From 6950624cc998a91c1e22f383548dc2900f4e9be5 Mon Sep 17 00:00:00 2001 From: Calvo Date: Tue, 14 Mar 2023 18:55:43 +0100 Subject: [PATCH 01/12] Added new netflow server filters form --- pandora_console/extras/mr/62.sql | 7 ++ .../godmode/netflow/nf_edit_form.php | 119 +++++++++++++++--- .../operation/netflow/nf_live_view.php | 69 +++++++++- pandora_console/pandoradb.sql | 4 + 4 files changed, 179 insertions(+), 20 deletions(-) diff --git a/pandora_console/extras/mr/62.sql b/pandora_console/extras/mr/62.sql index f540abf454..0f1d4715fc 100644 --- a/pandora_console/extras/mr/62.sql +++ b/pandora_console/extras/mr/62.sql @@ -164,4 +164,11 @@ CREATE TABLE IF NOT EXISTS `tfavmenu_user` ( `section` VARCHAR(255) NOT NULL, PRIMARY KEY (`id`)); +ALTER TABLE `tnetflow_filter` ADD COLUMN `netflow_monitoring` TINYINT UNSIGNED NOT NULL default 0; +ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_max` float(20,2) NOT NULL default 0; +ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_critical` float(20,2) NOT NULL default 0; +ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_warning` float(20,2) NOT NULL default 0; + + + COMMIT; diff --git a/pandora_console/godmode/netflow/nf_edit_form.php b/pandora_console/godmode/netflow/nf_edit_form.php index bdd0059328..942c9aafd7 100644 --- a/pandora_console/godmode/netflow/nf_edit_form.php +++ b/pandora_console/godmode/netflow/nf_edit_form.php @@ -91,6 +91,10 @@ if ($id) { $src_port = $filter['src_port']; $aggregate = $filter['aggregate']; $advanced_filter = $filter['advanced_filter']; + $netflow_monitoring = $filter['netflow_monitoring']; + $traffic_max = $filter['traffic_max']; + $traffic_critical = $filter['traffic_critical']; + $traffic_warning = $filter['traffic_warning']; } else { $name = ''; $assign_group = ''; @@ -100,6 +104,10 @@ if ($id) { $src_port = ''; $aggregate = 'dstip'; $advanced_filter = ''; + $netflow_monitoring = 0; + $traffic_max = 0; + $traffic_critical = 0; + $traffic_warning = 0; } if ($update) { @@ -111,20 +119,28 @@ if ($update) { $dst_port = get_parameter('dst_port', ''); $src_port = get_parameter('src_port', ''); $advanced_filter = get_parameter('advanced_filter', ''); + $netflow_monitoring = (bool) get_parameter('netflow_monitoring', false); + $traffic_max = get_parameter('traffic_max', 0); + $traffic_critical = get_parameter('traffic_critical', 0); + $traffic_warning = get_parameter('traffic_warning', 0); if ($name == '') { ui_print_error_message(__('Not updated. Blank name')); } else { $values = [ - 'id_sg' => $id, - 'id_name' => $name, - 'id_group' => $assign_group, - 'aggregate' => $aggregate, - 'ip_dst' => $ip_dst, - 'ip_src' => $ip_src, - 'dst_port' => $dst_port, - 'src_port' => $src_port, - 'advanced_filter' => $advanced_filter, + 'id_sg' => $id, + 'id_name' => $name, + 'id_group' => $assign_group, + 'aggregate' => $aggregate, + 'ip_dst' => $ip_dst, + 'ip_src' => $ip_src, + 'dst_port' => $dst_port, + 'src_port' => $src_port, + 'advanced_filter' => $advanced_filter, + 'netflow_monitoring' => $netflow_monitoring, + 'traffic_max' => $traffic_max, + 'traffic_critical' => $traffic_critical, + 'traffic_warning' => $traffic_warning, ]; // Save filter args @@ -149,16 +165,24 @@ if ($create) { $dst_port = get_parameter('dst_port', ''); $src_port = get_parameter('src_port', ''); $advanced_filter = (string) get_parameter('advanced_filter', ''); + $netflow_monitoring = (bool) get_parameter('netflow_monitoring', false); + $traffic_max = get_parameter('traffic_max', 0); + $traffic_critical = get_parameter('traffic_critical', 0); + $traffic_warning = get_parameter('traffic_warning', 0); $values = [ - 'id_name' => $name, - 'id_group' => $assign_group, - 'ip_dst' => $ip_dst, - 'ip_src' => $ip_src, - 'dst_port' => $dst_port, - 'src_port' => $src_port, - 'aggregate' => $aggregate, - 'advanced_filter' => $advanced_filter, + 'id_name' => $name, + 'id_group' => $assign_group, + 'ip_dst' => $ip_dst, + 'ip_src' => $ip_src, + 'dst_port' => $dst_port, + 'src_port' => $src_port, + 'aggregate' => $aggregate, + 'advanced_filter' => $advanced_filter, + 'netflow_monitoring' => $netflow_monitoring, + 'traffic_max' => $traffic_max, + 'traffic_critical' => $traffic_critical, + 'traffic_warning' => $traffic_warning, ]; // Save filter args @@ -258,16 +282,73 @@ $aggregate_list = [ $table->data[8][1] = html_print_select($aggregate_list, 'aggregate', $aggregate, '', '', 0, true, false, true, '', false); +// Netflow server options. +$table->data[9][0] = __('Enable Netflow monitoring').ui_print_help_tip(__('Allows you to create an agent that monitors the traffic volume of this