From 85c9f77962317df30b6008f2a8e31e483814fe4d Mon Sep 17 00:00:00 2001 From: Ruairi Carroll Date: Thu, 3 Dec 2015 18:23:42 +0100 Subject: [PATCH 01/39] Adding polling and discovery code for fortigate_cpu --- .../discovery/processors/fortigate.inc.php | 31 ++++++++++++----- includes/polling/os/fortigate.inc.php | 33 +++++++++++-------- 2 files changed, 41 insertions(+), 23 deletions(-) diff --git a/includes/discovery/processors/fortigate.inc.php b/includes/discovery/processors/fortigate.inc.php index 3271978ba5..b77d4fbd56 100644 --- a/includes/discovery/processors/fortigate.inc.php +++ b/includes/discovery/processors/fortigate.inc.php @@ -1,18 +1,31 @@ Num CPUs in the device + if ($device['os'] == 'fortigate') { - echo 'Fortigate : '; + echo 'Fortigate : '; - $descr = 'Processor'; - $usage = snmp_get($device, '.1.3.6.1.4.1.12356.101.4.1.3.0', '-Ovq'); +// Forti have logical CPU numbering - start at 1 and increment to $num_cpu in the box. +$num_cpu = snmp_get($device, 'FORTINET-FORTIGATE-MIB::fgProcessorCount.0', '-Ovq'); - if (is_numeric($usage)) { - discover_processor($valid['processor'], $device, '.1.3.6.1.4.1.12356.101.4.1.3.0', '0', 'fortigate-fixed', $descr, '1', $usage, null, null); - } -} +print "Forti-found $num_cpu CPUs\n"; + +for($i = 1; $i <= $num_cpu; $i++) { + // HERP DERP IM A FORTIGATE AND I PUT NON NUMERIC VALUES IN A GAUGE + $cpu_usage = snmp_get($device, "FORTINET-FORTIGATE-MIB::fgProcessorUsage.$i", '-Ovq'); + $usage = trim ( str_replace(" %", "", $cpu_usage ) ) ; + $descr = snmp_get($device, "FORTINET-FORTIGATE-MIB::fgProcModDescr.$i", '-Ovq'); + print "CPU: $num_cpu - USAGE: $cpu_usage - TYPE $descr\n"; + if (is_numeric($usage)) { + discover_processor($valid['processor'], $device, "FORTINET-FORTIGATE-MIB::fgProcessorUsage." . $num_cpu, '0', 'fortigate-fixed', $descr, '1', $usage, null, null); + } +} // END For loop for CPU discovery + +} // END if device is Fortigate unset($processors_array); diff --git a/includes/polling/os/fortigate.inc.php b/includes/polling/os/fortigate.inc.php index 6c7ceb9223..98d394b9f3 100644 --- a/includes/polling/os/fortigate.inc.php +++ b/includes/polling/os/fortigate.inc.php @@ -33,21 +33,26 @@ if (is_numeric($sessions)) { $graphs['fortigate_sessions'] = true; } +// Start somewhat automated discovery for processors in the chassis + $cpurrd = $config['rrd_dir'].'/'.$device['hostname'].'/fortigate_cpu.rrd'; -$cpu_usage = snmp_get($device, 'FORTINET-FORTIGATE-MIB::fgSysCpuUsage.0', '-Ovq'); +$num_cpu = snmp_get($device, 'FORTINET-FORTIGATE-MIB::fgProcessorCount.0', '-Ovq'); +#$cpu_usage = snmp_get($device, 'FORTINET-FORTIGATE-MIB::fgSysCpuUsage.0', '-Ovq'); -if (is_numeric($cpu_usage)) { - if (!is_file($cpurrd)) { - rrdtool_create($cpurrd, ' --step 300 DS:LOAD:GAUGE:600:-1:100 '.$config['rrd_rra']); - } +print "NUM CPU: $num_cpu\n"; - echo "CPU: $cpu_usage%\n"; - - $fields = array( - 'LOAD' => $cpu_usage, - ); - - rrdtool_update($cpurrd, $fields); - - $graphs['fortigate_cpu'] = true; +// Fortigate have a pretty logical CPU index going on. It's predictable. +for($i = 1; $i <= $num_cpu; $i++) { + $cpurrd = $config['rrd_dir'].'/'.$device['hostname'].'/fortigate_cpu_'.$i.'.rrd'; + $cpu_usage = snmp_get($device, "FORTINET-FORTIGATE-MIB::fgProcessorUsage.$i", '-Ovq'); + $usage = trim ( str_replace(" %", "", $cpu_usage ) ) ; + print "CPU: $num_cpu - USAGE: $usage\n"; + if (!is_file($cpurrd)) { + print "$cpurrd not found\n"; + rrdtool_create($cpurrd, ' --step 300 DS:LOAD:GAUGE:600:-1:100 '.$config['rrd_rra']); + } + $fields = array( 'LOAD' => $usage ); + rrdtool_update($cpurrd, $fields); } + + From 59b4ef7712e8371542a7298beffa7a12d1fe99a0 Mon Sep 17 00:00:00 2001 From: vizay Date: Fri, 4 Dec 2015 15:35:02 +0100 Subject: [PATCH 02/39] Added discovery and polling support for brocade VDX devices. Removed an obsolete value and check for ifAlias (in definitions and ports) since VDX nowdays report correct from ifAlias. Removed printing of interface numbers for vdx devices in the interface list since VDX devices do not report the expected ifIndex value like other switches do --- html/includes/print-interface.inc.php | 11 ++++++++++- includes/definitions.inc.php | 1 - includes/discovery/mempools/nos.inc.php | 15 +++++++++++++++ includes/discovery/os/nos.inc.php | 4 ++-- includes/discovery/processors/nos.inc.php | 14 ++++++++++++++ includes/polling/mempools/nos.inc.php | 7 +++++++ includes/polling/os/nos.inc.php | 7 +++---- includes/polling/ports.inc.php | 2 +- includes/polling/processors/nos.inc.php | 3 +++ 9 files changed, 55 insertions(+), 9 deletions(-) create mode 100644 includes/discovery/mempools/nos.inc.php create mode 100644 includes/discovery/processors/nos.inc.php create mode 100644 includes/polling/mempools/nos.inc.php create mode 100644 includes/polling/processors/nos.inc.php diff --git a/html/includes/print-interface.inc.php b/html/includes/print-interface.inc.php index 996069a44b..1c02fb8a14 100644 --- a/html/includes/print-interface.inc.php +++ b/html/includes/print-interface.inc.php @@ -38,9 +38,18 @@ else { echo " "; -echo ' + +// Don't echo out ports ifIndex if it's a NOS device since their ifIndex is, for lack of better words....different +if ($device['os'] == 'nos') { + echo ' + '.generate_port_link($port, $port['label'])." $error_img $mac +
".$port['ifAlias'].''; +} +else { + echo ' '.generate_port_link($port, $port['ifIndex'].'. '.$port['label'])." $error_img $mac
".$port['ifAlias'].''; +} if ($port['ifAlias']) { echo '
'; diff --git a/includes/definitions.inc.php b/includes/definitions.inc.php index 56e4b28ebf..66426e0835 100644 --- a/includes/definitions.inc.php +++ b/includes/definitions.inc.php @@ -452,7 +452,6 @@ $os = 'nos'; $config['os'][$os]['text'] = 'Brocade NOS'; $config['os'][$os]['type'] = 'network'; $config['os'][$os]['ifname'] = 1; -$config['os'][$os]['descr_to_alias'] = 1; $config['os'][$os]['over'][0]['graph'] = 'device_bits'; $config['os'][$os]['over'][0]['text'] = 'Device Traffic'; $config['os'][$os]['over'][1]['graph'] = 'device_processor'; diff --git a/includes/discovery/mempools/nos.inc.php b/includes/discovery/mempools/nos.inc.php new file mode 100644 index 0000000000..3b86224ecc --- /dev/null +++ b/includes/discovery/mempools/nos.inc.php @@ -0,0 +1,15 @@ + Date: Sun, 6 Dec 2015 10:53:43 +0100 Subject: [PATCH 03/39] Removed starting parenthesis causing syntax error --- includes/polling/ports.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/polling/ports.inc.php b/includes/polling/ports.inc.php index d9e1da4a21..bc13c36f7c 100644 --- a/includes/polling/ports.inc.php +++ b/includes/polling/ports.inc.php @@ -333,7 +333,7 @@ foreach ($ports as $port) { echo 'VLAN == '.$this_port['ifVlan']; // When devices do not provide ifAlias data, populate with ifDescr data if configured - if (($this_port['ifAlias'] == '' || $this_port['ifAlias'] == NULL) { + if ($this_port['ifAlias'] == '' || $this_port['ifAlias'] == NULL) { $this_port['ifAlias'] = $this_port['ifDescr']; d_echo('Using ifDescr as ifAlias'); } From 35e0408eddf155a2a2c92ef484f0eddca9b0ef3e Mon Sep 17 00:00:00 2001 From: vizay Date: Tue, 8 Dec 2015 16:24:12 +0100 Subject: [PATCH 04/39] Added back discovery for older VDX systems for backwards compatibility. Fixed indentations --- includes/discovery/mempools/nos.inc.php | 18 +++++++++--------- includes/discovery/os/nos.inc.php | 2 +- includes/discovery/processors/nos.inc.php | 14 +++++++------- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/includes/discovery/mempools/nos.inc.php b/includes/discovery/mempools/nos.inc.php index 3b86224ecc..a801e52af4 100644 --- a/includes/discovery/mempools/nos.inc.php +++ b/includes/discovery/mempools/nos.inc.php @@ -1,15 +1,15 @@ Date: Wed, 9 Dec 2015 22:24:29 +0000 Subject: [PATCH 05/39] Added NOW() to dbUpdate calls to sensors --- includes/polling/functions.inc.php | 2 +- includes/polling/ipmi.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/includes/polling/functions.inc.php b/includes/polling/functions.inc.php index 72332250ed..f9b6221e24 100644 --- a/includes/polling/functions.inc.php +++ b/includes/polling/functions.inc.php @@ -119,7 +119,7 @@ function poll_sensor($device, $class, $unit) { log_event(ucfirst($class).' '.$sensor['sensor_descr'].' above threshold: '.$sensor_value." $unit (> ".$sensor['sensor_limit']." $unit)", $device, $class, $sensor['sensor_id']); } - dbUpdate(array('sensor_current' => $sensor_value), 'sensors', '`sensor_class` = ? AND `sensor_id` = ?', array($class, $sensor['sensor_id'])); + dbUpdate(array('sensor_current' => $sensor_value, 'lastupdate' => array('NOW()')), 'sensors', '`sensor_class` = ? AND `sensor_id` = ?', array($class, $sensor['sensor_id'])); }//end foreach }//end poll_sensor() diff --git a/includes/polling/ipmi.inc.php b/includes/polling/ipmi.inc.php index dffd192777..ddb4915946 100644 --- a/includes/polling/ipmi.inc.php +++ b/includes/polling/ipmi.inc.php @@ -50,7 +50,7 @@ if ($ipmi['host'] = get_dev_attrib($device, 'ipmi_hostname')) { rrdtool_update($rrd_file, $fields); // FIXME warnings in event & mail not done here yet! - dbUpdate(array('sensor_current' => $sensor), 'sensors', 'poller_type = ? AND sensor_class = ? AND sensor_id = ?', array('ipmi', $ipmisensors['sensor_class'], $ipmisensors['sensor_id'])); + dbUpdate(array('sensor_current' => $sensor, 'lastupdate' => array('NOW()')), 'sensors', 'poller_type = ? AND sensor_class = ? AND sensor_id = ?', array('ipmi', $ipmisensors['sensor_class'], $ipmisensors['sensor_id'])); } unset($ipmi_sensor); From 62b4c21a1233dd8ebe71a84efe7338c30a535ac6 Mon Sep 17 00:00:00 2001 From: laf Date: Sat, 12 Dec 2015 12:58:07 +0000 Subject: [PATCH 06/39] Added API calls for device groups --- doc/API/API-Docs.md | 73 +++++++++++++++++++++++++++++ html/api_v0.php | 2 + html/includes/api_functions.inc.php | 36 +++++++++++++- includes/device-groups.inc.php | 18 ++++++- 4 files changed, 127 insertions(+), 2 deletions(-) diff --git a/doc/API/API-Docs.md b/doc/API/API-Docs.md index e879fe637b..c9dd5c99ec 100644 --- a/doc/API/API-Docs.md +++ b/doc/API/API-Docs.md @@ -19,6 +19,9 @@ - [`add_device`](#api-route-11) - [`list_oxidized`](#api-route-21) - [`update_device_field`](#api-route-update_device_field) + - [`get_device_groups`](#api-route-get_device_groups) + - [`devicegroups`](#api-devicegroups) + - [`get_devicegroups`](#api-route-get_devicegroups) - [`routing`](#api-routing) - [`list_bgp`](#api-route-1) - [`switching`](#api-switching) @@ -490,6 +493,76 @@ Output: ] ``` +### Function `get_device_groups` [`top`](#top) + +List the device groups that a device is matched on. + +Route: /api/v0/devices/:hostname/groups + +Input (JSON): + + - + +Examples: +```curl +curl -H 'X-Auth-Token: YOURAPITOKENHERE' https://librenms.org/api/v0/devices/localhost/groups +``` + +Output: +```text +[ + { + "status": "ok", + "message": "Found 1 device groups", + "count": 1, + "groups": [ + { + "id": "1", + "name": "Testing", + "desc": "Testing", + "pattern": "%devices.status = \"1\" &&" + } + ] + } +] +``` + +## `Device Groups` [`top`](#top) + +### Function `get_devicegroups` [`top`](#top) + +List all device groups. + +Route: /api/v0/devicegroups + +Input (JSON): + + - + +Examples: +```curl +curl -H 'X-Auth-Token: YOURAPITOKENHERE' https://librenms.org/api/v0/devicegroups +``` + +Output: +```text +[ + { + "status": "ok", + "message": "Found 1 device groups", + "count": 1, + "groups": [ + { + "id": "1", + "name": "Testing", + "desc": "Testing", + "pattern": "%devices.status = \"1\" &&" + } + ] + } +] +``` + ## `Routing` [`top`](#top) ### Function: `list_bgp` [`top`](#top) diff --git a/html/api_v0.php b/html/api_v0.php index 426591162b..d5de47c5ee 100644 --- a/html/api_v0.php +++ b/html/api_v0.php @@ -49,6 +49,7 @@ $app->group( // api/v0/devices/$hostname/graphs $app->get('/:hostname/ports', 'authToken', 'get_port_graphs')->name('get_port_graphs'); // api/v0/devices/$hostname/ports + $app->get('/:hostname/groups', 'authToken', 'get_device_groups')->name('get_device_groups'); $app->get('/:hostname/:type', 'authToken', 'get_graph_generic_by_hostname')->name('get_graph_generic_by_hostname'); // api/v0/devices/$hostname/$type $app->get('/:hostname/ports/:ifname', 