2012-08-16 Vanessa Gil <vanessa.gil@artica.es>

* util/recon_scripts/snmpdevices.pl: Added several networks and ips to recon scripts. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@6870 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2012-08-16 15:49:18 +00:00 · 2012-08-16 15:49:18 +00:00 · be135f8cdb
parent f2117a3c2b
commit be135f8cdb
2 changed files with 294 additions and 148 deletions
--- a/pandora_server/ChangeLog
+++ b/pandora_server/ChangeLog
@ -1,3 +1,8 @@
+2012-08-16 Vanessa Gil <vanessa.gil@artica.es>
+	
+	* util/recon_scripts/snmpdevices.pl: Added several networks and ips
+	to recon scripts.
+
 2012-08-16  Sergio Martin <sergio.martin@artica.es>

 	* lib/PandoraFMS/PluginServer.pm: Adapted the plugin server to
--- a/pandora_server/util/recon_scripts/snmpdevices.pl
+++ b/pandora_server/util/recon_scripts/snmpdevices.pl
@ -145,160 +145,301 @@ my $dbh = db_connect ('mysql', $conf{'dbname'}, $conf{'dbhost'}, $conf{'dbport'}

 # Start the network sweep
 # Get a NetAddr::IP object for the target network
-my $net_addr = new NetAddr::IP ($target_network);
-if (! defined ($net_addr)) {
-	logger (\%conf, "Invalid network " . $target_network . " for SNMP Recon App task", 1);
-	update_recon_task ($dbh, $task_id, -1);
-	return -1;
-}
+my @net_addr_list = split (",", $target_network);
+my $addr_item;

-# Scan the network for hosts
-my ($total_hosts, $hosts_found, $addr_found) = ($net_addr->num, 0, '');
+foreach $addr_item (@net_addr_list) {

