_ff_event_critical' => $other['data'][33],
'ff_type' => $other['data'][34],
'ignore_unknown' => $other['data'][36],
'warning_time' => $other['data'][37],
];
} else {
$values = [
@ -4948,6 +4955,7 @@ function api_set_create_snmp_module($id, $thrash1, $other, $thrash3)
'min_ff_event_critical' => $other['data'][27],
'ff_type' => $other['data'][28],
'ignore_unknown' => $other['data'][29],
'warning_time' => $other['data'][30],
];
}
@ -5117,6 +5125,7 @@ function api_set_update_snmp_module($id_module, $thrash1, $other, $thrash3)
'policy_linked',
'ff_type',
'ignore_unknown',
'warning_time',
];
} else {
$snmp_module_fields = [
@ -5150,6 +5159,7 @@ function api_set_update_snmp_module($id_module, $thrash1, $other, $thrash3)
'policy_linked',
'ff_type',
'ignore_unknown',
'warning_time',
];
}
@ -7992,6 +8002,7 @@ function api_set_update_data_module_policy($id, $thrash1, $other, $thrash3)
'disabled_types_event',
'module_macros',
'ignore_unknown',
'warning_time',
];
$cont = 0;
@ -8234,6 +8245,7 @@ function api_set_update_network_module_policy($id, $thrash1, $other, $thrash3)
'disabled_types_event',
'module_macros',
'ignore_unknown',
'warning_time',
];
$cont = 0;
@ -8478,6 +8490,7 @@ function api_set_update_plugin_module_policy($id, $thrash1, $other, $thrash3)
'macros',
'module_macros',
'ignore_unknown',
'warning_time',
];
$cont = 0;
@ -8961,6 +8974,7 @@ function api_set_update_snmp_module_policy($id, $thrash1, $other, $thrash3)
'plugin_user',
'plugin_pass',
'ignore_unknown',
'warning_time',
];
} else {
$fields_snmp_module = [
@ -8986,6 +9000,7 @@ function api_set_update_snmp_module_policy($id, $thrash1, $other, $thrash3)
'custom_id',
'description',
'ignore_unknown',
'warning_time',
];
}

49
pandora_console/include/functions_html.php
View File

@ -7691,3 +7691,52 @@ function html_print_wizard_diagnosis(
echo $output;
}
}
/**
* Print the modal window for the summary of each alerts group
*
* @param string $id Id.
*
* @return void
*/
function print_email_test_modal_window($id)
{
// Email config table.
$table_mail_test = new stdClass();
$table_mail_test->width = '100%';
$table_mail_test->class = 'filter-table-adv';
$table_mail_test->data = [];
$table_mail_test->data[0][] = html_print_label_input_block(
__('Address'),
html_print_input_text(
'email_test_address',
'',
'',
35,
100,
true
)
);
$table_mail_test->data[1][] = '&nbsp&nbsp<span id="email_test_sent_message" class="invisible"><b>Email sent</b></span><span id="email_test_failure_message" class=invisible"><b>Email could not be sent</b></span>';
// $table_mail_test->colspan[2][0] = 2;
$submitButton = html_print_div(
[
'class' => 'action-buttons-right-forced',
'content' => html_print_button(
__('Send'),
'email_test',
false,
'perform_email_test()',
[
'icon' => 'cog',
'mode' => 'mini',
],
true
),
],
true
);
echo '<div id="email_test_'.$id.'" title="'.__('Check mail configuration').'" class="invisible">'.html_print_table($table_mail_test, true).$submitButton.'</div>';
}

16
pandora_console/include/functions_menu.php
View File

@ -1230,6 +1230,22 @@ if (is_ajax()) {
<p style="font-size: 10pt;">'.$php_sys->data->memoryLimit->value.'</p>
</th>
</tr>
<tr>
<th style="width: 35%;">
<p><span>'.$php_sys->data->postMaxSize->name.'</span></p>
</th>
<th style="width: 65%;">
<p style="font-size: 10pt;">'.$php_sys->data->postMaxSize->value.'</p>
</th>
</tr>
<tr>
<th style="width: 35%;">
<p><span>'.$php_sys->data->uploadMaxFilesize->name.'</span></p>
</th>
<th style="width: 65%;">
<p style="font-size: 10pt;">'.$php_sys->data->uploadMaxFilesize->value.'</p>
</th>
</tr>
<tr>
<th style="width: 35%;">
<p><span>'.$php_sys->data->sessionLifetime->name.'</span></p>