'authToken', 'get_port_stats_by_port_hostname')->name('get_port_stats_by_port_hostname'); @@ -61,6 +62,7 @@ $app->group( // api/v0/devices $app->post('/devices', 'authToken', 'add_device')->name('add_device'); // api/v0/devices (json data needs to be passed) + $app->get('/devicegroups', 'authToken', 'get_device_groups')->name('get_devicegroups'); $app->group( '/portgroups', function () use ($app) { diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index 8469e10532..de6c307c36 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -13,7 +13,7 @@ */ require_once '../includes/functions.php'; - +require_once '../includes/device-groups.inc.php'; function authToken(\Slim\Route $route) { $app = \Slim\Slim::getInstance(); @@ -1014,3 +1014,37 @@ function update_device() { $app->response->headers->set('Content-Type', 'application/json'); echo _json_encode($output); } + +function get_device_groups() { + $app = \Slim\Slim::getInstance(); + $router = $app->router()->getCurrentRoute()->getParams(); + $status = 'error'; + $code = 404; + $hostname = $router['hostname']; + // use hostname as device_id if it's all digits + $device_id = ctype_digit($hostname) ? $hostname : getidbyname($hostname); + if (is_numeric($device_id)) { + $groups = GetFullGroupsFromDevice($device_id); + } + else { + $groups = GetDeviceGroups(); + } + if (empty($groups)) { + $message = 'No device groups found'; + } + else { + $status = 'ok'; + $code = 200; + $message = 'Found ' . count($groups) . ' device groups'; + } + + $output = array( + 'status' => $status, + 'message' => $message, + 'count' => count($groups), + 'groups' => $groups, + ); + $app->response->setStatus($code); + $app->response->headers->set('Content-Type', 'application/json'); + echo _json_encode($output); +} diff --git a/includes/device-groups.inc.php b/includes/device-groups.inc.php index 45d5afcd21..6f81048463 100644 --- a/includes/device-groups.inc.php +++ b/includes/device-groups.inc.php @@ -99,7 +99,6 @@ function GetDeviceGroups() { }//end GetDeviceGroups() - /** * Get all groups of Device * @param integer $device Device-ID @@ -117,6 +116,23 @@ function GetGroupsFromDevice($device) { }//end GetGroupsFromDevice() +/** + * Get all groups of Device + * @param integer $device Device-ID + * @return array + */ +function GetFullGroupsFromDevice($device) { + $ret = array(); + foreach (GetDeviceGroups() as $group) { + if (dbFetchCell(GenGroupSQL($group['pattern'], 'device_id=?').' LIMIT 1', array($device)) == $device) { + $ret[] = $group; + } + } + + return $ret; + +}//end GetGroupsFromDevice() + /** * Process Macros * @param string $rule Rule to process From a73a997edc843b47277f0c3f365bd6199730705b Mon Sep 17 00:00:00 2001 From: laf Date: Sat, 12 Dec 2015 13:47:44 +0000 Subject: [PATCH 07/39] Added API call for listing devices by groups --- doc/API/API-Docs.md | 81 +++++++++++++++++++++++++++++ html/api_v0.php | 6 +++ html/includes/api_functions.inc.php | 35 +++++++++++++ includes/device-groups.inc.php | 2 +- 4 files changed, 123 insertions(+), 1 deletion(-) diff --git a/doc/API/API-Docs.md b/doc/API/API-Docs.md index c9dd5c99ec..3e96ebe703 100644 --- a/doc/API/API-Docs.md +++ b/doc/API/API-Docs.md @@ -22,6 +22,7 @@ - [`get_device_groups`](#api-route-get_device_groups) - [`devicegroups`](#api-devicegroups) - [`get_devicegroups`](#api-route-get_devicegroups) + - [`get_devices_by_group`](#api-route-get_devices_by_group) - [`routing`](#api-routing) - [`list_bgp`](#api-route-1) - [`switching`](#api-switching) @@ -472,6 +473,8 @@ Update devices field in the database. Route: /api/v0/devices/:hostname +- hostname can be either the device hostname or id + Input (JSON): - field: The column name within the database @@ -499,6 +502,8 @@ List the device groups that a device is matched on. Route: /api/v0/devices/:hostname/groups +- hostname can be either the device hostname or id + Input (JSON): - @@ -563,6 +568,82 @@ Output: ] ``` +### Function `get_devices_by_group` [`top`](#top) + +List all devices matching the group provided. + +Route: /api/v0/devicegroups/:name + +- name Is the name of the device group which can be obtained using [`get_devicegroups`](#api-route-get_devicegroups). Please ensure that the name is urlencoded if it needs to be (i.e Linux Servers would need to be urlencoded. + +Input (JSON): + + - + +Examples: +```curl +curl -H 'X-Auth-Token: YOURAPITOKENHERE' https://librenms.org/api/v0/devicegroups/LinuxServers +``` + +Output: +```text +[ + { + "status": "error", + "message": "Found 1 in group LinuxServers", + "count": 1, + "devices": [ + { + "device_id": "1", + "hostname": "localhost", + "sysName": "hostname", + "community": "librenms", + "authlevel": null, + "authname": null, + "authpass": null, + "authalgo": null, + "cryptopass": null, + "cryptoalgo": null, + "snmpver": "v2c", + "port": "161", + "transport": "udp", + "timeout": null, + "retries": null, + "bgpLocalAs": null, + "sysObjectID": ".1.3.6.1.4.1.8072.3.2.10", + "sysDescr": "Linux li1045-133.members.linode.com 4.1.5-x86_64-linode61 #7 SMP Mon Aug 24 13:46:31 EDT 2015 x86_64", + "sysContact": "", + "version": "4.1.5-x86_64-linode61", + "hardware": "Generic x86 64-bit", + "features": "CentOS 7.1.1503", + "location": "", + "os": "linux", + "status": "1", + "status_reason": "", + "ignore": "0", + "disabled": "0", + "uptime": "4615964", + "agent_uptime": "0", + "last_polled": "2015-12-12 13:20:04", + "last_poll_attempted": null, + "last_polled_timetaken": "1.90", + "last_discovered_timetaken": "79.53", + "last_discovered": "2015-12-12 12:34:21", + "last_ping": "2015-12-12 13:20:04", + "last_ping_timetaken": "0.08", + "purpose": null, + "type": "server", + "serial": null, + "icon": null, + "poller_group": "0", + "override_sysLocation": "0", + "notes": "Nope" + } + ] + } +] +``` + ## `Routing` [`top`](#top) ### Function: `list_bgp` [`top`](#top) diff --git a/html/api_v0.php b/html/api_v0.php index d5de47c5ee..e46c0a3ea8 100644 --- a/html/api_v0.php +++ b/html/api_v0.php @@ -62,6 +62,12 @@ $app->group( // api/v0/devices $app->post('/devices', 'authToken', 'add_device')->name('add_device'); // api/v0/devices (json data needs to be passed) + $app->group( + '/devicegroups', + function () use ($app) { + $app->get('/:name', 'authToken', 'get_devices_by_group')->name('get_devices_by_group'); + } + ); $app->get('/devicegroups', 'authToken', 'get_device_groups')->name('get_devicegroups'); $app->group( '/portgroups', diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index de6c307c36..7f89b37cb1 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -1048,3 +1048,38 @@ function get_device_groups() { $app->response->headers->set('Content-Type', 'application/json'); echo _json_encode($output); } + +function get_devices_by_group() { + $app = \Slim\Slim::getInstance(); + $router = $app->router()->getCurrentRoute()->getParams(); + $status = 'error'; + $code = 404; + $name = urldecode($router['name']); + $devices = array(); + if (empty($name)) { + $message = 'No device group name provided'; + } + else { + $group_id = dbFetchCell("SELECT `id` FROM `device_groups` WHERE `name`=?",array($name)); + $devices = GetDevicesFromGroup($group_id); + $count = count($devices); + if (empty($devices)) { + $message = 'No devices found in group ' . $name; + } + else { + $message = "Found $count in group $name"; + $code = 200; + } + } + $output = array( + 'status' => $status, + 'message' => $message, + 'count' => $count, + 'devices' => $devices, + ); + + $app->response->setStatus($code); + $app->response->headers->set('Content-Type', 'application/json'); + echo _json_encode($output); + +} diff --git a/includes/device-groups.inc.php b/includes/device-groups.inc.php index 6f81048463..bb703f2cd6 100644 --- a/includes/device-groups.inc.php +++ b/includes/device-groups.inc.php @@ -66,7 +66,7 @@ function GenGroupSQL($pattern, $search='') { $search .= ' &&'; } - $sql = 'SELECT DISTINCT('.str_replace('(', '', $tables[0]).'.device_id) FROM '.implode(',', $tables).' WHERE '.$search.' ('.str_replace(array('%', '@', '!~', '~'), array('', '.*', 'NOT REGEXP', 'REGEXP'), $pattern).')'; + $sql = 'SELECT DISTINCT('.str_replace('(', '', $tables[0]).'.device_id),`devices`.* FROM '.implode(',', $tables).' WHERE '.$search.' ('.str_replace(array('%', '@', '!~', '~'), array('', '.*', 'NOT REGEXP', 'REGEXP'), $pattern).')'; return $sql; }//end GenGroupSQL() From d0306ae8ae630b1cc9968e832cb2a59ac2d451ef Mon Sep 17 00:00:00 2001 From: laf Date: Sat, 12 Dec 2015 14:21:49 +0000 Subject: [PATCH 08/39] Fixing scrut issue --- html/includes/api_functions.inc.php | 1 + 1 file changed, 1 insertion(+) diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index 7f89b37cb1..a6ca257235 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -1054,6 +1054,7 @@ function get_devices_by_group() { $router = $app->router()->getCurrentRoute()->getParams(); $status = 'error'; $code = 404; + $count = 0; $name = urldecode($router['name']); $devices = array(); if (empty($name)) { From b31cbd8dae0bd774ba60f435da6f8f91ffdc0a2e Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 13:49:48 +0000 Subject: [PATCH 09/39] Code for Radius authentication added --- html/includes/authenticate.inc.php | 2 +- html/includes/authentication/radius.inc.php | 115 +++ lib/pure_php_radius/radius.class.php | 840 ++++++++++++++++++++ 3 files changed, 956 insertions(+), 1 deletion(-) create mode 100644 html/includes/authentication/radius.inc.php create mode 100644 lib/pure_php_radius/radius.class.php diff --git a/html/includes/authenticate.inc.php b/html/includes/authenticate.inc.php index f1f5087d2e..12ccd7d2e3 100644 --- a/html/includes/authenticate.inc.php +++ b/html/includes/authenticate.inc.php @@ -62,7 +62,7 @@ else { $auth_success = 0; if ((isset($_SESSION['username'])) || (isset($_COOKIE['sess_id'],$_COOKIE['token']))) { - if ((authenticate($_SESSION['username'], $_SESSION['password'])) || (reauthenticate($_COOKIE['sess_id'], $_COOKIE['token']))) { + if (reauthenticate($_COOKIE['sess_id'], $_COOKIE['token']) || authenticate($_SESSION['username'], $_SESSION['password'])) { $_SESSION['userlevel'] = get_userlevel($_SESSION['username']); $_SESSION['user_id'] = get_userid($_SESSION['username']); if (!$_SESSION['authenticated']) { diff --git a/html/includes/authentication/radius.inc.php b/html/includes/authentication/radius.inc.php new file mode 100644 index 0000000000..a6ab0600cf --- /dev/null +++ b/html/includes/authentication/radius.inc.php @@ -0,0 +1,115 @@ +SetDebugMode(TRUE); + } + $rad = $radius->AccessRequest($username,$password); + if($rad === true) { + $user_authenticated = 1; + adduser($username); + return 1; + } + else { + return 0; + } + } +} + +function reauthenticate() { + return 0; +} + + +function passwordscanchange() { + // not supported so return 0 + return 0; +} + + +function changepassword() { + // not supported so return 0 + return 0; +} + + +function auth_usermanagement() { + // not supported so return 0 + return 1; +} + + +function adduser($username, $password, $level=0, $email='', $realname='', $can_modify_passwd=0, $description='', $twofactor=0) { + // Check to see if user is already added in the database + if (!user_exists($username)) { + $userid = dbInsert(array('username' => $username, 'realname' => '', 'email' => '', 'descr' => '', 'level' => $level, 'can_modify_passwd' => 0, 'twofactor' => 0), 'users'); + if ($userid == false) { + return false; + } + else { + foreach (dbFetchRows('select notifications.