-my $last = 0;
-for (my $i = 1; $net_addr <= $net_addr->broadcast; $i++, $net_addr++) {
-	if($last == 1) {
-		last;
-	}
-	
-	my $net_addr_temp = $net_addr + 1;
-	if($net_addr->broadcast eq $net_addr_temp) {
-		$last = 1;
-	}
-	
-	if ($net_addr =~ /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.(\d{1,3})\b/) {
-		if($1 eq '0' || $1 eq '255') {
-			next;
-		}
-	}
-	
-	my $addr = (split(/\//, $net_addr))[0];
-	$hosts_found ++;
-	
-	# Update the recon task 
-	update_recon_task ($dbh, $task_id, ceil ($i / ($total_hosts / 100)));
-      
-	my $alive = 0;
-	if (pandora_ping (\%conf, $addr) == 1) {
-		$alive = 1;
-	}
-
-	next unless ($alive > 0);
-
-	# Resolve the address
-	my $host_name = gethostbyaddr(inet_aton($addr), AF_INET);
-	$host_name = $addr unless defined ($host_name);
-	#/usr/bin/snmpwalk -OUevqt -c 'public' -v 1 192.168.50.100 SNMPv2-MIB::sysName.0
-	logger(\%conf, "SNMP Recon App found host $host_name.", 10);
-
-	# Add the new address if it does not exist
-	my $addr_id = get_addr_id ($dbh, $addr);
-
-	my $resp;
-	my $oid;
-	my $module_type;
-	my $module_description;
-	my $module_name;
-	my $xml = "";
-	my $ax; # Counter
-	my $conf = \%conf;
-	
-	$resp = "";
-	
-	my @community_list = split (",", $target_community);
-	my $community_validate = 0;
-	my $community;
-	
-	foreach $community (@community_list) {
-		$resp = get_snmp_response ($target_timeout, $community, $addr);
-		
-		if ($resp ne "") {
-			$community_validate = 1;
-			$target_community = $community;
-			last;
-		}
-	}
-
-	if ($community_validate eq 0) {
-		next;
-	}
-
-	# Create agent if really has SNMP information
-	$addr_id = add_address ($dbh, $addr) unless ($addr_id > 0);
-	if ($addr_id <= 0) {
-		logger (\%conf, "Could not add address '$addr' for host '$host_name'", 3);
-		next;
-	}
-
-	# Check if the agent exists
-	my $agent_id = get_agent_id($dbh, $host_name);
-	
-	# If the agent doesnt exist we create it
-	if($agent_id == -1) {
-		# Create a new agent
-		$agent_id = pandora_create_agent (\%conf, $conf{'servername'}, $host_name, $addr, $target_group, 0, 11, '', 300, $dbh);
-	}
-
-	# Assign the new address to the agent
-	db_do ($dbh, 'INSERT INTO taddress_agent (`id_a`, `id_agent`) VALUES (?, ?)', $addr_id, $agent_id);
-	
-	# Generate an event
-	pandora_event (\%conf, "[RECON] New SNMP host [$host_name] detected on network [" . $target_network . ']', $target_group, $agent_id, 2, 0, 0, 'recon_host_detected', 0, $dbh);
-
-	# SysUptime
-	process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.1.3.0", "ticks", "SysUptime", "remote_snmp_string", "System uptime reported by SNMP", $conf);
-
-	# SysName
-	process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.1.5.0", "", "SysName", "remote_snmp_string", "System name reported by SNMP", $conf);
-
-	# Local system total traffic 
-	
-	process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.4.3.0", "", "Local InReceives", "remote_snmp_inc", "System local incoming traffic (bytes)", $conf);
-	
-	process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.4.10.0", "", "Local OutRequests", "remote_snmp_inc", "System local outgoing traffic (bytes)", $conf);
-
-	# Process interface list
-	# Get interface indexes
-		
-	my $interface_indexes = `/usr/bin/snmpwalk -Ouvq -c '$target_community' -v 1 $addr ifIndex 2>/dev/null`;
-	
-	my @ids = split("\n", $interface_indexes);
-
-	foreach my $ax (@ids) {
-		my $oper_status = `/usr/bin/snmpwalk -OUevqt -c '$target_community' -v 1 $addr .1.3.6.1.2.1.2.2.1.8.$ax 2>/dev/null`;
-
-		# If switch_mode is active and the interface is not up, we avoid it
-		if($all_mode ne '-a' && $oper_status != 1) {
-			next;
-		}
-		
-		my $interface = `/usr/bin/snmpget -v 1 -r0 -t$target_timeout -OUevqt -c '$target_community' $addr RFC1213-MIB::ifDescr.$ax 2>/dev/null`;
-				
-		my $ip_address = `/usr/bin/snmpwalk -OnQ -c '$target_community' -v 1 $addr .1.3.6.1.2.1.4.20.1.2 | sed 's/.1.3.6.1.2.1.4.20.1.2.//' | grep "= $ax" | awk '{print \$1}'`;
-		
-		if($ip_address eq '') {
-			$ip_address = 'N/A';
-		}
-		else {
-			chomp($ip_address);
-			$ip_address =~ s/\n/,/g;
-		}
-		
-		# Remove forbidden caracters
-		$interface =~ s/\"|\n|\<|\>|\&|\[|\]//g;
-		 
-		process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.8.$ax", "interface", "$interface Status", "remote_snmp_proc", "Operative status for $interface at position $ax. IP Address: $ip_address", $conf);
+	if ($addr_item =~ /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.(\d{1,3})\b\/\d/) { # it's a network
 			
-		process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.10.$ax", "", "$interface Inbound bps", "remote_snmp_inc", "Incoming traffic for $interface", $conf);
+		#my $net_addr = new NetAddr::IP ($target_network);
+		my $net_addr = new NetAddr::IP ($addr_item);
 		