47
pandora_console/include/functions_netflow.php
View File

@ -2404,3 +2404,50 @@ function netflow_build_map_data($start_date, $end_date, $top, $aggregate, $advan
array_merge($relations, $orphan_hosts)
);
}
/**
* Run whois command and return all results as array.
*
* @param integer $ip Ip for search info with command whois.
*
* @return array
*/
function command_whois($ip)
{
$command = 'whois '.$ip;
$result = '';
exec($command, $result);
if (empty($result) === false && is_array($result) === true) {
$resultArray = parse_whois_output($result);
} else {
$resultArray = [];
}
return $resultArray;
}
/**
* Parse the result of command whois to array.
*
* @param array $lines Lines result of command whois.
*
* @return array
*/
function parse_whois_output($lines)
{
$resultArray = [];
if (is_array($lines) === true) {
foreach ($lines as $line) {
$parts = explode(':', $line, 2);
if (count($parts) === 2 && strpos($line, '#') !== 0) {
$key = trim($parts[0]);
$value = trim($parts[1]);
$resultArray[$key] = $value;
}
}
}
return $resultArray;
}

1
pandora_console/include/functions_notifications.php
View File

@ -133,6 +133,7 @@ function notifications_get_subtypes(?string $source=null)
'NOTIF.PHP.INPUT_TIME',
'NOTIF.PHP.EXECUTION_TIME',
'NOTIF.PHP.UPLOAD_MAX_FILESIZE',
'NOTIF.PHP.POST_MAX_SIZE',
'NOTIF.PHP.MEMORY_LIMIT',
'NOTIF.PHP.DISABLE_FUNCTIONS',
'NOTIF.PHP.CHROMIUM',

19
pandora_console/include/functions_update_manager.php
View File

@ -98,25 +98,6 @@ function update_manager_get_current_package()
}
/**
* Check if a trial license is in use.
*
* @return boolean true if a trial license is in use, false otherwise.
*/
function update_manager_verify_trial()
{
global $config;
if (isset($config['license_licensed_to'])
&& strstr($config['license_licensed_to'], 'info@pandorafms.com') !== false
) {
return true;
}
return false;
}
/**
* Checks if there are packages available to be installed.
*

2
pandora_console/include/functions_visual_map.php
View File

@ -3791,7 +3791,7 @@ function visual_map_get_user_layouts(
$retval = [];
foreach ($layouts as $layout) {
if ($only_names) {
$retval[$layout['id']] = $layout['name'];
$retval[$layout['id']] = io_safe_output($layout['name']);
} else {
$retval[$layout['id']] = $layout;
}

2
pandora_console/include/javascript/extensions_discovery.js
View File

@ -4,7 +4,7 @@ $(document).ready(() => {
$("#_credentials_").select2({
closeOnSelect: true
});
var interval;
if (interval === "0") {
setTimeout(() => {
$("#mode_interval")

57
pandora_console/include/javascript/pandora.js
View File

@ -2621,3 +2621,60 @@ function christmas_click(flagEasternEgg) {
}, 120000);
}
}
function perform_email_test() {
$("#email_test_sent_message").hide();
$("#email_test_failure_message").hide();
var test_address = $("#text-email_test_address").val();
var params = {
email_smtpServer: $("#text-email_smtpServer").val(),
email_smtpPort: $("#text-email_smtpPort").val(),
email_username: $("#text-email_username").val(),
email_password: $("#password-email_password").val(),
email_encryption: $("#email_encryption option:selected").val(),
email_from_dir: $("#text-email_from_dir").val(),
email_from_name: $("#text-email_from_name").val()
};
$.ajax({
type: "POST",
url: "ajax.php",
data: {
page: "godmode/setup/setup_general",
test_address: test_address,
params: params
},
dataType: "json",
success: function(data) {
if (parseInt(data) === 1) {
$("#email_test_sent_message").show();
$("#email_test_failure_message").hide();
} else {
console.log($("#email_test_failure_message"));
$("#email_test_failure_message").show();
$("#email_test_sent_message").hide();
}
},
error: function() {
$("#email_test_failure_message").show();
$("#email_test_sent_message").hide();
}
});
}
function show_email_test(id) {
$("#email_test_sent_message").hide();
$("#email_test_failure_message").hide();
$("#email_test_" + id).dialog({
resizable: true,
draggable: true,
modal: true,
width: 450,
overlay: {
opacity: 0.5,
background: "black"
}
});
}

9
pandora_console/include/lib/Dashboard/Manager.php
View File

@ -311,6 +311,15 @@ class Manager implements PublicLogin
if ($this->dashboardId !== 0) {
$this->dashboardFields = $this->get();
if ($this->deleteDashboard === false && is_array($this->dashboardFields) === true && count($this->dashboardFields) === 0) {
db_pandora_audit(
AUDIT_LOG_HACK_ATTEMPT,
'Trying to access to dashboard that not exist'
);
include 'general/noaccess.php';
exit;
}
$this->cells = Cell::getCells($this->dashboardId);
}