* from notifications where not exists( select 1 from notifications_attribs where notifications.notifications_id = notifications_attribs.notifications_id and notifications_attribs.user_id = ?) order by notifications.notifications_id desc',array($userid)) as $notif) { + dbInsert(array('notifications_id'=>$notif['notifications_id'],'user_id'=>$userid,'key'=>'read','value'=>1),'notifications_attribs'); + } + } + return $userid; + } + else { + return false; + } +} + +function user_exists($username) { + return dbFetchCell('SELECT COUNT(*) FROM users WHERE username = ?', array($username), true); +} + + +function get_userlevel($username) { + return dbFetchCell('SELECT `level` FROM `users` WHERE `username` = ?', array($username), true); +} + + +function get_userid($username) { + return dbFetchCell('SELECT `user_id` FROM `users` WHERE `username` = ?', array($username), true); +} + + +function deluser() { + dbDelete('bill_perms', '`user_name` = ?', array($username)); + dbDelete('devices_perms', '`user_name` = ?', array($username)); + dbDelete('ports_perms', '`user_name` = ?', array($username)); + dbDelete('users_prefs', '`user_name` = ?', array($username)); + dbDelete('users', '`user_name` = ?', array($username)); + return dbDelete('users', '`username` = ?', array($username)); +} + + +function get_userlist() { + return dbFetchRows('SELECT * FROM `users`'); +} + + +function can_update_users() { + // supported so return 1 + return 1; +} + + +function get_user($user_id) { + return dbFetchRow('SELECT * FROM `users` WHERE `user_id` = ?', array($user_id), true); +} + + +function update_user($user_id, $realname, $level, $can_modify_passwd, $email) { + dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id)); + +} diff --git a/lib/pure_php_radius/radius.class.php b/lib/pure_php_radius/radius.class.php new file mode 100644 index 0000000000..b56f061aff --- /dev/null +++ b/lib/pure_php_radius/radius.class.php @@ -0,0 +1,840 @@ +. + * + * + * @author: SysCo/al + * @since CreationDate: 2008-01-04 + * @copyright (c) 2008 by SysCo systemes de communication sa + * @version $LastChangedRevision: 1.2.2 $ + * @version $LastChangedDate: 2009-01-05 $ + * @version $LastChangedBy: SysCo/al $ + * @link $HeadURL: radius.class.php $ + * @link http://developer.sysco.ch/php/ + * @link developer@sysco.ch + * Language: PHP 4.0.7 or higher + * + * + * Usage + * + * require_once('radius.class.php'); + * $radius = new Radius($ip_radius_server = 'radius_server_ip_address', $shared_secret = 'radius_shared_secret'[, $radius_suffix = 'optional_radius_suffix'[, $udp_timeout = udp_timeout_in_seconds[, $authentication_port = 1812]]]); + * $result = $radius->Access_Request($username = 'username', $password = 'password'[, $udp_timeout = udp_timeout_in_seconds]); + * + * + * Examples + * + * Example 1 + * SetNasIpAddress('1.2.3.4'); // Needed for some devices, and not auto_detected if PHP not runned through a web server + * if ($radius->AccessRequest('user', 'pass')) + * { + * echo "Authentication accepted."; + * } + * else + * { + * echo "Authentication rejected."; + * } + * ?> + * + * Example 2 + * SetNasPort(0); + * $radius->SetNasIpAddress('1.2.3.4'); // Needed for some devices, and not auto_detected if PHP not runned through a web server + * if ($radius->AccessRequest('user', 'pass')) + * { + * echo "Authentication accepted."; + * echo "
"; + * } + * else + * { + * echo "Authentication rejected."; + * echo "
"; + * } + * echo $radius->GetReadableReceivedAttributes(); + * ?> + * + * + * External file needed + * + * none. + * + * + * External file created + * + * none. + * + * + * Special issues + * + * - Sockets support must be enabled. + * * In Linux and *nix environments, the extension is enabled at + * compile time using the --enable-sockets configure option + * * In Windows, PHP Sockets can be activated by un-commenting + * extension=php_sockets.dll in php.ini + * + * + * Other related ressources + * + * FreeRADIUS, a free Radius server implementation for Linux and *nix environments: + * http://www.freeradius.org/ + * + * WinRadius, Windows Radius server (free for 5 users): + * http://www.itconsult2000.com/en/product/WinRadius.zip + * + * Radl, a free Radius server for Windows: + * http://www.loriotpro.com/Products/RadiusServer/FreeRadiusServer_EN.php + * + * DOS command line Radius client: + * http://www.itconsult2000.com/en/product/WinRadiusClient.zip + * + * + * Users feedbacks and comments + * + * 2008-07-02 Pim Koeman/Parantion + * + * When using a radius connection behind a linux iptables firewall + * allow port 1812 and 1813 with udp protocol + * + * IPTABLES EXAMPLE (command line): + * iptables -A AlwaysACCEPT -p udp --dport 1812 -j ACCEPT + * iptables -A AlwaysACCEPT -p udp --dport 1813 -j ACCEPT + * + * or put the lines in /etc/sysconfig/iptables (red-hat type systems (fedora, centos, rhel etc.) + * -A AlwaysACCEPT -p udp --dport 1812 -j ACCEPT + * -A AlwaysACCEPT -p udp --dport 1813 -j ACCEPT + * + * + * Change Log + * + * 2009-01-05 1.2.2 SysCo/al Added Robert Svensson feedback, Mideye RADIUS server is supported + * 2008-11-11 1.2.1 SysCo/al Added Carlo Ferrari resolution in examples (add NAS IP Address for a VASCO Middleware server) + * 2008-07-07 1.2 SysCo/al Added Pim Koeman (Parantion) contribution + * - comments concerning using radius behind a linux iptables firewall + * Added Jon Bright (tick Trading Software AG) contribution + * - false octal encoding with 0xx indexes (indexes are now rewritten in xx only) + * - challenge/response support for the RSA SecurID New-PIN mode + * Added GetRadiusPacketInfo() method + * Added GetAttributesInfo() method + * Added DecodeVendorSpecificContent() (to answer Raul Carvalho's question) + * Added Decoded Vendor Specific Content in debug messages + * 2008-02-04 1.1 SysCo/al Typo error for the udp_timeout parameter (line 256 in the version 1.0) + * 2008-01-07 1.0 SysCo/al Initial release + * + *********************************************************************/ + + +/********************************************************************* + * + * Radius + * Pure PHP radius class + * + * Creation 2008-01-04 + * Update 2009-01-05 + * @package radius + * @version v.1.2.2 + * @author SysCo/al + * + *********************************************************************/ +class Radius +{ + var $_ip_radius_server; // Radius server IP address + var $_shared_secret; // Shared secret with the radius server + var $_radius_suffix; // Radius suffix (default is ''); + var $_udp_timeout; // Timeout of the UDP connection in seconds (default value is 5) + var $_authentication_port; // Authentication port (default value is 1812) + var $_accounting_port; // Accouting port (default value is 1813) + var $_nas_ip_address; // NAS IP address + var $_nas_port; // NAS port + var $_encrypted_password; // Encrypted password, as described in the RFC 2865 + var $_user_ip_address; // Remote IP address of the user + var $_request_authenticator; // Request-Authenticator, 16 octets random number + var $_response_authenticator; // Request-Authenticator, 16 octets random number + var $_username; // Username to sent to the Radius server + var $_password; // Password to sent to the Radius server (clear password, must be encrypted) + var $_identifier_to_send; // Identifier field for the packet to be sent + var $_identifier_received; // Identifier field for the received packet + var $_radius_packet_to_send; // Radius packet code (1=Access-Request, 2=Access-Accept, 3=Access-Reject, 4=Accounting-Request, 5=Accounting-Response, 11=Access-Challenge, 12=Status-Server (experimental), 13=Status-Client (experimental), 255=Reserved + var $_radius_packet_received; // Radius packet code (1=Access-Request, 2=Access-Accept, 3=Access-Reject, 4=Accounting-Request, 5=Accounting-Response, 11=Access-Challenge, 12=Status-Server (experimental), 13=Status-Client (experimental), 255=Reserved + var $_attributes_to_send; // Radius attributes to send + var $_attributes_received; // Radius attributes received + var $_socket_to_server; // Socket connection + var $_debug_mode; // Debug mode flag + var $_attributes_info; // Attributes info array + var $_radius_packet_info; // Radius packet codes info array + var $_last_error_code; // Last error code + var $_last_error_message; // Last error message + + + /********************************************************************* + * + * Name: Radius + * short description: Radius class constructor + * + * Creation 2008-01-04 + * Update 2009-01-05 + * @version v.1.2.2 + * @author SysCo/al + * @param string ip address of the radius server + * @param string shared secret with the radius server + * @param string radius domain name suffix (default is empty) + * @param integer UDP timeout (default is 5) + * @param integer authentication port + * @param integer accounting port + * @return NULL + *********************************************************************/ + public function Radius($ip_radius_server = '127.0.0.1', $shared_secret = '', $radius_suffix = '', $udp_timeout = 5, $authentication_port = 1812, $accounting_port = 1813) + { + $this->_radius_packet_info[1] = 'Access-Request'; + $this->_radius_packet_info[2] = 'Access-Accept'; + $this->_radius_packet_info[3] = 'Access-Reject'; + $this->_radius_packet_info[4] = 'Accounting-Request'; + $this->_radius_packet_info[5] = 'Accounting-Response'; + $this->_radius_packet_info[11] = 'Access-Challenge'; + $this->_radius_packet_info[12] = 'Status-Server (experimental)'; + $this->_radius_packet_info[13] = 'Status-Client (experimental)'; + $this->_radius_packet_info[255] = 'Reserved'; + + $this->_attributes_info[1] = array('User-Name', 'S'); + $this->_attributes_info[2] = array('User-Password', 'S'); + $this->_attributes_info[3] = array('CHAP-Password', 'S'); // Type (1) / Length (1) / CHAP Ident (1) / String + $this->_attributes_info[4] = array('NAS-IP-Address', 'A'); + $this->_attributes_info[5] = array('NAS-Port', 'I'); + $this->_attributes_info[6] = array('Service-Type', 'I'); + $this->_attributes_info[7] = array('Framed-Protocol', 'I'); + $this->_attributes_info[8] = array('Framed-IP-Address', 'A'); + $this->_attributes_info[9] = array('Framed-IP-Netmask', 'A'); + $this->_attributes_info[10] = array('Framed-Routing', 'I'); + $this->_attributes_info[11] = array('Filter-Id', 'T'); + $this->_attributes_info[12] = array('Framed-MTU', 'I'); + $this->_attributes_info[13] = array('Framed-Compression', 'I'); + $this->_attributes_info[14] = array( 'Login-IP-Host', 'A'); + $this->_attributes_info[15] = array('Login-service', 'I'); + $this->_attributes_info[16] = array('Login-TCP-Port', 'I'); + $this->_attributes_info[17] = array('(unassigned)', ''); + $this->_attributes_info[18] = array('Reply-Message', 'T'); + $this->_attributes_info[19] = array('Callback-Number', 'S'); + $this->_attributes_info[20] = array('Callback-Id', 'S'); + $this->_attributes_info[21] = array('(unassigned)', ''); + $this->_attributes_info[22] = array('Framed-Route', 'T'); + $this->_attributes_info[23] = array('Framed-IPX-Network', 'I'); + $this->_attributes_info[24] = array('State', 'S'); + $this->_attributes_info[25] = array('Class', 'S'); + $this->_attributes_info[26] = array('Vendor-Specific', 'S'); // Type (1) / Length (1) / Vendor-Id (4) / Vendor type (1) / Vendor length (1) / Attribute-Specific... + $this->_attributes_info[27] = array('Session-Timeout', 'I'); + $this->_attributes_info[28] = array('Idle-Timeout', 'I'); + $this->_attributes_info[29] = array('Termination-Action', 'I'); + $this->_attributes_info[30] = array('Called-Station-Id', 'S'); + $this->_attributes_info[31] = array('Calling-Station-Id', 'S'); + $this->_attributes_info[32] = array('NAS-Identifier', 'S'); + $this->_attributes_info[33] = array('Proxy-State', 'S'); + $this->_attributes_info[34] = array('Login-LAT-Service', 'S'); + $this->_attributes_info[35] = array('Login-LAT-Node', 'S'); + $this->_attributes_info[36] = array('Login-LAT-Group', 'S'); + $this->_attributes_info[37] = array('Framed-AppleTalk-Link', 'I'); + $this->_attributes_info[38] = array('Framed-AppleTalk-Network', 'I'); + $this->_attributes_info[39] = array('Framed-AppleTalk-Zone', 'S'); + $this->_attributes_info[60] = array('CHAP-Challenge', 'S'); + $this->_attributes_info[61] = array('NAS-Port-Type', 'I'); + $this->_attributes_info[62] = array('Port-Limit', 'I'); + $this->_attributes_info[63] = array('Login-LAT-Port', 'S'); + $this->_attributes_info[76] = array('Prompt', 'I'); + + $this->_identifier_to_send = 0; + $this->_user_ip_address = (isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'0.0.0.0'); + + $this->GenerateRequestAuthenticator(); + $this->SetIpRadiusServer($ip_radius_server); + $this->SetSharedSecret($shared_secret); + $this->SetAuthenticationPort($authentication_port); + $this->SetAccountingPort($accounting_port); + $this->SetRadiusSuffix($radius_suffix); + $this->SetUdpTimeout($udp_timeout); + $this->SetUsername(); + $this->SetPassword(); + $this->SetNasIpAddress(); + $this->SetNasPort(); + + $this->ClearLastError(); + $this->ClearDataToSend(); + $this->ClearDataReceived(); + } + + + function GetNextIdentifier() + { + $this->_identifier_to_send = (($this->_identifier_to_send + 1) % 256); + return $this->_identifier_to_send; + } + + + function GenerateRequestAuthenticator() + { + $this->_request_authenticator = ''; + for ($ra_loop = 0; $ra_loop <= 15; $ra_loop++) + { + $this->_request_authenticator .