-		process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.16.$ax", "", "$interface Outbound bps", "remote_snmp_inc", "Outgoing traffic for $interface", $conf);
+		if (! defined ($net_addr)) {
+			logger (\%conf, "Invalid network " . $target_network . " for SNMP Recon App task", 1);
+			update_recon_task ($dbh, $task_id, -1);
+			return -1;
+		}
+
+		# Scan the network for hosts
+		my ($total_hosts, $hosts_found, $addr_found) = ($net_addr->num, 0, '');
+
+		my $last = 0;
+		for (my $i = 1; $net_addr <= $net_addr->broadcast; $i++, $net_addr++) {
+			if($last == 1) {
+				last;
+			}
+			
+			my $net_addr_temp = $net_addr + 1;
+			if($net_addr->broadcast eq $net_addr_temp) {
+				$last = 1;
+			}
+			
+			if ($net_addr =~ /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.(\d{1,3})\b/) {
+				if($1 eq '0' || $1 eq '255') {
+					next;
+				}
+			}
+
+			my $addr = (split(/\//, $net_addr))[0];
+
+			$hosts_found ++;
+			
+			# Update the recon task 
+			update_recon_task ($dbh, $task_id, ceil ($i / ($total_hosts / 100)));
+			  
+			my $alive = 0;
+			if (pandora_ping (\%conf, $addr) == 1) {
+				$alive = 1;
+			}
+
+			next unless ($alive > 0);
+
+			# Resolve the address
+			my $host_name = gethostbyaddr(inet_aton($addr), AF_INET);
+			$host_name = $addr unless defined ($host_name);
+			#/usr/bin/snmpwalk -OUevqt -c 'public' -v 1 192.168.50.100 SNMPv2-MIB::sysName.0
+			logger(\%conf, "SNMP Recon App found host $host_name.", 10);
+
+			# Add the new address if it does not exist
+			my $addr_id = get_addr_id ($dbh, $addr);
+
+			my $resp;
+			my $oid;
+			my $module_type;
+			my $module_description;
+			my $module_name;
+			my $xml = "";
+			my $ax; # Counter
+			my $conf = \%conf;
+			
+			$resp = "";
+			
+			my @community_list = split (",", $target_community);
+			my $community_validate = 0;
+			my $community;
+			
+			foreach $community (@community_list) {
+				$resp = get_snmp_response ($target_timeout, $community, $addr);
+				
+				if ($resp ne "") {
+					$community_validate = 1;
+					$target_community = $community;
+					last;
+				}
+			}
+
+			if ($community_validate eq 0) {
+				next;
+			}
+
+			# Create agent if really has SNMP information
+			$addr_id = add_address ($dbh, $addr) unless ($addr_id > 0);
+			if ($addr_id <= 0) {
+				logger (\%conf, "Could not add address '$addr' for host '$host_name'", 3);
+				next;
+			}
+
+			# Check if the agent exists
+			my $agent_id = get_agent_id($dbh, $host_name);
+			
+			# If the agent doesnt exist we create it
+			if($agent_id == -1) {
+				# Create a new agent
+				$agent_id = pandora_create_agent (\%conf, $conf{'servername'}, $host_name, $addr, $target_group, 0, 11, '', 300, $dbh);
+			}
+
+			# Assign the new address to the agent
+			db_do ($dbh, 'INSERT INTO taddress_agent (`id_a`, `id_agent`) VALUES (?, ?)', $addr_id, $agent_id);
+			
+			# Generate an event
+			pandora_event (\%conf, "[RECON] New SNMP host [$host_name] detected on network [" . $target_network . ']', $target_group, $agent_id, 2, 0, 0, 'recon_host_detected', 0, $dbh);
+
+			# SysUptime
+			process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.1.3.0", "ticks", "SysUptime", "remote_snmp_string", "System uptime reported by SNMP", $conf);
+
+			# SysName
+			process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.1.5.0", "", "SysName", "remote_snmp_string", "System name reported by SNMP", $conf);
+
+			# Local system total traffic 
+			
+			process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.4.3.0", "", "Local InReceives", "remote_snmp_inc", "System local incoming traffic (bytes)", $conf);
+			
+			process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.4.10.0", "", "Local OutRequests", "remote_snmp_inc", "System local outgoing traffic (bytes)", $conf);
+
+			# Process interface list
+			# Get interface indexes
+				
+			my $interface_indexes = `/usr/bin/snmpwalk -Ouvq -c '$target_community' -v 1 $addr ifIndex 2>/dev/null`;
+			
+			my @ids = split("\n", $interface_indexes);
+
+			foreach my $ax (@ids) {
+				my $oper_status = `/usr/bin/snmpwalk -OUevqt -c '$target_community' -v 1 $addr .1.3.6.1.2.1.2.2.1.8.$ax 2>/dev/null`;
+
+				# If switch_mode is active and the interface is not up, we avoid it
+				if($all_mode ne '-a' && $oper_status != 1) {
+					next;
+				}
+				
+				my $interface = `/usr/bin/snmpget -v 1 -r0 -t$target_timeout -OUevqt -c '$target_community' $addr RFC1213-MIB::ifDescr.$ax 2>/dev/null`;
 						