64
pandora_console/operation/network/network_report.php
View File

@ -41,7 +41,10 @@ if (! check_acl($config['id_user'], 0, 'AR')) {
// Ajax callbacks.
if (is_ajax() === true) {
include_once $config['homedir'].'/include/functions_netflow.php';
$get_filter_values = get_parameter('get_filter_values', 0);
$whois = (bool) get_parameter('whois', 0);
// Get values of the current network filter.
if ($get_filter_values) {
$id = get_parameter('id');
@ -51,6 +54,34 @@ if (is_ajax() === true) {
echo json_encode($filter_values);
}
if ($whois) {
$ip = get_parameter('ip');
$info = command_whois($ip);
$output = '';
if (is_array($info) === true && count($info) > 0) {
$table = new \stdClass();
$table->class = 'details_table dataTable info_table';
$table->data = [];
$row = 0;
foreach ($info as $key => $value) {
$table->data[$row][0] = $key;
$table->data[$row][1] = $value;
$row++;
}
$output = html_print_table($table, true);
} else {
$output = ui_print_info_message(__('No data found'));
}
html_print_div(
[
'content' => $output,
'style' => 'max-height: 600px;',
],
);
}
return;
}
@ -462,6 +493,7 @@ foreach ($data as $item) {
array_merge($hidden_main_link, ['main_value' => $item['host']]),
'image'
);
$row['main'] .= html_print_input_image('whois', 'images/eye.png', 'whois', '', true, ['onclick' => 'whois(\''.$item['host'].'\')']);
}
$row['main'] .= '</div>';
@ -572,6 +604,13 @@ html_print_div(
'style' => 'position: initial;',
]
);
html_print_div(
[
'id' => 'modal_whois',
'class' => 'invisible',
]
);
?>
<script>
$(document).ready(function(){
@ -654,4 +693,29 @@ function nf_view_click_period() {
document.getElementById('period_container').style.display = !is_period ? 'none' : 'flex';
document.getElementById('end_date_container').style.display = is_period ? 'none' : 'flex';
}
function whois(ip) {
load_modal({
target: $('#modal_whois'),
url: '<?php echo ui_get_full_url('ajax.php', false, false, false); ?>',
modal: {
title: '<?php echo __('Details'); ?>',
ok: '<?php echo __('Ok'); ?>',
},
extradata: [
{
name: "ip",
value: ip,
},
{
name: "whois",
value: 1,
}
],
onshow: {
page: '<?php echo $config['homedir'].'/operation/network/network_report'; ?>',
width: 800,
}
});
}
</script>

7
pandora_console/update_manager_client/lib/UpdateManager/Client.php
View File

@ -2383,7 +2383,7 @@ class Client
// Retrieve package from UMS.
$this->notify(0, 'Downloading server update '.$version);
$this->post(
$package = $this->post(
[
'action' => 'get_server_package',
'arguments' => ['version' => $version],
@ -2407,6 +2407,11 @@ class Client
return false;
}
if (empty($package) === true) {
$this->lastError = 'Error on Package from UMS';
return false;
}
if ($this->propagateUpdates === true) {
$this->saveSignature(
$signature,

22
pandora_server/conf/tentacle_server.conf.new
View File

@ -5,10 +5,10 @@
# Tentacle have IANA assigned port tpc/41121 as official port.
##########################################################################
# [-a] IPv4 address to listen on. Several IPs cam be selected separating if by comma.
# [-a] IPv4 address to listen on. Several IP adresses can be selected separated by commas.
addresses 0.0.0.0
# [-p] Port to listen on
# [-p] Port number to listen on.
port 41121
# [-c] Maximum number of simultaneous connections
@ -17,19 +17,19 @@ port 41121
# [-d] Run as daemon. 1 true, 0 false
daemon 1
# [-i] Enable insecure mode
# insecure 0
# [-I] Enable insecure mode. 1 true, 0 false.
#insecure 0
# Filters (regexp:dir;regexp:dir...)
# [-i] Filters (regexp:dir;regexp:dir...).
filters .*\.conf:conf;.*\.md5:md5;.*\.zip:collections;.*\.lock:trans;.*\.rcmd:commands
# [-m] Maximum file size allowed by the server in bytes
#max_size 2000000
# max_size 2000000
# [-o] Accept files with a repeated name
# [-o] Accept files with a repeated name. 1 true, 0 false.
# overwrite 0
# [-q] Do not output error messages.
# [-q] No output error messages. 1 true, 0 false.
# quiet 0
# [-r] Number of retries for socket read/write operations
@ -38,10 +38,10 @@ filters .*\.conf:conf;.*\.md5:md5;.*\.zip:collections;.*\.lock:trans;.*\.rcmd:co
# [-s] Storage directory
directory /var/spool/pandora/data_in
# [-b] Address to proxy client requests to
# [-b] IP address proxy client requests to.
# proxy_ip 127.0.0.1
# [-g] Port to proxy client requests to
# [-g] Port number proxy client requests to.
# proxy_port 41121
# [-t] Timeout for socket read/write operations in seconds
@ -71,5 +71,5 @@ log_file /dev/null
# [-w] SSL password. Set to 1 to ask for password by command line
# ssl_password 0
# [-T] Use libwrap library (Authen::Libwrap perl module)
# [-T] Use libwrap library (Authen::Libwrap perl module). 1 true, 0 false.
# use_libwrap 0