= chr(rand(1, 255)); + } + } + + + function GetRequestAuthenticator() + { + return $this->_request_authenticator; + } + + + function GetLastError() + { + if (0 < $this->_last_error_code) + { + return $this->_last_error_message.' ('.$this->_last_error_code.')'; + } + else + { + return ''; + } + } + + + function ClearDataToSend() + { + $this->_radius_packet_to_send = 0; + $this->_attributes_to_send = NULL; + } + + + function ClearDataReceived() + { + $this->_radius_packet_received = 0; + $this->_attributes_received = NULL; + } + + + function SetPacketCodeToSend($packet_code) + { + $this->_radius_packet_to_send = $packet_code; + } + + + function SetDebugMode($debug_mode) + { + $this->_debug_mode = (TRUE === $debug_mode); + } + + + function SetIpRadiusServer($ip_radius_server) + { + $this->_ip_radius_server = gethostbyname($ip_radius_server); + } + + + function SetSharedSecret($shared_secret) + { + $this->_shared_secret = $shared_secret; + } + + + function SetRadiusSuffix($radius_suffix) + { + $this->_radius_suffix = $radius_suffix; + } + + + function SetUsername($username = '') + { + $temp_username = $username; + if (false === strpos($temp_username, '@')) + { + $temp_username .= $this->_radius_suffix; + } + + $this->_username = $temp_username; + $this->SetAttribute(1, $this->_username); + } + + + function SetPassword($password = '') + { + $this->_password = $password; + $encrypted_password = ''; + $padded_password = $password; + + if (0 != (strlen($password)%16)) + { + $padded_password .= str_repeat(chr(0),(16-strlen($password)%16)); + } + + $previous_result = $this->_request_authenticator; + + for ($full_loop = 0; $full_loop < (strlen($padded_password)/16); $full_loop++) + { + $xor_value = md5($this->_shared_secret.$previous_result); + + $previous_result = ''; + for ($xor_loop = 0; $xor_loop <= 15; $xor_loop++) + { + $value1 = ord(substr($padded_password, ($full_loop * 16) + $xor_loop, 1)); + $value2 = hexdec(substr($xor_value, 2*$xor_loop, 2)); + $xor_result = $value1 ^ $value2; + $previous_result .= chr($xor_result); + } + $encrypted_password .= $previous_result; + } + + $this->_encrypted_password = $encrypted_password; + $this->SetAttribute(2, $this->_encrypted_password); + } + + + function SetNasIPAddress($nas_ip_address = '') + { + if (0 < strlen($nas_ip_address)) + { + $this->_nas_ip_address = gethostbyname($nas_ip_address); + } + else + { + $this->_nas_ip_address = gethostbyname(isset($_SERVER['SERVER_ADDR'])?$_SERVER['SERVER_ADDR']:'0.0.0.0'); + } + $this->SetAttribute(4, $this->_nas_ip_address); + } + + + function SetNasPort($nas_port = 0) + { + $this->_nas_port = intval($nas_port); + $this->SetAttribute(5, $this->_nas_port); + } + + + function SetUdpTimeout($udp_timeout = 5) + { + if (intval($udp_timeout) > 0) + { + $this->_udp_timeout = intval($udp_timeout); + } + } + + + function ClearLastError() + { + $this->_last_error_code = 0; + $this->_last_error_message = ''; + } + + + function SetAuthenticationPort($authentication_port) + { + if ((intval($authentication_port) > 0) && (intval($authentication_port) < 65536)) + { + $this->_authentication_port = intval($authentication_port); + } + } + + + function SetAccountingPort($accounting_port) + { + if ((intval($accounting_port) > 0) && (intval($accounting_port) < 65536)) + { + $this->_accounting_port = intval($accounting_port); + } + } + + + function GetReceivedPacket() + { + return $this->_radius_packet_received; + } + + + function GetReceivedAttributes() + { + return $this->_attributes_received; + } + + + function GetReadableReceivedAttributes() + { + $readable_attributes = ''; + if (isset($this->_attributes_received)) + { + foreach($this->_attributes_received as $one_received_attribute) + { + $attributes_info = $this->GetAttributesInfo($one_received_attribute[0]); + $readable_attributes .= $attributes_info[0].": "; + if (26 == $one_received_attribute[0]) + { + $vendor_array = $this->DecodeVendorSpecificContent($one_received_attribute[1]); + foreach($vendor_array as $vendor_one) + { + $readable_attributes .= 'Vendor-Id: '.$vendor_one[0].", Vendor-type: ".$vendor_one[1].", Attribute-specific: ".$vendor_one[2]; + } + } + else + { + $readable_attributes .= $one_received_attribute[1]; + } + $readable_attributes .= "
\n"; + } + } + return $readable_attributes; + } + + + function GetAttribute($attribute_type) + { + $attribute_value = NULL; + foreach($this->_attributes_received as $one_received_attribute) + { + if (intval($attribute_type) == $one_received_attribute[0]) + { + $attribute_value = $one_received_attribute[1]; + break; + } + } + return $attribute_value; + } + + + function GetRadiusPacketInfo($info_index) + { + if (isset($this->_radius_packet_info[intval($info_index)])) + { + return $this->_radius_packet_info[intval($info_index)]; + } + else + { + return ''; + } + } + + + function GetAttributesInfo($info_index) + { + if (isset($this->_attributes_info[intval($info_index)])) + { + return $this->_attributes_info[intval($info_index)]; + } + else + { + return array('',''); + } + } + + + function DebugInfo($debug_info) + { + if ($this->_debug_mode) + { + echo date('Y-m-d H:i:s').' DEBUG: '; + echo $debug_info; + echo '
'; + flush(); + } + } + + + function SetAttribute($type, $value) + { + $attribute_index = -1; + for ($attributes_loop = 0; $attributes_loop < count($this->_attributes_to_send); $attributes_loop++) + { + if ($type == ord(substr($this->_attributes_to_send[$attributes_loop], 0, 1))) + { + $attribute_index = $attributes_loop; + break; + } + } + + $temp_attribute = NULL; + + if (isset($this->_attributes_info[$type])) + { + switch ($this->_attributes_info[$type][1]) + { + case 'T': // Text, 1-253 octets containing UTF-8 encoded ISO 10646 characters (RFC 2279). + $temp_attribute = chr($type).chr(2+strlen($value)).$value; + break; + case 'S': // String, 1-253 octets containing binary data (values 0 through 255 decimal, inclusive). + $temp_attribute = chr($type).chr(2+strlen($value)).$value; + break; + case 'A': // Address, 32 bit value, most significant octet first. + $ip_array = explode(".", $value); + $temp_attribute = chr($type).chr(6).chr($ip_array[0]).chr($ip_array[1]).chr($ip_array[2]).chr($ip_array[3]); + break; + case 'I': // Integer, 32 bit unsigned value, most significant octet first. + $temp_attribute = chr($type).chr(6).chr(($value/(256*256*256))%256).chr(($value/(256*256))%256).chr(($value/(256))%256).chr($value%256); + break; + case 'D': // Time, 32 bit unsigned value, most significant octet first -- seconds since 00:00:00 UTC, January 1, 1970. (not used in this RFC) + $temp_attribute = NULL; + break; + default: + $temp_attribute = NULL; + } + } + + if ($attribute_index > -1) + { + $this->_attributes_to_send[$attribute_index] = $temp_attribute; + $additional_debug = 'Modified'; + } + else + { + $this->_attributes_to_send[] = $temp_attribute; + $additional_debug = 'Added'; + } + $attribute_info = $this->GetAttributesInfo($type); + $this->DebugInfo($additional_debug.' Attribute '.$type.' ('.$attribute_info[0].'), format '.$attribute_info[1].', value '.$value.''); + } + + + function DecodeAttribute($attribute_raw_value, $attribute_format) + { + $attribute_value = NULL; + + if (isset($this->_attributes_info[$attribute_format])) + { + switch ($this->_attributes_info[$attribute_format][1]) + { + case 'T': // Text, 1-253 octets containing UTF-8 encoded ISO 10646 characters (RFC 2279). + $attribute_value = $attribute_raw_value; + break; + case 'S': // String, 1-253 octets containing binary data (values 0 through 255 decimal, inclusive). + $attribute_value = $attribute_raw_value; + break; + case 'A': // Address, 32 bit value, most significant octet first. + $attribute_value = ord(substr($attribute_raw_value, 0, 1)).'.'.ord(substr($attribute_raw_value, 1, 1)).'.'.ord(substr($attribute_raw_value, 2, 1)).'.'.ord(substr($attribute_raw_value, 3, 1)); + break; + case 'I': // Integer, 32 bit unsigned value, most significant octet first. + $attribute_value = (ord(substr($attribute_raw_value, 0, 1))*256*256*256)+(ord(substr($attribute_raw_value, 1, 1))*256*256)+(ord(substr($attribute_raw_value, 2, 1))*256)+ord(substr($attribute_raw_value, 3, 1)); + break; + case 'D': // Time, 32 bit unsigned value, most significant octet first -- seconds since 00:00:00 UTC, January 1, 1970. (not used in this RFC) + $attribute_value = NULL; + break; + default: + $attribute_value = NULL; + } + } + return $attribute_value; + } + + + /********************************************************************* + * Array returned: array(array(Vendor-Id1, Vendor type1, Attribute-Specific1), ..., array(Vendor-IdN, Vendor typeN, Attribute-SpecificN) + *********************************************************************/ + function DecodeVendorSpecificContent($vendor_specific_raw_value) + { + $result = array(); + $offset_in_raw = 0; + $vendor_id = (ord(substr($vendor_specific_raw_value, 0, 1))*256*256*256)+(ord(substr($vendor_specific_raw_value, 1, 1))*256*256)+(ord(substr($vendor_specific_raw_value, 2, 1))*256)+ord(substr($vendor_specific_raw_value, 3, 1)); + $offset_in_raw += 4; + while ($offset_in_raw < strlen($vendor_specific_raw_value)) + { + $vendor_type = (ord(substr($vendor_specific_raw_value, 0+$offset_in_raw, 1))); + $vendor_length = (ord(substr($vendor_specific_raw_value, 1+$offset_in_raw, 1))); + $attribute_specific = substr($vendor_specific_raw_value, 2+$offset_in_raw, $vendor_length); + $result[] = array($vendor_id, $vendor_type, $attribute_specific); + $offset_in_raw += ($vendor_length); + } + + return $result; + } + + + /* + * Function : AccessRequest + * + * Return TRUE if Access-Request is accepted, FALSE otherwise + */ + function AccessRequest($username = '', $password = '', $udp_timeout = 0, $state = NULL) + { + $this->ClearDataReceived(); + $this->ClearLastError(); + + $this->SetPacketCodeToSend(1); // Access-Request + + if (0 < strlen($username)) + { + $this->SetUsername($username); + } + + if (0 < strlen($password)) + { + $this->SetPassword($password); + } + + if ($state!==NULL) + { + $this->SetAttribute(24, $state); + } + else + { + $this->SetAttribute(6, 1); // 1=Login + } + + if (intval($udp_timeout) > 0) + { + $this->SetUdpTimeout($udp_timeout); + } + + $attributes_content = ''; + for ($attributes_loop = 0; $attributes_loop < count($this->_attributes_to_send); $attributes_loop++) + { + $attributes_content .= $this->_attributes_to_send[$attributes_loop]; + } + + $packet_length = 4; // Radius packet code + Identifier + Length high + Length low + $packet_length += strlen($this->_request_authenticator); // Request-Authenticator + $packet_length += strlen($attributes_content); // Attributes + + $packet_data = chr($this->_radius_packet_to_send); + $packet_data .= chr($this->GetNextIdentifier()); + $packet_data .= chr(intval($packet_length/256)); + $packet_data .= chr(intval($packet_length%256)); + $packet_data .= $this->_request_authenticator; + $packet_data .= $attributes_content; + + $_socket_to_server = socket_create(AF_INET, SOCK_DGRAM, 17); // UDP packet = 17 + + if ($_socket_to_server === FALSE) + { + $this->_last_error_code = socket_last_error(); + $this->_last_error_message = socket_strerror($this->_last_error_code); + } + elseif (FALSE === socket_connect($_socket_to_server, $this->_ip_radius_server, $this->_authentication_port)) + { + $this->_last_error_code = socket_last_error(); + $this->_last_error_message = socket_strerror($this->_last_error_code); + } + elseif (FALSE === socket_write($_socket_to_server, $packet_data, $packet_length)) + { + $this->_last_error_code = socket_last_error(); + $this->_last_error_message = socket_strerror($this->_last_error_code); + } + else + { + $this->DebugInfo('Packet type '.