-		# Do a grace sleep to avoid destination server ban me
-		sleep 1;
+				my $ip_address = `/usr/bin/snmpwalk -OnQ -c '$target_community' -v 1 $addr .1.3.6.1.2.1.4.20.1.2 | sed 's/.1.3.6.1.2.1.4.20.1.2.//' | grep "= $ax" | awk '{print \$1}'`;
+				
+				if($ip_address eq '') {
+					$ip_address = 'N/A';
+				}
+				else {
+					chomp($ip_address);
+					$ip_address =~ s/\n/,/g;
+				}
+				
+				# Remove forbidden caracters
+				$interface =~ s/\"|\n|\<|\>|\&|\[|\]//g;
+				 
+				process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.8.$ax", "interface", "$interface Status", "remote_snmp_proc", "Operative status for $interface at position $ax. IP Address: $ip_address", $conf);
+					
+				process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.10.$ax", "", "$interface Inbound bps", "remote_snmp_inc", "Incoming traffic for $interface", $conf);
+				
+				process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.16.$ax", "", "$interface Outbound bps", "remote_snmp_inc", "Outgoing traffic for $interface", $conf);
+								
+				# Do a grace sleep to avoid destination server ban me
+				sleep 1;
+				
+			}
+			
+		}
+	} else { #simple ip. No network.
 		