filter. It also creates a module that measures if the traffic of any IP of this filter exceeds a certain threshold. A text type module will be created with the traffic rate for each IP within this filter every five minutes (the 10 IP\'s with the most traffic). Only available for Enterprise version.'), true); +$table->data[9][1] = html_print_checkbox_switch( + 'netflow_monitoring', + 1, + (bool) $netflow_monitoring, + true, + false, +); + +$table->data[10][0] = __('Maximum traffic value of the filter').ui_print_help_tip(__('Specifies the maximum rate (in bytes/sec) of traffic in the filter. It is then used to calculate the % of maximum traffic per IP.'), true); +$table->data[10][1] = html_print_input_number( + [ + 'step' => 1, + 'name' => 'traffic_max', + 'id' => 'traffic_max', + 'value' => $traffic_max, + ] +); + +$table->data[11][0] = __('CRITICAL threshold for the maximum % of traffic for an IP.').ui_print_help_tip(__('If this % is exceeded by any IP within the filter, a CRITICAL status will be generated.'), true); +$table->data[11][1] = html_print_input_number( + [ + 'step' => 1, + 'name' => 'traffic_critical', + 'id' => 'traffic_critical', + 'value' => $traffic_critical, + ] +); + +$table->data[12][0] = __('WARNING threshold for the maximum % of traffic of an IP.').ui_print_help_tip(__('If this % is exceeded by any IP within the filter, a WARNING status will be generated.'), true); +$table->data[12][1] = html_print_input_number( + [ + 'step' => 1, + 'name' => 'traffic_warning', + 'id' => 'traffic_warning', + 'value' => $traffic_warning, + ] +); + + echo '
'; html_print_table($table); echo '
'; if ($id) { html_print_input_hidden('update', 1); html_print_input_hidden('id', $id); - html_print_submit_button(__('Update'), 'crt', false, 'class="sub upd"'); + html_print_action_buttons( + html_print_submit_button( + __('Update'), + 'crt', + false, + ['icon' => 'update'], + true + ) + ); } else { html_print_input_hidden('create', 1); - html_print_submit_button(__('Create'), 'crt', false, 'class="sub wand"'); + html_print_action_buttons( + html_print_submit_button( + __('Create'), + 'crt', + false, + ['icon' => 'update'], + true + ) + ); } echo '
'; diff --git a/pandora_console/operation/netflow/nf_live_view.php b/pandora_console/operation/netflow/nf_live_view.php index 2164aeb562..c928372828 100644 --- a/pandora_console/operation/netflow/nf_live_view.php +++ b/pandora_console/operation/netflow/nf_live_view.php @@ -93,7 +93,11 @@ $filter['ip_src'] = get_parameter('ip_src', ''); $filter['dst_port'] = get_parameter('dst_port', ''); $filter['src_port'] = get_parameter('src_port', ''); $filter['advanced_filter'] = get_parameter('advanced_filter', ''); -$filter['router_ip'] = get_parameter('router_ip'); +$filter['netflow_monitoring'] = (bool) get_parameter('netflow_monitoring'); +$filter['traffic_max'] = get_parameter('traffic_max', 0); +$filter['traffic_critical'] = get_parameter('traffic_critical', 0); +$filter['traffic_warning'] = get_parameter('traffic_warning', 0); + // Read chart configuration. $chart_type = get_parameter('chart_type', 'netflow_area'); @@ -377,6 +381,55 @@ $advanced_toggle .= ''.$radio_buttons.''; $advanced_toggle .= ''.__('Source ip').''; $advanced_toggle .= ''.html_print_input_text('router_ip', $filter['router_ip'], false, 40, 80, true).''; +$advanced_toggle .= ''; + +// Netflow server options. +$advanced_toggle .= ''; + +$advanced_toggle .= "".__('Enable Netflow monitoring').ui_print_help_tip(__('Allows you to create an agent that monitors the traffic volume of this filter. It also creates a module that measures if the traffic of any IP of this filter exceeds a certain threshold. A text type module will be created with the traffic rate for each IP within this filter every five minutes (the 10 IP\'s with the most traffic). Only available for Enterprise version.'), true).''; +$advanced_toggle .= ''.html_print_checkbox_switch( + 'netflow_monitoring', + 1, + (bool) $netflow_monitoring, + true, + false, +).''; + +$advanced_toggle .= "".__('Maximum traffic value of the filter').ui_print_help_tip(__('Specifies the maximum rate (in bytes/sec) of traffic in the filter. It is then used to calculate the % of maximum traffic per IP.'), true).''; +$advanced_toggle .= ''.html_print_input_number( + [ + 'step' => 1, + 'name' => 'traffic_max', + 'id' => 'traffic_max', + 'value' => $filter['traffic_max'], + ] +).''; + + +$advanced_toggle .= ''; +$advanced_toggle .= ''; + +$advanced_toggle .= "".__('CRITICAL threshold for the maximum % of traffic for an IP.').ui_print_help_tip(__('If this % is exceeded by any IP within the filter, a CRITICAL status will be generated.'), true).''; +$advanced_toggle .