$this->_radius_packet_to_send.' ('.$this->GetRadiusPacketInfo($this->_radius_packet_to_send).')'.' sent'); + if ($this->_debug_mode) + { + $readable_attributes = ''; + foreach($this->_attributes_to_send as $one_attribute_to_send) + { + $attribute_info = $this->GetAttributesInfo(ord(substr($one_attribute_to_send,0,1))); + $this->DebugInfo('Attribute '.ord(substr($one_attribute_to_send,0,1)).' ('.$attribute_info[0].'), length '.(ord(substr($one_attribute_to_send,1,1))-2).', format '.$attribute_info[1].', value '.$this->DecodeAttribute(substr($one_attribute_to_send,2), ord(substr($one_attribute_to_send,0,1))).''); + } + } + $read_socket_array = array($_socket_to_server); + $write_socket_array = NULL; + $except_socket_array = NULL; + + $received_packet = chr(0); + + if (!(FALSE === socket_select($read_socket_array, $write_socket_array, $except_socket_array, $this->_udp_timeout))) + { + if (in_array($_socket_to_server, $read_socket_array)) + { + if (FALSE === ($received_packet = @socket_read($_socket_to_server, 1024))) // @ used, than no error is displayed if the connection is closed by the remote host + { + $received_packet = chr(0); + $this->_last_error_code = socket_last_error(); + $this->_last_error_message = socket_strerror($this->_last_error_code); + } + else + { + socket_close($_socket_to_server); + } + } + } + else + { + socket_close($_socket_to_server); + } + } + + $this->_radius_packet_received = intval(ord(substr($received_packet, 0, 1))); + + $this->DebugInfo('Packet type '.$this->_radius_packet_received.' ('.$this->GetRadiusPacketInfo($this->_radius_packet_received).')'.' received'); + + if ($this->_radius_packet_received > 0) + { + $this->_identifier_received = intval(ord(substr($received_packet, 1, 1))); + $packet_length = (intval(ord(substr($received_packet, 2, 1))) * 256) + (intval(ord(substr($received_packet, 3, 1)))); + $this->_response_authenticator = substr($received_packet, 4, 16); + $attributes_content = substr($received_packet, 20, ($packet_length - 4 - 16)); + while (strlen($attributes_content) > 2) + { + $attribute_type = intval(ord(substr($attributes_content,0,1))); + $attribute_length = intval(ord(substr($attributes_content,1,1))); + $attribute_raw_value = substr($attributes_content,2,$attribute_length-2); + $attributes_content = substr($attributes_content, $attribute_length); + + $attribute_value = $this->DecodeAttribute($attribute_raw_value, $attribute_type); + + $attribute_info = $this->GetAttributesInfo($attribute_type); + if (26 == $attribute_type) + { + $vendor_array = $this->DecodeVendorSpecificContent($attribute_value); + foreach($vendor_array as $vendor_one) + { + $this->DebugInfo('Attribute '.$attribute_type.' ('.$attribute_info[0].'), length '.($attribute_length-2).', format '.$attribute_info[1].', Vendor-Id: '.$vendor_one[0].", Vendor-type: ".$vendor_one[1].", Attribute-specific: ".$vendor_one[2]); + } + } + else + { + $this->DebugInfo('Attribute '.$attribute_type.' ('.$attribute_info[0].'), length '.($attribute_length-2).', format '.$attribute_info[1].', value '.$attribute_value.''); + } + + $this->_attributes_received[] = array($attribute_type, $attribute_value); + } + } + + return (2 == ($this->_radius_packet_received)); + } +} + +?> From 1f764d038b81ca7761a083bd2af94b785db84d71 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 15:39:12 +0000 Subject: [PATCH 10/39] Added acknowledgement of new php radius library --- doc/General/Acknowledgement.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/General/Acknowledgement.md b/doc/General/Acknowledgement.md index 6f9b50ea28..328a8f8677 100644 --- a/doc/General/Acknowledgement.md +++ b/doc/General/Acknowledgement.md @@ -23,6 +23,7 @@ LibreNMS 3rd party acknowledgements - Tag Manager (http://soliantconsulting.github.io/tagmanager/): MIT - TW Sack (https://code.google.com/p/tw-sack/): GPLv3 - Gridster (http://gridster.net/): MIT + - Pure PHP radius class (http://developer.sysco.ch/php/): GPLv3 #### 3rd Party GPLv3 Non-compliant From dcf4d0f3786498bf61c48fa54f65647177cadd17 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 15:51:15 +0000 Subject: [PATCH 11/39] Added docs and set default users to level 1 --- doc/Extensions/Authentication.md | 17 +++++++++++++++++ html/includes/authentication/radius.inc.php | 2 +- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/doc/Extensions/Authentication.md b/doc/Extensions/Authentication.md index 48ad0e92fd..e32d67e021 100644 --- a/doc/Extensions/Authentication.md +++ b/doc/Extensions/Authentication.md @@ -13,6 +13,8 @@ Here we will provide configuration details for these modules. - HTTP Auth: http-auth +- Radius: radius + #### User levels - 1: Normal User. You will need to assign device / port permissions for users at this level. @@ -125,3 +127,18 @@ $config['auth_ad_groups']['admin']['level'] = 10; $config['auth_ad_groups']['pfy']['level'] = 7; $config['auth_ad_require_groupmembership'] = 0; ``` + +#### Radius Authentication + +Please note that a mysql user is created for each user the logs in successfully. User level 1 is assigned to those accounts so you will then need to assign the relevant permissions unless you set `$config['radius']['userlevel']` to be something other than 1. + +> Cleanup of old accounts is done using the authlog. You will need to set the cleanup date for when old accounts will be purged which will happen AUTOMATICALLY. +> Please ensure that you set the $config['authlog_purge'] value to be greater than $config['radius']['users_purge'] otherwise old users won't be removed. + +```php +$config['radius']['hostname'] = 'localhost'; +$config['radius']['port'] = '1812'; +$config['radius']['secret'] = 'testing123'; +$config['radius']['timeout'] = 3; +$config['radius']['users_purge'] = 14;//Purge users who haven't logged in for 14 days. +``` diff --git a/html/includes/authentication/radius.inc.php b/html/includes/authentication/radius.inc.php index a6ab0600cf..663d2b7298 100644 --- a/html/includes/authentication/radius.inc.php +++ b/html/includes/authentication/radius.inc.php @@ -49,7 +49,7 @@ function auth_usermanagement() { } -function adduser($username, $password, $level=0, $email='', $realname='', $can_modify_passwd=0, $description='', $twofactor=0) { +function adduser($username, $password, $level=1, $email='', $realname='', $can_modify_passwd=0, $description='', $twofactor=0) { // Check to see if user is already added in the database if (!user_exists($username)) { $userid = dbInsert(array('username' => $username, 'realname' => '', 'email' => '', 'descr' => '', 'level' => $level, 'can_modify_passwd' => 0, 'twofactor' => 0), 'users'); From b592689d2378638c02f016c7f2d856db3ea20987 Mon Sep 17 00:00:00 2001 From: Ruairi Carroll Date: Sun, 13 Dec 2015 17:05:07 +0100 Subject: [PATCH 12/39] Removing polling code for processors --- includes/polling/os/fortigate.inc.php | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/includes/polling/os/fortigate.inc.php b/includes/polling/os/fortigate.inc.php index 98d394b9f3..f165b75031 100644 --- a/includes/polling/os/fortigate.inc.php +++ b/includes/polling/os/fortigate.inc.php @@ -33,26 +33,4 @@ if (is_numeric($sessions)) { $graphs['fortigate_sessions'] = true; } -// Start somewhat automated discovery for processors in the chassis - -$cpurrd = $config['rrd_dir'].'/'.$device['hostname'].'/fortigate_cpu.rrd'; -$num_cpu = snmp_get($device, 'FORTINET-FORTIGATE-MIB::fgProcessorCount.0', '-Ovq'); -#$cpu_usage = snmp_get($device, 'FORTINET-FORTIGATE-MIB::fgSysCpuUsage.0', '-Ovq'); - -print "NUM CPU: $num_cpu\n"; - -// Fortigate have a pretty logical CPU index going on. It's predictable. -for($i = 1; $i <= $num_cpu; $i++) { - $cpurrd = $config['rrd_dir'].'/'.$device['hostname'].'/fortigate_cpu_'.$i.'.rrd'; - $cpu_usage = snmp_get($device, "FORTINET-FORTIGATE-MIB::fgProcessorUsage.$i", '-Ovq'); - $usage = trim ( str_replace(" %", "", $cpu_usage ) ) ; - print "CPU: $num_cpu - USAGE: $usage\n"; - if (!is_file($cpurrd)) { - print "$cpurrd not found\n"; - rrdtool_create($cpurrd, ' --step 300 DS:LOAD:GAUGE:600:-1:100 '.$config['rrd_rra']); - } - $fields = array( 'LOAD' => $usage ); - rrdtool_update($cpurrd, $fields); -} - From 58d585e6fe1d31f2344a0734afb97d1ed26376d7 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 16:16:39 +0000 Subject: [PATCH 13/39] Updated daily.sh/daily.php to support removing users that have not logged in for X days - Radius only for now --- daily.php | 18 +++++++++++++++++- daily.sh | 5 +++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/daily.php b/daily.php index 40d4cd10a6..1c3e4d04fb 100644 --- a/daily.php +++ b/daily.php @@ -30,7 +30,7 @@ Take a look at https://dev.mysql.com/doc/refman/5.6/en/innodb-buffer-pool.html f The ' . $config['project_name'] . ' team.'; send_mail($config['alert']['default_mail'],$subject,$message,$html=false); - } + } echo warn_innodb_buffer($innodb_buffer); exit(2); } @@ -110,3 +110,19 @@ if ($options['f'] === 'device_perf') { if ($options['f'] === 'notifications') { include_once 'notifications.php'; } + +if ($options['f'] === 'purgeusers') { + $purge = 0; + if (is_numeric($config['radius']['users_purge']) && $config['auth_mechanism'] === 'radius') { + $purge = $config['radius']['users_purge']; + } + if ($purge > 0) { + foreach (dbFetchRows("SELECT DISTINCT(`user`) FROM `authlog` WHERE `datetime` >= DATE_SUB(NOW(), INTERVAL ? DAY)", array($purge)) as $user) { + $users[] = $user['user']; + } + $del_users = '"'.implode('","',$users).'"'; + if (dbDelete('users', "username NOT IN ($del_users)",array($del_users))) { + echo "Removed users that haven't logged in for $purge days"; + } + } +} diff --git a/daily.sh b/daily.sh index 34b17fe4b3..795311e900 100755 --- a/daily.sh +++ b/daily.sh @@ -4,12 +4,12 @@ # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. -# +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the # GNU General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program. If not, see . @@ -64,6 +64,7 @@ else php daily.php -f perf_times php daily.php -f callback php daily.php -f device_perf + php daily.php -f purgeusers ;; submodules) # Init+Update our submodules From af21d4a54a5653e9557687a54e29dd2ab8e75677 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 16:54:40 +0000 Subject: [PATCH 14/39] Fix some scrut issues --- html/includes/authentication/radius.inc.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/html/includes/authentication/radius.inc.php b/html/includes/authentication/radius.inc.php index 663d2b7298..113c7b6600 100644 --- a/html/includes/authentication/radius.inc.php +++ b/html/includes/authentication/radius.inc.php @@ -16,7 +16,6 @@ function authenticate($username, $password) { } $rad = $radius->AccessRequest($username,$password); if($rad === true) { - $user_authenticated = 1; adduser($username); return 1; } @@ -52,7 +51,9 @@ function auth_usermanagement() { function adduser($username, $password, $level=1, $email='', $realname='', $can_modify_passwd=0, $description='', $twofactor=0) { // Check to see if user is already added in the database if (!user_exists($username)) { - $userid = dbInsert(array('username' => $username, 'realname' => '', 'email' => '', 'descr' => '', 'level' => $level, 'can_modify_passwd' => 0, 'twofactor' => 0), 'users'); + $hasher = new PasswordHash(8, false); + $encrypted = $hasher->HashPassword($password); + $userid = dbInsert(array('username' => $username, 'password' => $encrypted, 'realname' => $realname, 'email' => $email, 'descr' => $description, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'twofactor' => $twofactor), 'users'); if ($userid == false) { return false; } @@ -83,7 +84,7 @@ function get_userid($username) { } -function deluser() { +function deluser($username) { dbDelete('bill_perms', '`user_name` = ?', array($username)); dbDelete('devices_perms', '`user_name` = ?', array($username)); dbDelete('ports_perms', '`user_name` = ?', array($username)); From d5b6e0e8da2440e5f9bf92ca9f08c02d7e662e16 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 17:20:34 +0000 Subject: [PATCH 15/39] Updated device-groups functions to support returning all data or just group id --- html/includes/api_functions.inc.php | 2 +- includes/device-groups.inc.php | 36 +++++++++++------------------ 2 files changed, 15 insertions(+), 23 deletions(-) diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index a6ca257235..5a0cead146 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -1024,7 +1024,7 @@ function get_device_groups() { // use hostname as device_id if it's all digits $device_id = ctype_digit($hostname) ? $hostname : getidbyname($hostname); if (is_numeric($device_id)) { - $groups = GetFullGroupsFromDevice($device_id); + $groups = GetGroupsFromDevice($device_id,1); } else { $groups = GetDeviceGroups(); diff --git a/includes/device-groups.inc.php b/includes/device-groups.inc.php index bb703f2cd6..3624db490c 100644 --- a/includes/device-groups.inc.php +++ b/includes/device-groups.inc.php @@ -31,7 +31,7 @@ * @param string $search What to searchid for * @return string */ -function GenGroupSQL($pattern, $search='') { +function GenGroupSQL($pattern, $search='',$extra=0) { $pattern = RunGroupMacros($pattern); if ($pattern === false) { return false; @@ -66,7 +66,11 @@ function GenGroupSQL($pattern, $search='') { $search .