61
pandora_server/util/pandora_manage.pl
View File

@ -145,12 +145,12 @@ sub help_screen{
help_screen_line('--agent_update_custom_fields', '<id_agent> <type_field> <field_to_change> <new_value>', "Update an agent custom field. The fields can be \n\t the following: Serial number, Department ... and types can be 0 text and 1 combo ");
print "\nMODULES:\n\n" unless $param ne '';
help_screen_line('--create_data_module', "<module_name> <module_type> <agent_name> [<description> <module_group> \n\t <min> <max> <post_process> <interval> <warning_min> <warning_max> <critical_min> <critical_max> \n\t <history_data> <definition_file> <warning_str> <critical_str>\n\t <unknown_events> <ff_threshold> <each_ff> <ff_threshold_normal>\n\t <ff_threshold_warning> <ff_threshold_critical> <ff_timeout> <warning_inverse> <critical_inverse>\n\t <critical_instructions> <warning_instructions> <unknown_instructions> <use_alias> <ignore_unknown>]", 'Add data server module to agent');
help_screen_line('--create_web_module', "<module_name> <module_type> <agent_name> [<description> <module_group> \n\t <min> <max> <post_process> <interval> <warning_min> <warning_max> <critical_min> <critical_max> \n\t <history_data> <retries> <requests> <agent_browser_id> <auth_server> <auth_realm> <definition_file>\n\t <proxy_url> <proxy_auth_login> <proxy_auth_password> <warning_str> <critical_str>\n\t <unknown_events> <ff_threshold> <each_ff> <ff_threshold_normal>\n\t <ff_threshold_warning> <ff_threshold_critical> <ff_timeout> <warning_inverse> <critical_inverse>\n\t <critical_instructions> <warning_instructions> <unknown_instructions> <use_alias> <ignore_unknown>].\n\t The valid data types are web_data, web_proc, web_content_data or web_content_string", 'Add web server module to agent');
help_screen_line('--create_network_module', "<module_name> <module_type> <agent_name> <module_address> \n\t [<module_port> <description> <module_group> <min> <max> <post_process> <interval> \n\t <warning_min> <warning_max> <critical_min> <critical_max> <history_data> <ff_threshold>\n\t <warning_str> <critical_str> <unknown_events> <each_ff>\n\t <ff_threshold_normal> <ff_threshold_warning> <ff_threshold_critical> <timeout> <retries>\n\t <critical_instructions> <warning_instructions> <unknown_instructions>\n\t <warning_inverse> <critical_inverse> <use_alias> <ignore_unknown>]", 'Add not snmp network module to agent');
help_screen_line('--create_data_module', "<module_name> <module_type> <agent_name> [<description> <module_group> \n\t <min> <max> <post_process> <interval> <warning_min> <warning_max> <critical_min> <critical_max> \n\t <history_data> <definition_file> <warning_str> <critical_str>\n\t <unknown_events> <ff_threshold> <each_ff> <ff_threshold_normal>\n\t <ff_threshold_warning> <ff_threshold_critical> <ff_timeout> <warning_inverse> <critical_inverse>\n\t <critical_instructions> <warning_instructions> <unknown_instructions> <use_alias> <ignore_unknown> <warning_time>]", 'Add data server module to agent');
help_screen_line('--create_web_module', "<module_name> <module_type> <agent_name> [<description> <module_group> \n\t <min> <max> <post_process> <interval> <warning_min> <warning_max> <critical_min> <critical_max> \n\t <history_data> <retries> <requests> <agent_browser_id> <auth_server> <auth_realm> <definition_file>\n\t <proxy_url> <proxy_auth_login> <proxy_auth_password> <warning_str> <critical_str>\n\t <unknown_events> <ff_threshold> <each_ff> <ff_threshold_normal>\n\t <ff_threshold_warning> <ff_threshold_critical> <ff_timeout> <warning_inverse> <critical_inverse>\n\t <critical_instructions> <warning_instructions> <unknown_instructions> <use_alias> <ignore_unknown> <warning_time>].\n\t The valid data types are web_data, web_proc, web_content_data or web_content_string", 'Add web server module to agent');
help_screen_line('--create_network_module', "<module_name> <module_type> <agent_name> <module_address> \n\t [<module_port> <description> <module_group> <min> <max> <post_process> <interval> \n\t <warning_min> <warning_max> <critical_min> <critical_max> <history_data> <ff_threshold>\n\t <warning_str> <critical_str> <unknown_events> <each_ff>\n\t <ff_threshold_normal> <ff_threshold_warning> <ff_threshold_critical> <timeout> <retries>\n\t <critical_instructions> <warning_instructions> <unknown_instructions>\n\t <warning_inverse> <critical_inverse> <use_alias> <ignore_unknown> <warning_time>]", 'Add not snmp network module to agent');