= ''.html_print_input_number( + [ + 'step' => 1, + 'name' => 'traffic_critical', + 'id' => 'traffic_critical', + 'value' => $filter['traffic_critical'], + ] +).''; + +$advanced_toggle .= "".__('WARNING threshold for the maximum % of traffic of an IP.').ui_print_help_tip(__('If this % is exceeded by any IP within the filter, a WARNING status will be generated.'), true).''; +$advanced_toggle .= ''.html_print_input_number( + [ + 'step' => 1, + 'name' => 'traffic_warning', + 'id' => 'traffic_warning', + 'value' => $filter['traffic_warning'], + ] +).''; + + $advanced_toggle .= ''; $advanced_toggle .= ''; @@ -768,6 +821,11 @@ ui_include_time_picker(); $("#text-router_ip").val(''); $("#textarea_advanced_filter").val(''); $("#aggregate").val(''); + $("#traffic_max").val(''); + $("#traffic_critical").val(''); + $("#traffic_warning").val(''); + $('#checkbox-netflow_monitoring').prop('checked', false); + // Hide update filter button $("#submit-update_button").hide(); @@ -837,6 +895,15 @@ ui_include_time_picker(); $("#textarea_advanced_filter").val(val); if (i == 'aggregate') $("#aggregate").val(val); + if (i == 'netflow_monitoring') + $("#checkbox-netflow_monitoring").prop('checked', val == "0" ? false : true); + if (i == 'traffic_max') + $("#traffic_max").val(val); + if (i == 'traffic_critical') + $("#traffic_critical").val(val); + if (i == 'traffic_warning') + $("#traffic_warning").val(val); + }); } diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index a753ed0afe..2cdfc28f82 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -2185,6 +2185,10 @@ CREATE TABLE IF NOT EXISTS `tnetflow_filter` ( `advanced_filter` TEXT, `filter_args` TEXT, `aggregate` VARCHAR(60), + `netflow_monitoring` TINYINT UNSIGNED NOT NULL default 0, + `traffic_max` FLOAT(20,3) NOT NULL default 0, + `traffic_critical` FLOAT(20,2) NOT NULL default 0, + `traffic_warning` FLOAT(20,2) NOT NULL default 0, PRIMARY KEY (`id_sg`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; From 1be124059e179bf0032f7ba5c400480946d2149a Mon Sep 17 00:00:00 2001 From: Calvo Date: Tue, 14 Mar 2023 19:48:49 +0100 Subject: [PATCH 02/12] FIX MR --- pandora_console/extras/mr/62.sql | 2 +- pandora_console/pandoradb.sql | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pandora_console/extras/mr/62.sql b/pandora_console/extras/mr/62.sql index aca5356db6..4c96004587 100644 --- a/pandora_console/extras/mr/62.sql +++ b/pandora_console/extras/mr/62.sql @@ -167,7 +167,7 @@ CREATE TABLE IF NOT EXISTS `tfavmenu_user` ( PRIMARY KEY (`id`)); ALTER TABLE `tnetflow_filter` ADD COLUMN `netflow_monitoring` TINYINT UNSIGNED NOT NULL default 0; -ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_max` float(20,2) NOT NULL default 0; +ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_max` INTEGER NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_critical` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_warning` float(20,2) NOT NULL default 0; diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index 2cdfc28f82..0a1e4e3984 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -2186,9 +2186,9 @@ CREATE TABLE IF NOT EXISTS `tnetflow_filter` ( `filter_args` TEXT, `aggregate` VARCHAR(60), `netflow_monitoring` TINYINT UNSIGNED NOT NULL default 0, - `traffic_max` FLOAT(20,3) NOT NULL default 0, + `traffic_max` INTEGER NOT NULL default 0, `traffic_critical` FLOAT(20,2) NOT NULL default 0, - `traffic_warning` FLOAT(20,2) NOT NULL default 0, + `traffic_warning` FLOAT(20,2) NOT NULL default 0,git s PRIMARY KEY (`id_sg`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; From ebc36625d549b4341f885faed7d3615f96b1c826 Mon Sep 17 00:00:00 2001 From: Calvo Date: Wed, 15 Mar 2023 09:24:53 +0100 Subject: [PATCH 03/12] FIX MR --- pandora_console/pandoradb.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index 0a1e4e3984..30a21f9ae3 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -2188,7 +2188,7 @@ CREATE TABLE IF NOT EXISTS `tnetflow_filter` ( `netflow_monitoring` TINYINT UNSIGNED NOT NULL default 0, `traffic_max` INTEGER NOT NULL default 0, `traffic_critical` FLOAT(20,2) NOT NULL default 0, - `traffic_warning` FLOAT(20,2) NOT NULL default 0,git s + `traffic_warning` FLOAT(20,2) NOT NULL default 0, PRIMARY KEY (`id_sg`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; From 803e23fbac45a318ad9924afdfbc299cf49aefe7 Mon Sep 17 00:00:00 2001 From: Calvo Date: Tue, 21 Mar 2023 11:28:11 +0100 Subject: [PATCH 04/12] Updated MR netflow server --- pandora_console/extras/mr/62.sql | 4 ++-- pandora_console/pandoradb.sql | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/pandora_console/extras/mr/62.sql b/pandora_console/extras/mr/62.sql index 4c96004587..87c813f741 100644 --- a/pandora_console/extras/mr/62.sql +++ b/pandora_console/extras/mr/62.sql @@ -170,7 +170,7 @@ ALTER TABLE `tnetflow_filter` ADD COLUMN `netflow_monitoring` TINYINT UNSIGNED N ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_max` INTEGER NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_critical` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_warning` float(20,2) NOT NULL default 0; - - +ALTER TABLE `tnetflow_filter` ADD COLUMN `utimestamp` INT UNSIGNED NOT NULL DEFAULT 0; +ALTER TABLE `tnetflow_filter` ADD COLUMN `interval` INT UNSIGNED NOT NULL DEFAULT 300, COMMIT; diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index 30a21f9ae3..e62454df5a 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -2189,6 +2189,10 @@ CREATE TABLE IF NOT EXISTS `tnetflow_filter` ( `traffic_max` INTEGER NOT NULL default 0, `traffic_critical` FLOAT(20,2) NOT NULL default 0, `traffic_warning` FLOAT(20,2) NOT NULL default 0, + `netflow_monitoring_interval` FLOAT(20,2) NOT NULL default 0, + `interval` INT UNSIGNED NOT NULL DEFAULT 300, + `utimestamp` INT UNSIGNED NOT NULL DEFAULT 0, + PRIMARY KEY (`id_sg`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; From 1686a758b96557528166d75829daced125c965ca Mon Sep 17 00:00:00 2001 From: Calvo Date: Tue, 21 Mar 2023 12:11:07 +0100 Subject: [PATCH 05/12] Updated MR netflow server --- pandora_console/extras/mr/62.sql | 2 +- pandora_console/pandoradb.sql | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/pandora_console/extras/mr/62.sql b/pandora_console/extras/mr/62.sql index 87c813f741..d3f7108268 100644 --- a/pandora_console/extras/mr/62.sql +++ b/pandora_console/extras/mr/62.sql @@ -171,6 +171,6 @@ ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_max` INTEGER NOT NULL default ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_critical` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_warning` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `utimestamp` INT UNSIGNED NOT NULL DEFAULT 0; -ALTER TABLE `tnetflow_filter` ADD COLUMN `interval` INT UNSIGNED NOT NULL DEFAULT 300, +ALTER TABLE `tnetflow_filter` ADD COLUMN `interval` INT UNSIGNED NOT NULL DEFAULT 300; COMMIT; diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index e62454df5a..170e17fda0 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -2192,7 +2192,6 @@ CREATE TABLE IF NOT EXISTS `tnetflow_filter` ( `netflow_monitoring_interval` FLOAT(20,2) NOT NULL default 0, `interval` INT UNSIGNED NOT NULL DEFAULT 300, `utimestamp` INT UNSIGNED NOT NULL DEFAULT 0, - PRIMARY KEY (`id_sg`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; From cd2f8021f5df09fa940d1ae2e381f5b49df210fe Mon Sep 17 00:00:00 2001 From: Calvo Date: Tue, 21 Mar 2023 12:12:54 +0100 Subject: [PATCH 06/12] Updated MR netflow server --- pandora_console/extras/mr/62.sql | 2 +- pandora_console/pandoradb.sql | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/pandora_console/extras/mr/62.sql b/pandora_console/extras/mr/62.sql index d3f7108268..e83b54ec56 100644 --- a/pandora_console/extras/mr/62.sql +++ b/pandora_console/extras/mr/62.sql @@ -171,6 +171,6 @@ ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_max` INTEGER NOT NULL default ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_critical` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_warning` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `utimestamp` INT UNSIGNED NOT NULL DEFAULT 0; -ALTER TABLE `tnetflow_filter` ADD COLUMN `interval` INT UNSIGNED NOT NULL DEFAULT 300; +ALTER TABLE `tnetflow_filter` ADD COLUMN `netflow_monitoring_interval` INT UNSIGNED NOT NULL DEFAULT 300; COMMIT; diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index 170e17fda0..20bb148de1 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -2189,8 +2189,7 @@ CREATE TABLE IF NOT EXISTS `tnetflow_filter` ( `traffic_max` INTEGER NOT NULL default 0, `traffic_critical` FLOAT(20,2) NOT NULL default 0, `traffic_warning` FLOAT(20,2) NOT NULL default 0, - `netflow_monitoring_interval` FLOAT(20,2) NOT NULL default 0, - `interval` INT UNSIGNED NOT NULL DEFAULT 300, + `netflow_monitoring_interval` INT UNSIGNED NOT NULL DEFAULT 300, `utimestamp` INT UNSIGNED NOT NULL DEFAULT 0, PRIMARY KEY (`id_sg`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; From 834be586313a099bae724ca4b1c1b194040fec62 Mon Sep 17 00:00:00 2001 From: Calvo Date: Tue, 21 Mar 2023 12:28:46 +0100 Subject: [PATCH 07/12] Fix erorrs --- pandora_console/extras/mr/62.