= ' &&'; } - $sql = 'SELECT DISTINCT('.str_replace('(', '', $tables[0]).'.device_id),`devices`.* FROM '.implode(',', $tables).' WHERE '.$search.' ('.str_replace(array('%', '@', '!~', '~'), array('', '.*', 'NOT REGEXP', 'REGEXP'), $pattern).')'; + $sql_extra = ''; + if ($extra === 1) { + $sql_extra = ",`devices`.*"; + } + $sql = 'SELECT DISTINCT('.str_replace('(', '', $tables[0]).'.device_id)'.$sql_extra.' FROM '.implode(',', $tables).' WHERE '.$search.' ('.str_replace(array('%', '@', '!~', '~'), array('', '.*', 'NOT REGEXP', 'REGEXP'), $pattern).')'; return $sql; }//end GenGroupSQL() @@ -104,28 +108,16 @@ function GetDeviceGroups() { * @param integer $device Device-ID * @return array */ -function GetGroupsFromDevice($device) { +function GetGroupsFromDevice($device,$extra=0) { $ret = array(); foreach (GetDeviceGroups() as $group) { - if (dbFetchCell(GenGroupSQL($group['pattern'], 'device_id=?').' LIMIT 1', array($device)) == $device) { - $ret[] = $group['id']; - } - } - - return $ret; - -}//end GetGroupsFromDevice() - -/** - * Get all groups of Device - * @param integer $device Device-ID - * @return array - */ -function GetFullGroupsFromDevice($device) { - $ret = array(); - foreach (GetDeviceGroups() as $group) { - if (dbFetchCell(GenGroupSQL($group['pattern'], 'device_id=?').' LIMIT 1', array($device)) == $device) { - $ret[] = $group; + if (dbFetchCell(GenGroupSQL($group['pattern'], 'device_id=?',$extra).' LIMIT 1', array($device)) == $device) { + if ($extra === 0) { + $ret[] = $group['id']; + } + else { + $ret[] = $group; + } } } From d0eab1c02b1af5e8e5c581c8c894a79ca9474663 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 18:02:24 +0000 Subject: [PATCH 16/39] Moved memory graphs for vmware to mempool polling --- includes/discovery/mempools/hrstorage.inc.php | 4 ++++ includes/discovery/storage/hrstorage.inc.php | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/includes/discovery/mempools/hrstorage.inc.php b/includes/discovery/mempools/hrstorage.inc.php index acef0138f8..5a853245a6 100644 --- a/includes/discovery/mempools/hrstorage.inc.php +++ b/includes/discovery/mempools/hrstorage.inc.php @@ -31,6 +31,10 @@ if (is_array($storage_array)) { break; } + if ($device['os'] == 'vmware' && $descr == 'Real Memory') { + $deny = 0; + } + if ($device['os'] == 'routeros' && $descr == 'main memory') { $deny = 0; } diff --git a/includes/discovery/storage/hrstorage.inc.php b/includes/discovery/storage/hrstorage.inc.php index 46907e10aa..04012237b2 100644 --- a/includes/discovery/storage/hrstorage.inc.php +++ b/includes/discovery/storage/hrstorage.inc.php @@ -33,6 +33,13 @@ if (is_array($hrstorage_array)) { break; } + if ($device['os'] == 'vmware' && $descr == 'Real Memory') { + $old_rrdfile = $config['rrd_dir'].'/'.$device['hostname'].'/'.safename('storage-hrstorage-'.safename($descr).'.rrd'); + $new_rrdfile = $config['rrd_dir'].'/'.$device['hostname'].'/'.safename('mempool-hrstorage-'.$storage['hrStorageIndex'].'.rrd'); + rename($old_rrdfile, $new_rrdfile); + $deny = 1; + } + foreach ($config['ignore_mount'] as $bi) { if ($bi == $descr) { $deny = 1; From 4da410b5f98597ba210f5e3839637faf14e7b190 Mon Sep 17 00:00:00 2001 From: Daniel Preussker Date: Sun, 13 Dec 2015 18:24:26 +0000 Subject: [PATCH 17/39] Added generic image widget --- html/includes/common/generic-image.inc.php | 54 ++++++++++++++++++++++ sql-schema/083.sql | 1 + 2 files changed, 55 insertions(+) create mode 100644 html/includes/common/generic-image.inc.php create mode 100644 sql-schema/083.sql diff --git a/html/includes/common/generic-image.inc.php b/html/includes/common/generic-image.inc.php new file mode 100644 index 0000000000..440168202b --- /dev/null +++ b/html/includes/common/generic-image.inc.php @@ -0,0 +1,54 @@ + + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ + +/** + * Generic Image Widget + * @author Daniel Preussker + * @copyright 2015 Daniel Preussker, QuxLabs UG + * @license GPL + * @package LibreNMS + * @subpackage Widgets + */ + +if( defined('show_settings') || empty($widget_settings) ) { + $common_output[] = ' +
+
+
+ +
+
+ +
+
+
+
+ +
+
+ +
+
+
+
+ +
+
+
'; +} +else { + $widget_settings['title'] = $widget_settings['image_title']; + $common_output[] = ''; +} diff --git a/sql-schema/083.sql b/sql-schema/083.sql new file mode 100644 index 0000000000..038e674cc7 --- /dev/null +++ b/sql-schema/083.sql @@ -0,0 +1 @@ +INSERT INTO widgets VALUES (NULL, 'External Images', 'generic-image', '5,4'); From 757017d4efbade5380da762fd38a3ca9e33b9e99 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 18:31:45 +0000 Subject: [PATCH 18/39] For SQL debug, if we see an insert into alert_log with details column then we mask the output --- includes/dbFacile.mysql.php | 7 ++++++- includes/dbFacile.mysqli.php | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/includes/dbFacile.mysql.php b/includes/dbFacile.mysql.php index bdcce1ac15..f2bb56c0be 100644 --- a/includes/dbFacile.mysql.php +++ b/includes/dbFacile.mysql.php @@ -28,7 +28,12 @@ function dbQuery($sql, $parameters=array()) { $fullSql = dbMakeQuery($sql, $parameters); if ($debug) { if (php_sapi_name() == 'cli' && empty($_SERVER['REMOTE_ADDR'])) { - print $console_color->convert("\nSQL[%y".$fullSql.'%n] '); + if (preg_match('/(INSERT INTO `alert_log`).*(details)/i',$fullSql)) { + echo "\nINSERT INTO `alert_log` entry masked due to binary data\n"; + } + else { + print $console_color->convert("\nSQL[%y".$fullSql.'%n] '); + } } else { $sql_debug[] = $fullSql; diff --git a/includes/dbFacile.mysqli.php b/includes/dbFacile.mysqli.php index 9e49491a63..15a48962cf 100644 --- a/includes/dbFacile.mysqli.php +++ b/includes/dbFacile.mysqli.php @@ -28,7 +28,12 @@ function dbQuery($sql, $parameters=array()) { $fullSql = dbMakeQuery($sql, $parameters); if ($debug) { if (php_sapi_name() == 'cli' && empty($_SERVER['REMOTE_ADDR'])) { - print $console_color->convert("\nSQL[%y".$fullSql.'%n] '); + if (preg_match('/(INSERT INTO `alert_log`).*(details)/i',$fullSql)) { + echo "\nINSERT INTO `alert_log` entry masked due to binary data\n"; + } + else { + print $console_color->convert("\nSQL[%y".$fullSql.'%n] '); + } } else { $sql_debug[] = $fullSql; From 29e708819ae672c65964c17e7c811d343c587df7 Mon Sep 17 00:00:00 2001 From: vitalisator Date: Sun, 13 Dec 2015 20:15:43 +0100 Subject: [PATCH 19/39] closes #2614 --- .../discovery/discovery-protocols.inc.php | 20 +++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/includes/discovery/discovery-protocols.inc.php b/includes/discovery/discovery-protocols.inc.php index 93a130878c..a27b48286c 100644 --- a/includes/discovery/discovery-protocols.inc.php +++ b/includes/discovery/discovery-protocols.inc.php @@ -143,12 +143,24 @@ if ($device['os'] == 'pbn' && $config['autodiscovery']['xdp'] === true) { if (!$remote_device_id && is_valid_hostname($lldp['lldpRemSysName'])) { $remote_device_id = discover_new_device($lldp['lldpRemSysName'], $device, 'LLDP', $interface); } - + // normalize MAC address if present + if ($lldp['lldpRemChassisIdSubtype'] == 'macAddress') { + $remote_mac_address = str_replace(array(' ', ':', '-'), '', strtolower($lldp['lldpRemChassisId'])); + } + // get remote device hostname from db by MAC address and replace lldpRemSysName if absent + if (!$remote_device_id && $remote_mac_address) { + $remote_device_id = dbFetchCell('SELECT `device_id` FROM `ports` WHERE ifPhysAddress = ? AND `deleted` = ?', array($remote_mac_address, '0')); + if ($remote_device_id) { + $remote_device_hostname = dbFetchRow('SELECT hostname FROM devices WHERE device_id = ?', $remote_device_id); + } + if ($remote_device_hostname['hostname']) { + $lldp['lldpRemSysName'] = $remote_device_hostname['hostname']; + } + } if ($remote_device_id) { $if = $lldp['lldpRemPortDesc']; $id = $lldp['lldpRemPortId']; - $PhysAddress = preg_replace('/ /', '', $id); - $remote_port_id = dbFetchCell('SELECT `port_id` FROM `ports` WHERE (`ifDescr` = ? OR `ifName` = ? OR `ifDescr` = ? OR `ifName` = ? OR `ifPhysAddress` = ?) AND `device_id` = ?', array($if, $if, $id, $id, $PhysAddress, $remote_device_id)); + $remote_port_id = dbFetchCell('SELECT `port_id` FROM `ports` WHERE (`ifDescr` = ? OR `ifName` = ? OR `ifDescr` = ? OR `ifName` = ? OR `ifPhysAddress` = ?) AND `device_id` = ?', array($if, $if, $id, $id, $remote_mac_address, $remote_device_id)); } else { $remote_port_id = '0'; @@ -163,7 +175,7 @@ if ($device['os'] == 'pbn' && $config['autodiscovery']['xdp'] === true) { }//end if }//end elseif -echo 'OSPF Discovery: '; +echo ' OSPF Discovery: '; if ($config['autodiscovery']['ospf'] === true) { echo "enabled\n"; From 7237c84164b7292f2c161db9c49210545bbfb759 Mon Sep 17 00:00:00 2001 From: vitalisator Date: Sun, 13 Dec 2015 20:24:08 +0100 Subject: [PATCH 20/39] change fetchRow to fetchCell --- includes/discovery/discovery-protocols.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/discovery/discovery-protocols.inc.php b/includes/discovery/discovery-protocols.inc.php index a27b48286c..a9a4e9a064 100644 --- a/includes/discovery/discovery-protocols.inc.php +++ b/includes/discovery/discovery-protocols.inc.php @@ -151,7 +151,7 @@ if ($device['os'] == 'pbn' && $config['autodiscovery']['xdp'] === true) { if (!$remote_device_id && $remote_mac_address) { $remote_device_id = dbFetchCell('SELECT `device_id` FROM `ports` WHERE ifPhysAddress = ? AND `deleted` = ?', array($remote_mac_address, '0')); if ($remote_device_id) { - $remote_device_hostname = dbFetchRow('SELECT hostname FROM devices WHERE device_id = ?', $remote_device_id); + $remote_device_hostname = dbFetchCell('SELECT hostname FROM devices WHERE device_id = ?', $remote_device_id); } if ($remote_device_hostname['hostname']) { $lldp['lldpRemSysName'] = $remote_device_hostname['hostname']; From a63ea7844102b634bd0735a93220bc62ef35608e Mon Sep 17 00:00:00 2001 From: Daniel Preussker Date: Sun, 13 Dec 2015 19:39:12 +0000 Subject: [PATCH 21/39] First Draft in Per-User default dashboards --- html/pages/edituser.inc.php | 16 ++++++++++++++++ html/pages/front/tiles.php | 16 +++++++++++++--- sql-schema/084.sql | 1 + 3 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 sql-schema/084.sql diff --git a/html/pages/edituser.inc.php b/html/pages/edituser.inc.php index 61bc615f9b..c07c48037b 100644 --- a/html/pages/edituser.inc.php +++ b/html/pages/edituser.inc.php @@ -312,6 +312,10 @@ else { } } + if (!empty($vars['dashboard'])) { + dbUpdate(array('dashboard'=>$vars['dashboard']),'users','user_id = ?',array($vars['user_id'])); + } + echo "
@@ -374,6 +378,18 @@ if (passwordscanchange($users_details['username'])) { "; } + echo " +
+ +
+
+
+ "; echo "