help_screen_line('--create_snmp_module', "<module_name> <module_type> <agent_name> <module_address> <module_port>\n\t <version> [<community> <oid> <description> <module_group> <min> <max> <post_process> <interval>\n\t <warning_min> <warning_max> <critical_min> <critical_max> <history_data> \n\t <snmp3_priv_method> <snmp3_priv_pass> <snmp3_sec_level> <snmp3_auth_method> \n\t <snmp3_auth_user> <snmp3_auth_pass> <ff_threshold> <warning_str> \n\t <critical_str> <unknown_events> <each_ff> <ff_threshold_normal>\n\t <ff_threshold_warning> <ff_threshold_critical> <timeout> <retries> <use_alias> <ignore_unknown>]
\n\t <critical_instructions> <warning_instructions> <unknown_instructions>\n\t <warning_inverse> <critical_inverse>]", 'Add snmp network module to agent');
help_screen_line('--create_plugin_module', "<module_name> <module_type> <agent_name> <module_address> \n\t <module_port> <plugin_name> <user> <password> <parameters> [<description> \n\t <module_group> <min> <max> <post_process> <interval> <warning_min> <warning_max> <critical_min> \n\t <critical_max> <history_data> <ff_threshold> <warning_str> <critical_str>\n\t <unknown_events> <each_ff> <ff_threshold_normal> <ff_threshold_warning>\n\t <ff_threshold_critical> <timeout> \n\t <critical_instructions> <warning_instructions> <unknown_instructions>\n\t <warning_inverse> <critical_inverse> <use_alias> <ignore_unknown>]", 'Add plug-in module to agent');
\n\t <critical_instructions> <warning_instructions> <unknown_instructions>\n\t <warning_inverse> <critical_inverse> <warning_time>]", 'Add snmp network module to agent');
help_screen_line('--create_plugin_module', "<module_name> <module_type> <agent_name> <module_address> \n\t <module_port> <plugin_name> <user> <password> <parameters> [<description> \n\t <module_group> <min> <max> <post_process> <interval> <warning_min> <warning_max> <critical_min> \n\t <critical_max> <history_data> <ff_threshold> <warning_str> <critical_str>\n\t <unknown_events> <each_ff> <ff_threshold_normal> <ff_threshold_warning>\n\t <ff_threshold_critical> <timeout> \n\t <critical_instructions> <warning_instructions> <unknown_instructions>\n\t <warning_inverse> <critical_inverse> <use_alias> <ignore_unknown> <warning_time>]", 'Add plug-in module to agent');
help_screen_line('--get_module_group', '[<module_group_name>]', 'Dysplay all module groups');
help_screen_line('--create_module_group', '<module_group_name>');
help_screen_line('--module_group_synch', "<server_name1|server_name2|server_name3...> [<return_type>]", 'Synchronize metaconsole module groups');
@ -1655,21 +1655,21 @@ sub cli_create_data_module($) {
$min,$max,$post_process, $interval, $warning_min, $warning_max, $critical_min,
$critical_max, $history_data, $definition_file, $configuration_data, $warning_str, $critical_str, $enable_unknown_events,
$ff_threshold, $each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $ff_timeout,
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown);
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown, $warning_time);
if ($in_policy == 0) {
($module_name, $module_type, $agent_name, $description, $module_group,
$min,$max,$post_process, $interval, $warning_min, $warning_max, $critical_min,
$critical_max, $history_data, $definition_file, $warning_str, $critical_str, $enable_unknown_events, $ff_threshold,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $ff_timeout,
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown) = @ARGV[2..32];
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $ff_timeout,$warning_inverse, $critical_inverse,
$critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown, $warning_time) = @ARGV[2..33];
}
else {
($policy_name, $module_name, $module_type, $description, $module_group,
$min,$max,$post_process, $interval, $warning_min, $warning_max, $critical_min,
$critical_max, $history_data, $configuration_data, $warning_str, $critical_str, $enable_unknown_events, $ff_threshold,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $ff_timeout,
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $ignore_unknown) = @ARGV[2..32];
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $ignore_unknown, $warning_time) = @ARGV[2..33];
}
my $module_name_def;
@ -1887,6 +1887,7 @@ sub cli_create_data_module($) {
$parameters{'warning_instructions'} = $warning_instructions unless !defined ($warning_instructions);
$parameters{'unknown_instructions'} = $unknown_instructions unless !defined ($unknown_instructions);
$parameters{'ignore_unknown'} = $ignore_unknown unless !defined ($ignore_unknown);
$parameters{'warning_time'} = $warning_time unless !defined ($warning_time);
if ($in_policy == 0) {
if (defined $use_alias and $use_alias eq 'use_alias') {
@ -1918,7 +1919,7 @@ sub cli_create_web_module($) {
$critical_max, $history_data, $retries, $requests, $agent_browser_id, $auth_server, $auth_realm,