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/extras/mr/62.sql b/pandora_console/extras/mr/62.sql index e83b54ec56..4995d0dc58 100644 --- a/pandora_console/extras/mr/62.sql +++ b/pandora_console/extras/mr/62.sql @@ -171,6 +171,6 @@ ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_max` INTEGER NOT NULL default ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_critical` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `traffic_warning` float(20,2) NOT NULL default 0; ALTER TABLE `tnetflow_filter` ADD COLUMN `utimestamp` INT UNSIGNED NOT NULL DEFAULT 0; -ALTER TABLE `tnetflow_filter` ADD COLUMN `netflow_monitoring_interval` INT UNSIGNED NOT NULL DEFAULT 300; +ALTER TABLE `tnetflow_filter` ADD COLUMN `netflow_monitoring_interval` INT UNSIGNED NOT NULL DEFAULT 300; COMMIT; From 7c85b530adaaaf18d10585762f0b3868e8f274e4 Mon Sep 17 00:00:00 2001 From: Ramon Novoa Date: Wed, 22 Mar 2023 12:49:39 +0100 Subject: [PATCH 08/12] Add support for the Enterprise Netflow Server. --- pandora_server/lib/PandoraFMS/Config.pm | 9 +++++++++ pandora_server/lib/PandoraFMS/Core.pm | 5 ++++- pandora_server/lib/PandoraFMS/Tools.pm | 4 ++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index a826b7e573..60bab4ca43 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -553,6 +553,9 @@ sub pandora_load_config { $pa_config->{"unknown_block_size"} = 1000; # 7.0.769 + $pa_config->{"netflowserver"} = 0; # 7.0.770 + $pa_config->{"netflowserver_threads"} = 1; # 7.0.770 + # Check for UID0 if ($pa_config->{"quiet"} != 0){ if ($> == 0){ @@ -1313,6 +1316,12 @@ sub pandora_load_config { elsif ($parametro =~ m/^dataserver_smart_queue\s([0-1])/i) { $pa_config->{'dataserver_smart_queue'} = clean_blank($1); } + elsif ($parametro =~ m/^netflowserver\s([0-1])/i) { + $pa_config->{'netflowserver'} = clean_blank($1); + } + elsif ($parametro =~ m/^netflowserver_threads\s+([0-9]*)/i) { + $pa_config->{'netflowserver_threads'}= clean_blank($1); + } } # end of loop for parameter # diff --git a/pandora_server/lib/PandoraFMS/Core.pm b/pandora_server/lib/PandoraFMS/Core.pm index b911f05b50..6078c59f01 100644 --- a/pandora_server/lib/PandoraFMS/Core.pm +++ b/pandora_server/lib/PandoraFMS/Core.pm @@ -293,7 +293,7 @@ our @ServerTypes = qw ( dataserver networkserver snmpconsole - reconserver + discoveryserver pluginserver predictionserver wmiserver @@ -304,6 +304,7 @@ our @ServerTypes = qw ( icmpserver snmpserver satelliteserver + transactionalserver mfserver syncserver wuxserver @@ -312,6 +313,8 @@ our @ServerTypes = qw ( migrationserver alertserver correlationserver + ncmserver + netflowserver ); our @AlertStatus = ('Execute the alert', 'Do not execute the alert', 'Do not execute the alert, but increment its internal counter', 'Cease the alert', 'Recover the alert', 'Reset internal counter'); diff --git a/pandora_server/lib/PandoraFMS/Tools.pm b/pandora_server/lib/PandoraFMS/Tools.pm index 590fdf2020..fb4b551a3a 100755 --- a/pandora_server/lib/PandoraFMS/Tools.pm +++ b/pandora_server/lib/PandoraFMS/Tools.pm @@ -78,6 +78,7 @@ our @EXPORT = qw( PROVISIONINGSERVER MIGRATIONSERVER NCMSERVER + NETFLOWSERVER METACONSOLE_LICENSE OFFLINE_LICENSE DISCOVERY_HOSTDEVICES @@ -202,6 +203,7 @@ use constant MIGRATIONSERVER => 20; use constant ALERTSERVER => 21; use constant CORRELATIONSERVER => 22; use constant NCMSERVER => 23; +use constant NETFLOWSERVER => 24; # Module status use constant MODULE_NORMAL => 0; @@ -2844,6 +2846,8 @@ sub get_server_name { return "MIGRATIONSERVER" if ($server_type eq MIGRATIONSERVER); return "ALERTSERVER" if ($server_type eq ALERTSERVER); return "CORRELATIONSERVER" if ($server_type eq CORRELATIONSERVER); + return "NCMSERVER" if ($server_type eq NCMSERVER); + return "NETFLOWSERVER" if ($server_type eq NETFLOWSERVER); return "UNKNOWN"; } From 31f9aa7b4b8fcb785ec290db8a28deb710fe37b9 Mon Sep 17 00:00:00 2001 From: Ramon Novoa Date: Wed, 22 Mar 2023 12:52:36 +0100 Subject: [PATCH 09/12] Add configuration options for the Netflow Server. --- pandora_server/conf/pandora_server.conf.new | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pandora_server/conf/pandora_server.conf.new b/pandora_server/conf/pandora_server.conf.new index 21449c7df4..f77cde5c9f 100644 --- a/pandora_server/conf/pandora_server.conf.new +++ b/pandora_server/conf/pandora_server.conf.new @@ -736,3 +736,10 @@ tentacle_service_watchdog 1 # Enable (1) or disable (0) the parameter of mysql ssl certification (mysql_ssl_verify_server_cert) (enabled by default). verify_mysql_ssl_cert 1 + +# Enable (1) or disable (0) the Pandora FMS Netflow Server (PANDORA FMS