-	}
-	
-}	
+		if ($addr_item =~ /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.(\d{1,3})\b/) {
+			if($1 eq '0' || $1 eq '255') {
+				next;
+			}
+		}
+		
+		my $addr = $addr_item;
+		
+		my $alive = 0;
+		if (pandora_ping (\%conf, $addr) == 1) {
+			$alive = 1;
+		}
+
+		next unless ($alive > 0);
+
+		# Resolve the address
+		my $host_name = gethostbyaddr(inet_aton($addr), AF_INET);
+		$host_name = $addr unless defined ($host_name);
+		#/usr/bin/snmpwalk -OUevqt -c 'public' -v 1 192.168.50.100 SNMPv2-MIB::sysName.0
+		logger(\%conf, "SNMP Recon App found host $host_name.", 10);
+
+		# Add the new address if it does not exist
+		my $addr_id = get_addr_id ($dbh, $addr);
+
+		my $resp;
+		my $oid;
+		my $module_type;
+		my $module_description;
+		my $module_name;
+		my $xml = "";
+		my $ax; # Counter
+		my $conf = \%conf;
+		
+		$resp = "";
+		
+		my @community_list = split (",", $target_community);
+		my $community_validate = 0;
+		my $community;
+		
+		foreach $community (@community_list) {
+			$resp = get_snmp_response ($target_timeout, $community, $addr);
+			
+			if ($resp ne "") {
+				$community_validate = 1;
+				$target_community = $community;
+				last;
+			}
+		}
+
+		if ($community_validate eq 0) {
+			next;
+		}
+
+		# Create agent if really has SNMP information
+		$addr_id = add_address ($dbh, $addr) unless ($addr_id > 0);
+		if ($addr_id <= 0) {
+			logger (\%conf, "Could not add address '$addr' for host '$host_name'", 3);
+			next;
+		}
+
+		# Check if the agent exists
+		my $agent_id = get_agent_id($dbh, $host_name);
+		
+		# If the agent doesnt exist we create it
+		if($agent_id == -1) {
+			# Create a new agent
+			$agent_id = pandora_create_agent (\%conf, $conf{'servername'}, $host_name, $addr, $target_group, 0, 11, '', 300, $dbh);
+		}
+
+		# Assign the new address to the agent
+		db_do ($dbh, 'INSERT INTO taddress_agent (`id_a`, `id_agent`) VALUES (?, ?)', $addr_id, $agent_id);
+		
+		# Generate an event
+		pandora_event (\%conf, "[RECON] New SNMP host [$host_name] detected on network [" . $target_network . ']', $target_group, $agent_id, 2, 0, 0, 'recon_host_detected', 0, $dbh);
+
+		# SysUptime
+		process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.1.3.0", "ticks", "SysUptime", "remote_snmp_string", "System uptime reported by SNMP", $conf);
+
+		# SysName
+		process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.1.5.0", "", "SysName", "remote_snmp_string", "System name reported by SNMP", $conf);
+
+		# Local system total traffic 
+		
+		process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.4.3.0", "", "Local InReceives", "remote_snmp_inc", "System local incoming traffic (bytes)", $conf);
+		
+		process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.4.10.0", "", "Local OutRequests", "remote_snmp_inc", "System local outgoing traffic (bytes)", $conf);
+
+		# Process interface list
+		# Get interface indexes
+			
+		my $interface_indexes = `/usr/bin/snmpwalk -Ouvq -c '$target_community' -v 1 $addr ifIndex 2>/dev/null`;
+		
+		my @ids = split("\n", $interface_indexes);
+
+		foreach my $ax (@ids) {
+			my $oper_status = `/usr/bin/snmpwalk -OUevqt -c '$target_community' -v 1 $addr .1.3.6.1.2.1.2.2.1.8.$ax 2>/dev/null`;
+
+			# If switch_mode is active and the interface is not up, we avoid it
+			if($all_mode ne '-a' && $oper_status != 1) {
+				next;
+			}
+			
+			my $interface = `/usr/bin/snmpget -v 1 -r0 -t$target_timeout -OUevqt -c '$target_community' $addr RFC1213-MIB::ifDescr.$ax 2>/dev/null`;
+					
+			my $ip_address = `/usr/bin/snmpwalk -OnQ -c '$target_community' -v 1 $addr .1.3.6.1.2.1.4.20.1.2 | sed 's/.1.3.6.1.2.1.4.20.1.2.//' | grep "= $ax" | awk '{print \$1}'`;
+			
+			if($ip_address eq '') {
+				$ip_address = 'N/A';
+			}
+			else {
+				chomp($ip_address);
+				$ip_address =~ s/\n/,/g;
+			}
+			
+			# Remove forbidden caracters
+			$interface =~ s/\"|\n|\<|\>|\&|\[|\]//g;
+			 
+			process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.8.$ax", "interface", "$interface Status", "remote_snmp_proc", "Operative status for $interface at position $ax. IP Address: $ip_address", $conf);
+				
+			process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.10.$ax", "", "$interface Inbound bps", "remote_snmp_inc", "Incoming traffic for $interface", $conf);
+			
+			process_module_snmp ($dbh, $target_community, $addr, ".1.3.6.1.2.1.2.2.1.16.$ax", "", "$interface Outbound bps", "remote_snmp_inc", "Outgoing traffic for $interface", $conf);
+							
+			# Do a grace sleep to avoid destination server ban me
+			sleep 1;
+			
+		}
+	} 
+} 
 	
 # Mark recon task as done
 update_recon_task ($dbh, $task_id, -1);