$definition_file, $proxy_url, $proxy_auth_login, $proxy_auth_password, $configuration_data, $warning_str, $critical_str, $enable_unknown_events,
$ff_threshold, $each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $ff_timeout,
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown);
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown, $warning_time);
if ($in_policy == 0) {
($module_name, $module_type, $agent_name, $description, $module_group,
@ -1926,7 +1927,7 @@ sub cli_create_web_module($) {
$critical_max, $history_data, $retries, $requests, $agent_browser_id, $auth_server, $auth_realm,
$definition_file, $proxy_url, $proxy_auth_login, $proxy_auth_password, $warning_str, $critical_str,
$enable_unknown_events, $ff_threshold, $each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $ff_timeout,
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown) = @ARGV[2..40];
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $use_alias, $ignore_unknown, $warning_time) = @ARGV[2..41];
}
else {
($policy_name, $module_name, $module_type, $description, $module_group,
@ -1934,7 +1935,7 @@ sub cli_create_web_module($) {
$critical_max, $history_data, $retries, $requests, $agent_browser_id, $auth_server, $auth_realm, $configuration_data, $proxy_url,
$proxy_auth_login, $proxy_auth_password, $warning_str, $critical_str,
$enable_unknown_events, $ff_threshold, $each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $ff_timeout,
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $ignore_unknown) = @ARGV[2..39];
$warning_inverse, $critical_inverse, $critical_instructions, $warning_instructions, $unknown_instructions, $ignore_unknown, $warning_time) = @ARGV[2..40];
}
my $module_name_def;
@ -2163,7 +2164,7 @@ sub cli_create_web_module($) {
$parameters{'ip_target'} = $auth_server unless !defined ($auth_server);
$parameters{'snmp_community'} = $auth_realm unless !defined ($auth_realm);
$parameters{'ignore_unknown'} = $ignore_unknown unless !defined ($ignore_unknown);
$parameters{'warning_time'} = $warning_time unless !defined ($warning_time);
if ($in_policy == 0) {
@ -2365,7 +2366,7 @@ sub cli_create_network_module($) {
$module_group, $min, $max, $post_process, $interval, $warning_min, $warning_max, $critical_min,
$critical_max, $history_data, $ff_threshold, $warning_str, $critical_str, $enable_unknown_events, $each_ff,
$ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $timeout, $retries, $critical_instructions,
$warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown);
$warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown, $warning_time);
if ($in_policy == 0) {
($module_name, $module_type, $agent_name, $module_address, $module_port, $description,
@ -2373,7 +2374,7 @@ sub cli_create_network_module($) {
$critical_max, $history_data, $ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning,
$ff_threshold_critical, $timeout, $retries,$critical_instructions, $warning_instructions, $unknown_instructions,
$warning_inverse, $critical_inverse, $use_alias, $ignore_unknown) = @ARGV[2..34];
$warning_inverse, $critical_inverse, $use_alias, $ignore_unknown, $warning_time) = @ARGV[2..35];
}
else {
($policy_name, $module_name, $module_type, $module_port, $description,
@ -2381,7 +2382,7 @@ sub cli_create_network_module($) {
$critical_max, $history_data, $ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning,
$ff_threshold_critical, $timeout, $retries, $critical_instructions, $warning_instructions, $unknown_instructions,
$warning_inverse, $critical_inverse, $ignore_unknown) = @ARGV[2..34];
$warning_inverse, $critical_inverse, $ignore_unknown, $warning_time) = @ARGV[2..35];
}
my $module_name_def;
@ -2518,7 +2519,7 @@ sub cli_create_network_module($) {
$parameters{'critical_inverse'} = $critical_inverse unless !defined ($critical_inverse);
$parameters{'warning_inverse'} = $warning_inverse unless !defined ($warning_inverse);
$parameters{'ignore_unknown'} = $ignore_unknown unless !defined ($ignore_unknown);
$parameters{'warning_time'} = $warning_time unless !defined ($warning_time);
if ($in_policy == 0) {
if (defined $use_alias and $use_alias eq 'use_alias') {
@ -2550,7 +2551,7 @@ sub cli_create_snmp_module($) {
$warning_max, $critical_min, $critical_max, $history_data, $snmp3_priv_method, $snmp3_priv_pass,
$snmp3_sec_level, $snmp3_auth_method, $snmp3_auth_user, $snmp3_auth_pass, $ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $timeout, $retries,
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown);
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown, $warning_time);
if ($in_policy == 0) {