ENTERPRISE ONLY). +netflowserver 0 + +# Number of threads for the Pandora FMS Netflow Server (PANDORA FMS ENTERPRISE ONLY). +netflowserver_threads 1 + From 96017090cecc5909f5718930854597d84abd9beb Mon Sep 17 00:00:00 2001 From: Calvo Date: Wed, 22 Mar 2023 14:22:17 +0100 Subject: [PATCH 10/12] Netflow monitoring filters forms --- .../godmode/netflow/nf_edit_form.php | 101 +++++++++++++----- .../operation/netflow/nf_live_view.php | 51 +++++++-- 2 files changed, 119 insertions(+), 33 deletions(-) diff --git a/pandora_console/godmode/netflow/nf_edit_form.php b/pandora_console/godmode/netflow/nf_edit_form.php index 9eb3dc80fd..5ad8923ce1 100644 --- a/pandora_console/godmode/netflow/nf_edit_form.php +++ b/pandora_console/godmode/netflow/nf_edit_form.php @@ -109,6 +109,7 @@ if ($id) { $traffic_max = $filter['traffic_max']; $traffic_critical = $filter['traffic_critical']; $traffic_warning = $filter['traffic_warning']; + $netflow_monitoring_interval = $filter['netflow_monitoring_interval']; } else { $name = ''; $assign_group = ''; @@ -118,10 +119,11 @@ if ($id) { $src_port = ''; $aggregate = 'dstip'; $advanced_filter = ''; - $netflow_monitoring = 0; + $netflow_monitoring = false; $traffic_max = 0; $traffic_critical = 0; $traffic_warning = 0; + $netflow_monitoring_interval = 300; } if ($update) { @@ -137,24 +139,27 @@ if ($update) { $traffic_max = get_parameter('traffic_max', 0); $traffic_critical = get_parameter('traffic_critical', 0); $traffic_warning = get_parameter('traffic_warning', 0); + $netflow_monitoring_interval = get_parameter('netflow_monitoring_interval', 300); + if ($name == '') { ui_print_error_message(__('Not updated. Blank name')); } else { $values = [ - 'id_sg' => $id, - 'id_name' => $name, - 'id_group' => $assign_group, - 'aggregate' => $aggregate, - 'ip_dst' => $ip_dst, - 'ip_src' => $ip_src, - 'dst_port' => $dst_port, - 'src_port' => $src_port, - 'advanced_filter' => $advanced_filter, - 'netflow_monitoring' => $netflow_monitoring, - 'traffic_max' => $traffic_max, - 'traffic_critical' => $traffic_critical, - 'traffic_warning' => $traffic_warning, + 'id_sg' => $id, + 'id_name' => $name, + 'id_group' => $assign_group, + 'aggregate' => $aggregate, + 'ip_dst' => $ip_dst, + 'ip_src' => $ip_src, + 'dst_port' => $dst_port, + 'src_port' => $src_port, + 'advanced_filter' => $advanced_filter, + 'netflow_monitoring' => $netflow_monitoring, + 'traffic_max' => $traffic_max, + 'traffic_critical' => $traffic_critical, + 'traffic_warning' => $traffic_warning, + 'netflow_monitoring_interval' => $netflow_monitoring_interval, ]; // Save filter args. @@ -183,16 +188,23 @@ if ($create) { $traffic_max = get_parameter('traffic_max', 0); $traffic_critical = get_parameter('traffic_critical', 0); $traffic_warning = get_parameter('traffic_warning', 0); + $netflow_monitoring_interval = get_parameter('netflow_monitoring_interval', 300); $values = [ - 'id_name' => $name, - 'id_group' => $assign_group, - 'ip_dst' => $ip_dst, - 'ip_src' => $ip_src, - 'dst_port' => $dst_port, - 'src_port' => $src_port, - 'aggregate' => $aggregate, - 'advanced_filter' => $advanced_filter, + 'id_name' => $name, + 'id_group' => $assign_group, + 'ip_dst' => $ip_dst, + 'ip_src' => $ip_src, + 'dst_port' => $dst_port, + 'src_port' => $src_port, + 'aggregate' => $aggregate, + 'advanced_filter' => $advanced_filter, + 'netflow_monitoring' => $netflow_monitoring, + 'traffic_max' => $traffic_max, + 'traffic_critical' => $traffic_critical, + 'traffic_warning' => $traffic_warning, + 'netflow_monitoring_interval' => $netflow_monitoring_interval, + ]; // Save filter args @@ -234,6 +246,8 @@ $table->data['first_line'][] = html_print_label_input_block( false, 20, 80, + true, + false, true ) ); @@ -361,8 +375,8 @@ $table->data['advanced_filters'][] = html_print_label_input_block( // Netflow server options. -$table->colspan['netflow_monitoring'][] = 1; -$table->data['netflow_server_filters'][] = html_print_label_input_block( +$table->colspan['netflow_monitoring'][] = 2; +$table->data['netflow_monitoring'][] = html_print_label_input_block( __('Enable Netflow monitoring'), html_print_checkbox_switch( 'netflow_monitoring', @@ -370,12 +384,25 @@ $table->data['netflow_server_filters'][] = html_print_label_input_block( (bool) $netflow_monitoring, true, false, + 'displayMonitoringFilter()' ).ui_print_input_placeholder( __('Allows you to create an agent that monitors the traffic volume of this filter. It also creates a module that measures if the traffic of any IP of this filter exceeds a certain threshold. A text type module will be created with the traffic rate for each IP within