diff --git a/html/pages/front/tiles.php b/html/pages/front/tiles.php index f847d41c1d..67b1b8f591 100644 --- a/html/pages/front/tiles.php +++ b/html/pages/front/tiles.php @@ -16,8 +16,13 @@ * Code for Gridster.sort_by_row_and_col_asc(serialization) call is from http://gridster.net/demos/grid-from-serialize.html */ -$no_refresh = true; -if (dbFetchCell('SELECT dashboard_id FROM dashboards WHERE user_id=?',array($_SESSION['user_id'])) == 0) { +$no_refresh = true; +$default_dash = 0; +if (($tmp = dbFetchCell('SELECT dashboard FROM users WHERE user_id=?',array($_SESSION['user_id']))) != 0) { + $default_dash = $tmp; +} +else if (dbFetchCell('SELECT dashboard_id FROM dashboards WHERE user_id=?',array($_SESSION['user_id'])) == 0) { + $tmp = dbInsert(array('dashboard_name'=>'Default','user_id'=>$_SESSION['user_id']),'dashboards'); $vars['dashboard'] = dbInsert(array('dashboard_name'=>'Default','user_id'=>$_SESSION['user_id']),'dashboards'); if (dbFetchCell('select 1 from users_widgets where user_id = ? && dashboard_id = ?',array($_SESSION['user_id'],0)) == 1) { dbUpdate(array('dashboard_id'=>$vars['dashboard']),'users_widgets','user_id = ? && dashboard_id = ?',array($_SESSION['user_id'],0)); @@ -31,7 +36,12 @@ if (!empty($vars['dashboard'])) { } } if (empty($vars['dashboard'])) { - $vars['dashboard'] = dbFetchRow('select * from dashboards where user_id = ? order by dashboard_id limit 1',array($_SESSION['user_id'])); + if ($default_dash != 0) { + $vars['dashboard'] = dbFetchRow('select * from dashboards where dashboard_id = ?',array($default_dash)); + } + else { + $vars['dashboard'] = dbFetchRow('select * from dashboards where user_id = ? order by dashboard_id limit 1',array($_SESSION['user_id'])); + } if (isset($orig)) { $msg_box[] = array('type' => 'error', 'message' => 'Dashboard #'.$orig.' does not exist! Loaded '.$vars['dashboard']['dashboard_name'].' instead.','title' => 'Requested Dashboard Not Found!'); } diff --git a/sql-schema/084.sql b/sql-schema/084.sql new file mode 100644 index 0000000000..b9df6c3d26 --- /dev/null +++ b/sql-schema/084.sql @@ -0,0 +1 @@ +ALTER TABLE `users` ADD `dashboard` INT( 11 ) DEFAULT 0 NOT NULL; From 4bd3b12c446bcde93340c614a3600dbb5b5852ac Mon Sep 17 00:00:00 2001 From: vitalisator Date: Sun, 13 Dec 2015 21:00:39 +0100 Subject: [PATCH 22/39] revert to fetchRow --- includes/discovery/discovery-protocols.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/discovery/discovery-protocols.inc.php b/includes/discovery/discovery-protocols.inc.php index a9a4e9a064..5563da898f 100644 --- a/includes/discovery/discovery-protocols.inc.php +++ b/includes/discovery/discovery-protocols.inc.php @@ -151,7 +151,7 @@ if ($device['os'] == 'pbn' && $config['autodiscovery']['xdp'] === true) { if (!$remote_device_id && $remote_mac_address) { $remote_device_id = dbFetchCell('SELECT `device_id` FROM `ports` WHERE ifPhysAddress = ? AND `deleted` = ?', array($remote_mac_address, '0')); if ($remote_device_id) { - $remote_device_hostname = dbFetchCell('SELECT hostname FROM devices WHERE device_id = ?', $remote_device_id); + $remote_device_hostname = dbFetchRow('SELECT `hostname` FROM `devices` WHERE `device_id` = ?', array($remote_device_id)); } if ($remote_device_hostname['hostname']) { $lldp['lldpRemSysName'] = $remote_device_hostname['hostname']; From 852ecdc309930166dcd9d1726d449b6f1605ecc5 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 13 Dec 2015 20:01:08 +0000 Subject: [PATCH 23/39] Updated clusters to show red if at least one host is down --- html/css/styles.css | 21 +++++++++++++++++++++ html/includes/common/worldmap.inc.php | 11 +++++++++++ 2 files changed, 32 insertions(+) diff --git a/html/css/styles.css b/html/css/styles.css index 3c2de2ca70..3597937291 100644 --- a/html/css/styles.css +++ b/html/css/styles.css @@ -1821,3 +1821,24 @@ label { @media only screen and (min-width: 1024px) { } + +.redCluster { + background-color: rgba(255,0,0); + background-color: rgba(255,0,0,0.7); + text-align: center; + width: 25px !important; + height: 25px !important; + font-size: 14px; + color: white; +} + +.greenCluster { + background-color: rgba(0,255,0); + background-color: rgba(0,255,0,0.7); + text-align: center; + width: 25px !important; + height: 25px !important; + font-size: 14px; + color: black; + border-color:transparent; +} diff --git a/html/includes/common/worldmap.inc.php b/html/includes/common/worldmap.inc.php index cceb080b93..fabda7779f 100644 --- a/html/includes/common/worldmap.inc.php +++ b/html/includes/common/worldmap.inc.php @@ -137,6 +137,17 @@ L.tileLayer(\'//{s}.tile.openstreetmap.org/{z}/{x}/{y}.png\', { var markers = L.markerClusterGroup({ maxClusterRadius: ' . $group_radius . ', + iconCreateFunction: function (cluster) { + var markers = cluster.getAllChildMarkers(); + var n = 0; + newClass = "greenCluster marker-cluster marker-cluster-small leaflet-zoom-animated leaflet-clickable"; + for (var i = 0; i < markers.length; i++) { + if (markers[i].options.icon.options.markerColor == "red") { + newClass = "redCluster marker-cluster marker-cluster-small leaflet-zoom-animated leaflet-clickable"; + } + } + return L.divIcon({ html: cluster.getChildCount(), className: newClass, iconSize: L.point(40, 40) }); + }, }); var redMarker = L.AwesomeMarkers.icon({ icon: \'server\', From 3a299584b0e77374a713e30f603afe9acdd9df98 Mon Sep 17 00:00:00 2001 From: laf Date: Mon, 14 Dec 2015 21:52:15 +0000 Subject: [PATCH 24/39] Added ability to specify default userlevel --- doc/Extensions/Authentication.md | 1 + html/includes/authentication/radius.inc.php | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/doc/Extensions/Authentication.md b/doc/Extensions/Authentication.md index e32d67e021..633b8ed13c 100644 --- a/doc/Extensions/Authentication.md +++ b/doc/Extensions/Authentication.md @@ -141,4 +141,5 @@ $config['radius']['port'] = '1812'; $config['radius']['secret'] = 'testing123'; $config['radius']['timeout'] = 3; $config['radius']['users_purge'] = 14;//Purge users who haven't logged in for 14 days. +$config['radius']['default_level'] = 1;//Set the default user level when automatically creating a user. ``` diff --git a/html/includes/authentication/radius.inc.php b/html/includes/authentication/radius.inc.php index 113c7b6600..3e2fb16415 100644 --- a/html/includes/authentication/radius.inc.php +++ b/html/includes/authentication/radius.inc.php @@ -50,9 +50,13 @@ function auth_usermanagement() { function adduser($username, $password, $level=1, $email='', $realname='', $can_modify_passwd=0, $description='', $twofactor=0) { // Check to see if user is already added in the database + global $config; if (!user_exists($username)) { $hasher = new PasswordHash(8, false); $encrypted = $hasher->HashPassword($password); + if ($config['radius']['default_level'] > 0) { + $level = $config['radius']['default_level']; + } $userid = dbInsert(array('username' => $username, 'password' => $encrypted, 'realname' => $realname, 'email' => $email, 'descr' => $description, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'twofactor' => $twofactor), 'users'); if ($userid == false) { return false; From 2734cd327e0a25e8e58c06537393a5260d485ddd Mon Sep 17 00:00:00 2001 From: laf Date: Mon, 14 Dec 2015 22:01:01 +0000 Subject: [PATCH 25/39] Updated userlevel access on settings page --- html/pages/settings.inc.php | 70 ++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/html/pages/settings.inc.php b/html/pages/settings.inc.php index 1271e8d227..27efd4f1dd 100644 --- a/html/pages/settings.inc.php +++ b/html/pages/settings.inc.php @@ -53,31 +53,32 @@ echo $pagetitle[0];
Settings
@@ -90,33 +91,32 @@ else { * @return string */ - function a2t($a) { - $r = ""; - foreach( $a as $k=>$v ) { - if( !empty($v) ) { - $r .= ""; + function a2t($a) { + $r = "
".$k."".(is_array($v)?a2t($v):"".wordwrap($v,75,"
")."")."
"; + foreach( $a as $k=>$v ) { + if( !empty($v) ) { + $r .= ""; + } + } + $r .= '
".$k."".(is_array($v)?a2t($v):"".wordwrap($v,75,"
")."")."
'; + return $r; + } + echo "
".a2t($config)."
"; + + if ($_SESSION['userlevel'] >= '10') { + + if ($debug) { + echo("
");
+                print_r($config);
+                echo("
"); } } - $r .= ''; - return $r; - } - if( $_SESSION['userlevel'] >= 10 ) { - echo "
".a2t($config)."
"; - } - else { - include 'includes/error-no-perm.inc.php'; - } - - if ($_SESSION['userlevel'] >= '10') { - - if ($debug) { - echo("
");
-            print_r($config);
-            echo("
"); + else { + include 'includes/error-no-perm.inc.php'; } } - else { - include 'includes/error-no-perm.inc.php'; - } +} +else { + include 'includes/error-no-perm.inc.php'; } ?> From 7542d00b8a5213ef83e6aff6f763645c8218e835 Mon Sep 17 00:00:00 2001 From: f0o Date: Tue, 15 Dec 2015 08:56:14 +0000 Subject: [PATCH 26/39] Fix silly JpGraph version compare --- html/includes/jpgraph/src/jpgraph.php | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/html/includes/jpgraph/src/jpgraph.php b/html/includes/jpgraph/src/jpgraph.php index f5df2afe35..a92e58836f 100644 --- a/html/includes/jpgraph/src/jpgraph.php +++ b/html/includes/jpgraph/src/jpgraph.php @@ -222,21 +222,16 @@ if (!defined('MBTTF_DIR')) { } } -// -// Check minimum PHP version -// +/* + * Check minimum PHP version + * @author f0o + * @copyright 2015 f0o, LibreNMS + * @license GPL + * @package LibreNMS + * @subpackage Billing + */ function CheckPHPVersion($aMinVersion) { - list($majorC, $minorC, $editC) = preg_split('/[\/.-]/', PHP_VERSION); - list($majorR, $minorR, $editR) = preg_split('/[\/.-]/', $aMinVersion); - - if ($majorC != $majorR) return false; - if ($majorC < $majorR) return false; - // same major - check minor - if ($minorC > $minorR) return true; - if ($minorC < $minorR) return false; - // and same minor - if ($editC >= $editR) return true; - return true; + return version_compare(PHP_VERSION, $aMinVersion, '>='); } // From 93f2d4b8d03749f13b70a3cd0ecd003de297b53e Mon Sep 17 00:00:00 2001 From: Tamas Szabo Date: Tue, 15 Dec 2015 12:54:49 +0200 Subject: [PATCH 27/39] Non-vxworks based Quanta LB6M erroneously gets detected as Ubiquity Edgeswitch. New check for 'Quanta' in sysdescr added. --- includes/discovery/os/edgeswitch.inc.php | 2 +- includes/discovery/os/quanta.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/includes/discovery/os/edgeswitch.inc.php b/includes/discovery/os/edgeswitch.inc.php index c09f86dc2b..71093ef9cd 100644 --- a/includes/discovery/os/edgeswitch.inc.php +++ b/includes/discovery/os/edgeswitch.inc.php @@ -1,6 +1,6 @@ Date: Wed, 16 Dec 2015 12:23:02 +0100 Subject: [PATCH 28/39] Added LigoWave logo --- html/images/os/ligowave.png | Bin 0 -> 2639 bytes includes/definitions.inc.php | 1 + 2 files changed, 1 insertion(+) create mode 100644 html/images/os/ligowave.png diff --git a/html/images/os/ligowave.png b/html/images/os/ligowave.png new file mode 100644 index 0000000000000000000000000000000000000000..fb54f80bd4d2135983f9a25d5477db63d01ce0fc GIT binary patch literal 2639 zcmY*bc|6oxAO5*|t?81nmbhdKGsrTHF~Z26br^)~lx56}-5`-L*|L){ma<2o#&V~G zEE!pfi)`7swn8Z0(Y^0|-}ihz=bZ0(zR&l0&iDLv;!UsXaRijbJW*K42$TKW8^^un&gL1^{?4j2`;9 z;hjW+eY|~fuwZr3p9~m1K7k>kB0nkk+v=idV^a}rKdhUGGFS;LFN$Cj5fOo7UEN{k z$ZLO>(@*N6o_IV427v?x1%ZPugZ;1`5QQsOu0Z4!A&QD}bcP%*#24=rEa!_8`%C0M zI!HI13)TyR_ww@6u|P3f3)eP z@Dmhfg7tEvJD=zy6yQIZ|A+nU1BaZL|IcOq>hvc{Zxz7?hy3$w2sWcONgDuQanVO= zTB2DWSaWz=jPM}#S{E0gNgQ?BoGHT$nXdY_A{R@dh95M1$S!Nj^wO++T$5{6SAM%x z^R1(5d4UzmMR07ijI&I}E)^DEH8jR*JU*71$??(brm34yWN~3b3X{=!Zneg#W{;`X z{(dMc`NsVIr!X32F?{cP>p4x5e74@z_E*W3NJ?{a1{3o}R;<<&DUe{7|Lio%LL@uQ zYO}-)HDuCIr(F+&>M{N>B3yhOmz(!%X?V{ad#3Cv5XO2WoPW|N=iM766)WA?UkdNo zb4#dHX~VrQ$e#@me*aD{cWrEF)-Mu92Hh6Yzb~O*vD2;~4g_F@ue@lC$cbZe$1%I`Zw##sd-{Tgge3c39@)f;(UMZtnI1n=Q{uiJL^lvI*eMAXPg!Quw{0>|d)wTB@De2l8H z&+a^kB{HH{m1tv7`2N!;>Can4MOtRYKK?OD&w7ZD0=Q;#Sl)mPtw zi14Rxf0si64@a#sO;&0Tdb|A`b7s4cvq3#CmHJi>?CrvMD7EOV+C~{Sf0*4+kUF~0 zWQ5vrjw4E5H$>>FH_K%|-;EF9fR$fl*~L64-T~vWNN^4gRwe@Rr_G>7*xj|A*`)!O z!hcwoU4{aMS0PG!yJO*mdPBqMujk`AjY&tiKJAFBW#L#ki+x;md)`Q6++6)b zSA+4@Q!ZSB6i^Ka^(7vFN5IsDB+Sj=`Rklw4j>!W?L02EJe}vfw_e1?)o4OE*lL=oTv6@faL0G@ z&+K{rLBs2pRJn)(geFsY=%teL18uw&viBd)a&WWwE;Gn|G)s%8sp)t-bTTeA94@Dl z8ZaBrQdSa5-%P+y6;UIzeGa3|J0Isr^d59QkIbVoI)LMipBBgQe@kpNU>4Q3#0658 z)QD*>6(mAl>2}U+I#~j&BXWg5k}?{N(y8QfY-2w=w?;sa<#1=9d6SbQHEdsBbvC@J z{ie3~cAq+Hg>P0YjppmB(QE2i|9+sZw%$ycgk7wxx0$Wv^_?BqdEy0uo4p|mL}onq z;Mg2%$gRN}P1rfywLyrhs{G!G@+_5;+spcw0rymjqE#qJKBHv*H9KEm&&sG~QW1Ax zy?PD*Ek~Q16|6BzS`IBQ6F>V0=H;qjP5Q;wg@U|aXZi119)g6_+uNC|xTjxqdtU5d zvfZz;VGbSvZ+xA$UKfrV^+>;7)KoP0__1(Zx*?MA<2o#?F_}Hq@P@^gdrsqwOWb_^ zke5j}6uKKfcV+CaK|iJULwG1RViI(U&})~Jm8(H-lZ0X?0ep1ux#B^TFYZgALt|Ce zIl-VPn)kFe_vsbgF_mIxblfG*&0qtjWa2g4#K+xQMeFhnm3LvHEzYrg2{kphJodMl zzmem{-0VN)Ng4M?DVD4=uiSaD2^ACxWnMqcw?8B#W7vtpP7aTgSUPoUoGUY`(PoRZ zoacNWW}d<7e)+7inLtDiu2dlmvW3r|q>io6$6x{LLcb7cRGsu)Q`~Whf#&??JSf}Xz!KN>pm(=?t_Odr z;WU!