($module_name, $module_type, $agent_name, $module_address, $module_port, $version, $community,
@ -2558,7 +2559,7 @@ sub cli_create_snmp_module($) {
$warning_max, $critical_min, $critical_max, $history_data, $snmp3_priv_method, $snmp3_priv_pass,
$snmp3_sec_level, $snmp3_auth_method, $snmp3_auth_user, $snmp3_auth_pass, $ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $timeout, $retries,
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown) = @ARGV[2..43];
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown, $warning_time) = @ARGV[2..44];
}
else {
($policy_name, $module_name, $module_type, $module_port, $version, $community,
@ -2566,7 +2567,7 @@ sub cli_create_snmp_module($) {
$warning_max, $critical_min, $critical_max, $history_data, $snmp3_priv_method, $snmp3_priv_pass,
$snmp3_sec_level, $snmp3_auth_method, $snmp3_auth_user, $snmp3_auth_pass, $ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $timeout, $retries,
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $ignore_unknown) = @ARGV[2..41];
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $ignore_unknown, $warning_time) = @ARGV[2..42];
}
my $module_name_def;
@ -2708,7 +2709,8 @@ sub cli_create_snmp_module($) {
$parameters{'critical_inverse'} = $critical_inverse unless !defined ($critical_inverse);
$parameters{'warning_inverse'} = $warning_inverse unless !defined ($warning_inverse);
$parameters{'ignore_unknown'} = $ignore_unknown unless !defined ($ignore_unknown);
$parameters{'warning_time'} = $warning_time unless !defined ($warning_time);
if ($in_policy == 0) {
if (defined $use_alias and $use_alias eq 'use_alias') {
foreach my $id (@id_agents) {
@ -2736,7 +2738,7 @@ sub cli_create_plugin_module($) {
$interval, $warning_min, $warning_max, $critical_min, $critical_max, $history_data,
$ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $timeout,
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown);
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown, $warning_time);
if ($in_policy == 0) {
($module_name, $module_type, $agent_name, $module_address, $module_port, $plugin_name,
@ -2744,7 +2746,7 @@ sub cli_create_plugin_module($) {
$interval, $warning_min, $warning_max, $critical_min, $critical_max, $history_data,
$ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $timeout,
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown) = @ARGV[2..37];
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $use_alias, $ignore_unknown, $warning_time) = @ARGV[2..38];
}
else {
($policy_name, $module_name, $module_type, $module_port, $plugin_name,
@ -2752,7 +2754,7 @@ sub cli_create_plugin_module($) {
$interval, $warning_min, $warning_max, $critical_min, $critical_max, $history_data,
$ff_threshold, $warning_str, $critical_str, $enable_unknown_events,
$each_ff, $ff_threshold_normal, $ff_threshold_warning, $ff_threshold_critical, $timeout,
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $ignore_unknown) = @ARGV[2..35];
$critical_instructions, $warning_instructions, $unknown_instructions, $warning_inverse, $critical_inverse, $ignore_unknown, $warning_time) = @ARGV[2..36];
}
my $module_name_def;
@ -2909,7 +2911,8 @@ sub cli_create_plugin_module($) {
$parameters{'critical_inverse'} = $critical_inverse unless !defined ($critical_inverse);
$parameters{'warning_inverse'} = $warning_inverse unless !defined ($warning_inverse);
$parameters{'ignore_unknown'} = $ignore_unknown unless !defined ($ignore_unknown);
$parameters{'warning_time'} = $warning_time unless !defined ($warning_time);
if ($in_policy == 0) {
if (defined $use_alias and $use_alias eq 'use_alias') {
foreach my $id (@id_agents) {
@ -7816,7 +7819,7 @@ sub pandora_manage_main ($$$) {
cli_delete_agent();
}
elsif ($param eq '--create_data_module') {
param_check($ltotal, 31, 24);
param_check($ltotal, 32, 25);
cli_create_data_module(0);
}
elsif ($param eq '--create_web_module') {
@ -7845,7 +7848,7 @@ sub pandora_manage_main ($$$) {
cli_create_snmp_module(0);
}
elsif ($param eq '--create_plugin_module') {
param_check($ltotal, 37, 20);
param_check($ltotal, 38, 21);
cli_create_plugin_module(0);
}
elsif ($param eq '--delete_module') {
@ -8034,7 +8037,7 @@ sub pandora_manage_main ($$$) {
cli_create_policy();
}
elsif ($param eq '--create_policy_data_module') {
param_check($ltotal, 30, 21);
param_check($ltotal, 31, 22);
cli_create_data_module(1);
}
elsif ($param eq '--create_policy_web_module') {
@ -8050,7 +8053,7 @@ sub pandora_manage_main ($$$) {
cli_create_snmp_module(1);
}
elsif ($param eq '--create_policy_plugin_module') {
param_check($ltotal, 35, 19);
param_check($ltotal, 36, 20);
cli_create_plugin_module(1);
}
elsif ($param eq '--create_alert_template') {