this filter every five minutes (the 10 IP\'s with the most traffic). Only available for Enterprise version.'), true ) ); +$table->data['netflow_server_filters'][] = html_print_label_input_block( + __('Netflow monitoring interval'), + html_print_input_number( + [ + 'step' => 1, + 'name' => 'netflow_monitoring_interval', + 'id' => 'netflow_monitoring_interval', + 'value' => $netflow_monitoring_interval, + ] + ).ui_print_input_placeholder(__('Netflow monitoring interval in secs.'), true) +); + $table->data['netflow_server_filters'][] = html_print_label_input_block( __('Maximum traffic value of the filter'), html_print_input_number( @@ -389,11 +416,12 @@ $table->data['netflow_server_filters'][] = html_print_label_input_block( ); $table->colspan['netflow_thresholds'][] = 1; + $table->data['netflow_thresholds'][] = html_print_label_input_block( __('CRITICAL threshold for the maximum % of traffic for an IP.'), html_print_input_number( [ - 'step' => 0.1, + 'step' => 0.01, 'name' => 'traffic_critical', 'id' => 'traffic_critical', 'value' => $traffic_critical, @@ -407,7 +435,7 @@ $table->data['netflow_thresholds'][] = html_print_label_input_block( __('WARNING threshold for the maximum % of traffic for an IP.'), html_print_input_number( [ - 'step' => 0.1, + 'step' => 0.01, 'name' => 'traffic_warning', 'id' => 'traffic_warning', 'value' => $traffic_warning, @@ -456,6 +484,7 @@ html_print_action_buttons( else { displayAdvancedFilter (); } + displayMonitoringFilter(); }); function displayAdvancedFilter () { @@ -494,4 +523,24 @@ html_print_action_buttons( document.getElementById("table1-6").style.display = ''; */ }; + + function displayMonitoringFilter () { + var checked = $('#checkbox-netflow_monitoring').prop('checked'); + + if(checked == false) { + // Reset values. + $("#netflow_monitoring_interval").val(300); + $("#traffic_max").val(0); + $("#traffic_critical").val(0); + $("#traffic_warning").val(0); + + // Hide filters. + $("#table1-netflow_server_filters").hide(); + $("#table1-netflow_thresholds").hide(); + } else { + // Show filters. + $("#table1-netflow_server_filters").show(); + $("#table1-netflow_thresholds").show(); + } + }; diff --git a/pandora_console/operation/netflow/nf_live_view.php b/pandora_console/operation/netflow/nf_live_view.php index 99ccd394b2..ceaa2249e6 100644 --- a/pandora_console/operation/netflow/nf_live_view.php +++ b/pandora_console/operation/netflow/nf_live_view.php @@ -94,6 +94,7 @@ $filter['dst_port'] = get_parameter('dst_port', ''); $filter['src_port'] = get_parameter('src_port', ''); $filter['advanced_filter'] = get_parameter('advanced_filter', ''); $filter['netflow_monitoring'] = (bool) get_parameter('netflow_monitoring'); +$filter['netflow_monitoring_interval'] = (int) get_parameter('netflow_monitoring_interval', 300); $filter['traffic_max'] = get_parameter('traffic_max', 0); $filter['traffic_critical'] = get_parameter('traffic_critical', 0); $filter['traffic_warning'] = get_parameter('traffic_warning', 0); @@ -373,9 +374,21 @@ $advanced_toggle .= "".__('Enable Netflow monitori $advanced_toggle .= ''.html_print_checkbox_switch( 'netflow_monitoring', 1, - (bool) $netflow_monitoring, + (bool) $filter['netflow_monitoring'], true, false, + 'displayMonitoringFilter()', +).''; + +$advanced_toggle .= ''; +$advanced_toggle .= "".__('Netflow monitoring interval').ui_print_help_tip(__('Netflow monitoring interval in secs.'), true).''; +$advanced_toggle .= ''.html_print_input_number( + [ + 'step' => 1, + 'name' => 'netflow_monitoring_interval', + 'id' => 'netflow_monitoring_interval', + 'value' => $filter['netflow_monitoring_interval'], + ] ).''; $advanced_toggle .= "".__('Maximum traffic value of the filter').ui_print_help_tip(__('Specifies the maximum rate (in bytes/sec) of traffic in the filter. It is then used to calculate the % of maximum traffic per IP.'), true).''; @@ -390,12 +403,12 @@ $advanced_toggle .= ''.html_print_input_number( $advanced_toggle .= ''; -$advanced_toggle .= ''; +$advanced_toggle .= ''; $advanced_toggle .= "".__('CRITICAL threshold for the maximum % of traffic for an IP.').ui_print_help_tip(__('If this % is exceeded by any IP within the filter, a CRITICAL status will be generated.'), true).''; $advanced_toggle .= ''.html_print_input_number( [ - 'step' => 1, + 'step' => 0.01, 'name' => 'traffic_critical', 'id' => 'traffic_critical', 'value' => $filter['traffic_critical'], @@ -405,7 +418,7 @@ $advanced_toggle .= ''.html_print_input_number( $advanced_toggle .= "".__('WARNING threshold for the maximum % of traffic of an IP.').ui_print_help_tip(__('If this % is exceeded by any IP within the filter, a WARNING status will be generated.'), true).''; $advanced_toggle .= ''.html_print_input_number( [ - 'step' => 1, + 'step' => 0.01, 'name' => 'traffic_warning', 'id' => 'traffic_warning', 'value' => $filter['traffic_warning'], @@ -766,6 +779,26 @@ ui_include_time_picker(); // Show the normal filter $(".filter_normal").show(); }; + + function displayMonitoringFilter () { + var checked = $('#checkbox-netflow_monitoring').prop('checked'); + + if(checked == false) { + // Reset values. + $("#netflow_monitoring_interval").val(300); + $("#traffic_max").val(0); + $("#traffic_critical").val(0); + $("#traffic_warning").val(0); + + // Hide filters. + $("#netlofw_monitoring_filters").hide(); + $("#netlofw_monitoring_thresholds").hide(); + } else { + // Show filters. + $("#netlofw_monitoring_filters").show(); + $("#netlofw_monitoring_thresholds").show(); + } + } // Ask the user to define a name for the filter in order to save it function defineFilterName () { @@ -789,7 +822,6 @@ ui_include_time_picker(); $("#filter_id").change(function () { var filter_type; - // Hide information and name/group row $(".filter_save").hide(); @@ -811,6 +843,7 @@ ui_include_time_picker(); $("#traffic_max").val(''); $("#traffic_critical").val(''); $("#traffic_warning").val(''); + $("#netflow_monitoring_interval").val(300); $('#checkbox-netflow_monitoring').prop('checked', false); @@ -884,25 +917,29 @@ ui_include_time_picker(); $("#aggregate").val(val); if (i == 'netflow_monitoring') $("#checkbox-netflow_monitoring").prop('checked', val == "0" ? false : true); + // Hide or show monitoring filters. + displayMonitoringFilter(); + if (i == 'netflow_monitoring_interval') + $("#netflow_monitoring_interval").val(val); if (i == 'traffic_max') $("#traffic_max").val(val); if (i == 'traffic_critical') $("#traffic_critical").val(val); if (i == 'traffic_warning') $("#traffic_warning").val(val); - }); } // Shows update filter button $("#submit-update_button").show(); - + } }); $(document).ready( function() { + displayMonitoringFilter(); // Update visibility of controls. nf_view_click_period(); // Hide update filter button From 112de35eeb6fd86cf1f2859d40fd061674e3898e Mon Sep 17 00:00:00 2001 From: Ramon Novoa Date: Fri, 31 Mar 2023 10:54:48 +0200 Subject: [PATCH 11/12] Add Netflow Server information (needs a new icon). --- pandora_console/images/netflow@svg.svg | 9 +++++++++ pandora_console/include/constants.php | 1 + pandora_console/include/functions_servers.php | 13 +++++++++++++ 3 files changed, 23 insertions(+) create mode 100644 pandora_console/images/netflow@svg.svg diff --git a/pandora_console/images/netflow@svg.svg b/pandora_console/images/netflow@svg.svg new file mode 100644 index 0000000000..89030956c6 --- /dev/null +++ b/pandora_console/images/netflow@svg.svg @@ -0,0 +1,9 @@ + + + + Dark / 20 / network@svg + Created with Sketch. + + + + \ No newline at end of file diff --git a/pandora_console/include/constants.php b/pandora_console/include/constants.php index 6b86c50c6d..1d11aad151 100644 --- a/pandora_console/include/constants.php +++ b/pandora_console/include/constants.php @@ -440,6 +440,7 @@ define('SERVER_TYPE_MIGRATION', 20); define('SERVER_TYPE_ALERT', 21); define('SERVER_TYPE_CORRELATION', 22); define('SERVER_TYPE_NCM', 23); +define('SERVER_TYPE_NETFLOW', 24); // REPORTS. define('REPORT_TOP_N_MAX', 1); diff --git a/pandora_console/include/functions_servers.php b/pandora_console/include/functions_servers.php index a58342dddb..28daa277e7 100644 --- a/pandora_console/include/functions_servers.php +++ b/pandora_console/include/functions_servers.php @@ -860,6 +860,19 @@ function servers_get_info($id_server=-1) $id_modulo = 0; break; + case SERVER_TYPE_NETFLOW: + $server['img'] = html_print_image( + 'images/netflow@svg.svg', + true, + [ + 'title' => __('Netflow server'), + 'class' => 'main_menu_icon invert_filter', + ] + ); + $server['type'] = 'netflow'; + $id_modulo = 0; + break; + default: $server['img'] = ''; $server['type'] = 'unknown'; From 4ff27a09ae126a9c1571cc52b8b746fd69760676 Mon Sep 17 00:00:00 2001 From: Ramon Novoa Date: Fri, 31 Mar 2023 11:51:25 +0200 Subject: [PATCH 12/12] Add a new icon for the Netflow Server. --- pandora_console/images/netflow@svg.svg | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/pandora_console/images/netflow@svg.svg b/pandora_console/images/netflow@svg.svg index 89030956c6..87261e6aa9 100644 --- a/pandora_console/images/netflow@svg.svg +++ b/pandora_console/images/netflow@svg.svg @@ -1,9 +1,5 @@ - - - Dark / 20 / network@svg - Created with Sketch. - - - - \ No newline at end of file + + + +