8
tentacle/conf/tentacle_server.conf.new
View File

@ -72,4 +72,10 @@ log_file /dev/null
# ssl_password 0
# [-T] Use libwrap library (Authen::Libwrap perl module)
# use_libwrap 0
# use_libwrap 0
# [-z] Restrict to a specific ssl version
# ssl_version TLSv1_3
# [-u] Restrict to a specific ssl cipher
# ssl_cipher AES256-SHA

46
tentacle/tentacle_server
View File

@ -187,6 +187,12 @@ my $t_proxy_ip = undef;
# Port to proxy client requests to
my $t_proxy_port = 41121;
# Allowed SSL Cipher
my $t_ssl_cipher= '';
# Allowed SSL Version
my $t_ssl_version= '';
# Proxy socket
my $t_proxy_socket;
@ -230,7 +236,7 @@ sub print_help {
print ("\t-p port\t\tPort to listen on (default $t_port).\n");
print ("\t-q\t\tQuiet. Do now print error messages.\n");
print ("\t-r number\tNumber of retries for network opertions (default $t_retries).\n");
print ("\t-S (install|uninstall|run) Manage the win32 service.\n");
print ("\t-S \t\t(install|uninstall|run) Manage the win32 service.\n");
print ("\t-t time\t\tTime-out for network operations in seconds (default ${t_timeout}s).\n");
print ("\t-v\t\tBe verbose (display errors).\n");
print ("\t-V\t\tBe verbose on hard way (display errors and other info).\n");
@ -239,7 +245,9 @@ sub print_help {
print ("\t-b ip_address\tProxy requests to the given address.\n");
print ("\t-g port\t\tProxy requests to the given port.\n");
print ("\t-T\t\tEnable tcpwrappers support.\n");
print ("\t \t\t(To use this option, 'Authen::Libwrap' should be installed.)\n\n");
print ("\t \t\t(To use this option, 'Authen::Libwrap' should be installed.)\n");
print ("\t-z\t\tRestrict to a specific SSL Version.\n");
print ("\t-u\t\tRestrict to a specific SSL Cipher.\n\n");
}
################################################################################
@ -287,7 +295,7 @@ sub parse_options {
my @t_addresses_tmp;
# Get options
if (getopts ('a:b:c:de:f:F:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) {
if (getopts ('a:b:c:de:f:F:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:z:u:', \%opts) == 0 || defined ($opts{'h'})) {
print_help ();
exit 1;
}
@ -547,6 +555,18 @@ sub parse_options {
}
}
# Specific SSL Version
$token_value = get_config_value($opts{'z'}, $CONF->{'ssl_version'});
if (defined ($token_value)) {
$t_ssl_version = $token_value;
}
# Specific SSL Cipher
$token_value = get_config_value($opts{'u'}, $CONF->{'ssl_cipher'});
if (defined ($token_value)) {
$t_ssl_cipher = $token_value;
}
# Win32 service management
if (defined ($opts{'S'})) {
my $service_action = $opts{'S'};
@ -788,13 +808,19 @@ sub stop_server {
sub start_ssl {
my $err;
my %ssl_args = (
SSL_cert_file => $t_ssl_cert,
SSL_key_file => $t_ssl_key,
SSL_passwd_cb => sub {return $t_ssl_pwd},
SSL_server => 1,
SSL_cipher_list => $t_ssl_cipher // '',
SSL_version => $t_ssl_version // '',
);
if ($t_ssl_ca eq '') {
IO::Socket::SSL->start_SSL (
$t_client_socket,
SSL_cert_file => $t_ssl_cert,
SSL_key_file => $t_ssl_key,
SSL_passwd_cb => sub {return $t_ssl_pwd},
SSL_server => 1,
%ssl_args,
# Verify peer
SSL_verify_mode => 0x01,
);
@ -802,11 +828,8 @@ sub start_ssl {
else {
IO::Socket::SSL->start_SSL (
$t_client_socket,
%ssl_args,
SSL_ca_file => $t_ssl_ca,
SSL_cert_file => $t_ssl_cert,
SSL_key_file => $t_ssl_key,
SSL_passwd_cb => sub {return $t_ssl_pwd},
SSL_server => 1,
# Fail verification if no peer certificate exists
SSL_verify_mode => 0x03,
);
@ -820,6 +843,7 @@ sub start_ssl {
print_log ("SSL started for " . $t_client_socket->sockhost ());
}
################################################################################
## SUB accept_connections
## Manage incoming connections.