#O8f;j+dpb^WyXSE9q^XSw=!9(tT3Xsj|zHTXhfHGLyTeTc!uf-?CKXhxlKMx>hkXe{)SskSaQNU@0jQgN=wM3L8u2NzL|WK&2{~I zEOv2Zdx!5_$ZAVt~9Of$YP$1@xO-IqNUignkRfnxsd)V+9+^aNZxvAer5svv8D zICReqQuIBp4}EMgilP=-9)*1+9%>(yhvZf#2i4X(bP{I7X^Rg%O)JhelFyo7gAq<0 zYgQ|M>Ch;$py_m>VYDYw8MZO9DkX0A)6V|IJxgB0qr51v*zN0_7g$rAj)c_RYMg9C zo@rArstUiMI&CB_nmj_@FA8MjaihUCT`2vz&{nAbEOgAT_!f1xE0tkyf`S6EoO+)- zp(R1!ya4ML6N7ZGtXNCu8FxF^b*60lIPpKVo11=|VWQrfXIsPN0ZGLi>F(CE=Qj_6 zp;_X$MvdK%c(Bh`C;E(&@YQb?xFt>eSEGNKD~Kf@Ut05QRx^6LGW zgkbA))b2>0MN77SWRFYN%t%ps4@OQ2KJuIl1y&J!>jg5l2O=R zg$zP$m-Vf`t?Y<;?9SY4y9JGFijk5C$!OxVc!hyCUw4GPfPw7}V`|HQ0Lm-ld9yRZ j=JKxS(WOJe Date: Wed, 16 Dec 2015 21:16:49 +0000 Subject: [PATCH 29/39] Removed duplicate log_file config check and declaration fix --- includes/definitions.inc.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/includes/definitions.inc.php b/includes/definitions.inc.php index 0ee7294d7d..d5ad15165e 100644 --- a/includes/definitions.inc.php +++ b/includes/definitions.inc.php @@ -1771,10 +1771,6 @@ if (isset($config['rrdgraph_def_text'])) { $config['rrd_opts_array'] = explode(' ', trim($config['rrdgraph_def_text'])); } -if (!isset($config['log_file'])) { - $config['log_file'] = $config['log_dir'].'/'.$config['project_id'].'.log'; -} - if (isset($config['cdp_autocreate'])) { $config['dp_autocreate'] = $config['cdp_autocreate']; } @@ -1843,7 +1839,7 @@ if (!isset($config['log_dir'])) { } if (!isset($config['log_file'])) { - $config['log_dir'].'/'.$config['project_id'].'.log'; + $config['log_file'] = $config['log_dir'].'/'.$config['project_id'].'.log'; } if (!isset($config['plugin_dir'])) { From 62e83a2f2810034f1025592e7b5763f04f8389c0 Mon Sep 17 00:00:00 2001 From: Luke Gopher Date: Fri, 18 Dec 2015 17:07:40 +0100 Subject: [PATCH 30/39] Fix myql empty graphs Fix this problem when we have another plugin enabled than Mysql on a server --- includes/polling/applications/mysql.inc.php | 1 + 1 file changed, 1 insertion(+) diff --git a/includes/polling/applications/mysql.inc.php b/includes/polling/applications/mysql.inc.php index 78310711d4..59ca7f81eb 100644 --- a/includes/polling/applications/mysql.inc.php +++ b/includes/polling/applications/mysql.inc.php @@ -109,6 +109,7 @@ $mapping = array( ); $values = array(); +unset($fields); foreach ($mapping as $k => $v) { $fields[$k] = isset($map[$v]) ? $map[$v] : (-1); } From 70324ea4bb5af4329bb46e0afaf9f2678023a5e7 Mon Sep 17 00:00:00 2001 From: Daniel Preussker Date: Sat, 19 Dec 2015 12:31:07 +0000 Subject: [PATCH 31/39] Update check.inc --- includes/services/ssl_cert/check.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/services/ssl_cert/check.inc b/includes/services/ssl_cert/check.inc index 1f0cb9d7b0..3c21078dd2 100644 --- a/includes/services/ssl_cert/check.inc +++ b/includes/services/ssl_cert/check.inc @@ -9,7 +9,7 @@ if( !empty($service['service_ip']) ) { $cmd .= " ".$service['service_param']; $check = shell_exec($cmd); -list($check, $time) = split("\|", $check); +list($check, $time) = explode("\|", $check); if(strstr($check, "SSL_CERT OK")) { $status = '1'; From d8095707b246aa944032b2fbdeab7c477bdd45ad Mon Sep 17 00:00:00 2001 From: laf Date: Sat, 19 Dec 2015 19:10:18 +0000 Subject: [PATCH 32/39] Added flag to get_graph_by_port_hostname() API call to switch port look up to use ifDescr --- doc/API/API-Docs.md | 1 + html/includes/api_functions.inc.php | 9 ++++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/doc/API/API-Docs.md b/doc/API/API-Docs.md index e879fe637b..538496c84d 100644 --- a/doc/API/API-Docs.md +++ b/doc/API/API-Docs.md @@ -316,6 +316,7 @@ Input: - to: This is the date you would like the graph to end - See http://oss.oetiker.ch/rrdtool/doc/rrdgraph.en.html for more information. - width: The graph width, defaults to 1075. - height: The graph height, defaults to 300. + - ifDescr: If this is set to true then we will use ifDescr to lookup the port instead of ifName. Pass the ifDescr value you want to search as you would ifName. Example: ```curl diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index 8469e10532..5e9356022e 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -62,10 +62,17 @@ function get_graph_by_port_hostname() { $vars['to'] = $_GET['to']; } + if (!empty($vars['ifDescr']) == true) { + $port = 'ifDescr'; + } + else { + $port = 'ifName'; + } + $vars['width'] = $_GET['width'] ?: 1075; $vars['height'] = $_GET['height'] ?: 300; $auth = '1'; - $vars['id'] = dbFetchCell('SELECT `P`.`port_id` FROM `ports` AS `P` JOIN `devices` AS `D` ON `P`.`device_id` = `D`.`device_id` WHERE `D`.`hostname`=? AND `P`.`ifName`=?', array($hostname, $vars['port'])); + $vars['id'] = dbFetchCell("SELECT `P`.`port_id` FROM `ports` AS `P` JOIN `devices` AS `D` ON `P`.`device_id` = `D`.`device_id` WHERE `D`.`hostname`=? AND `P`.`$port`=?", array($hostname, $vars['port'])); $app->response->headers->set('Content-Type', 'image/png'); include 'includes/graphs/graph.inc.php'; From b8bc52ce0c7cc22b32a061172a15bf0c3a824a4a Mon Sep 17 00:00:00 2001 From: laf Date: Sat, 19 Dec 2015 19:50:02 +0000 Subject: [PATCH 33/39] Removed distinct() from query as we limit by 1 anyway --- includes/alerts.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/alerts.inc.php b/includes/alerts.inc.php index 9d8dfa923a..23a56932d4 100644 --- a/includes/alerts.inc.php +++ b/includes/alerts.inc.php @@ -207,7 +207,7 @@ function IsMaintenance( $device ) { $where .= " || alert_schedule_items.target = ?"; $params[] = 'g'.$group; } - return dbFetchCell('SELECT DISTINCT(alert_schedule.schedule_id) FROM alert_schedule LEFT JOIN alert_schedule_items ON alert_schedule.schedule_id=alert_schedule_items.schedule_id WHERE ( alert_schedule_items.target = ?'.$where.' ) && NOW() BETWEEN alert_schedule.start AND alert_schedule.end LIMIT 1',$params); + return dbFetchCell('SELECT alert_schedule.schedule_id FROM alert_schedule LEFT JOIN alert_schedule_items ON alert_schedule.schedule_id=alert_schedule_items.schedule_id WHERE ( alert_schedule_items.target = ?'.$where.' ) && NOW() BETWEEN alert_schedule.start AND alert_schedule.end LIMIT 1',$params); } /** From d9e0b4a03c5b8fbea82c73863c212ff81b140d5b Mon Sep 17 00:00:00 2001 From: Maxim Tsyplakov Date: Sun, 20 Dec 2015 18:11:20 +0300 Subject: [PATCH 34/39] I agree to the conditions of the Contributor Agreement contained in doc/General/Contributing.md. --- AUTHORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/AUTHORS.md b/AUTHORS.md index e7e6e75dad..81e7e5739f 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -75,4 +75,5 @@ Contributors to LibreNMS: - Eldon Koyle (ekoyle) - Jonathan Bailey (jcbailey2) - Ruairi Carroll (rucarrol) +- Maxim Tsyplakov (tsypa) [1]: http://observium.org/ "Observium web site" From 9867051b1c5d6865b44c91d333f87ff33934ad72 Mon Sep 17 00:00:00 2001 From: Maxim Tsyplakov Date: Sun, 20 Dec 2015 18:37:36 +0300 Subject: [PATCH 35/39] closes #2652 --- mibs/MTA-MIB.txt | 1226 +++++++++++++++++++++++++++++++++ mibs/NETWORK-SERVICES-MIB.txt | 626 +++++++++++++++++ 2 files changed, 1852 insertions(+) create mode 100644 mibs/MTA-MIB.txt create mode 100644 mibs/NETWORK-SERVICES-MIB.txt diff --git a/mibs/MTA-MIB.txt b/mibs/MTA-MIB.txt new file mode 100644 index 0000000000..29618adc84 --- /dev/null +++ b/mibs/MTA-MIB.txt @@ -0,0 +1,1226 @@ +MTA-MIB DEFINITIONS ::= BEGIN + +IMPORTS + OBJECT-TYPE, Counter32, Gauge32, MODULE-IDENTITY, mib-2 + FROM SNMPv2-SMI + TimeInterval + FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP + FROM SNMPv2-CONF + SnmpAdminString + FROM SNMP-FRAMEWORK-MIB + applIndex, URLString + FROM NETWORK-SERVICES-MIB; + +mta MODULE-IDENTITY + LAST-UPDATED "200003030000Z" + ORGANIZATION "IETF Mail and Directory Management Working Group" + CONTACT-INFO + " Ned Freed + + Postal: Innosoft International, Inc. + 1050 Lakes Drive + West Covina, CA 91790 + US + + Tel: +1 626 919 3600 + Fax: +1 626 919 3614 + + E-Mail: ned.freed@innosoft.com" + DESCRIPTION + "The MIB module describing Message Transfer Agents (MTAs)" + REVISION "200003030000Z" + DESCRIPTION + "This revision, published in RFC 2789, changes a number of + DisplayStrings to SnmpAdminStrings. Note that this change + + is not strictly supported by SMIv2. However, the alternative + of deprecating the old objects and defining new objects + would have a more adverse impact on backward compatibility + and interoperability, given the particular semantics of + these objects. The defining reference for distinguished + names has also been updated from RFC 1779 to RFC 2253." + REVISION "199905120000Z" + DESCRIPTION + "This revision fixes a number of technical problems found in + previous versions: The conformance groups for different + versions of this MIB have been corrected, the recommendation + that an empty string be returned if the last operation was + successful has been removed from + mtaGroupInboundRejectionReason and + mtaGroupOutboundConnectFailureReason as it conflicts + with the stated purpose of these variables, and the + required mtaStatusCode entry has been added to + MtaGroupErrorEntry. It should be noted that this last + change in no way affects the bits on the wire." + REVISION "199708170000Z" + DESCRIPTION + "This revision, published in RFC 2249, adds the + mtaGroupDescription and mtaGroupURL fields, conversion + operation counters, a group hierarchy description mechanism, + counters for specific errors, oldest message IDs, per-MTA + and per-group loop counters, and a new table for tracking + any errors an MTA encounters." + REVISION "199311280000Z" + DESCRIPTION + "The original version of this MIB was published in RFC 1566" + ::= {mib-2 28} + +mtaTable OBJECT-TYPE + SYNTAX SEQUENCE OF MtaEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table holding information specific to an MTA." + ::= {mta 1} + +mtaEntry OBJECT-TYPE + SYNTAX MtaEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The entry associated with each MTA." + INDEX {applIndex} + ::= {mtaTable 1} + +MtaEntry ::= SEQUENCE { + mtaReceivedMessages + Counter32, + mtaStoredMessages + Gauge32, + mtaTransmittedMessages + Counter32, + mtaReceivedVolume + Counter32, + mtaStoredVolume + Gauge32, + mtaTransmittedVolume + Counter32, + mtaReceivedRecipients + Counter32, + mtaStoredRecipients + Gauge32, + mtaTransmittedRecipients + Counter32, + mtaSuccessfulConvertedMessages + Counter32, + mtaFailedConvertedMessages + Counter32, + mtaLoopsDetected + Counter32 +} + +mtaReceivedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages received since MTA initialization. + This includes messages transmitted to this MTA from other + MTAs as well as messages that have been submitted to the + MTA directly by end-users or applications." + ::= {mtaEntry 1} + +mtaStoredMessages OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of messages currently stored in the MTA. + This includes messages that are awaiting transmission to + some other MTA or are waiting for delivery to an end-user + or application." + ::= {mtaEntry 2} + +mtaTransmittedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages transmitted since MTA initialization. + This includes messages that were transmitted to some other + MTA or are waiting for delivery to an end-user or + application." + ::= {mtaEntry 3} + +mtaReceivedVolume OBJECT-TYPE + SYNTAX Counter32 + UNITS "K-octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total volume of messages received since MTA + initialization, measured in kilo-octets. This volume should + include all transferred data that is logically above the mail + transport protocol level. For example, an SMTP-based MTA + should use the number of kilo-octets in the message header + and body, while an X.400-based MTA should use the number of + kilo-octets of P2 data. This includes messages transmitted + to this MTA from other MTAs as well as messages that have + been submitted to the MTA directly by end-users or + applications." + ::= {mtaEntry 4} + +mtaStoredVolume OBJECT-TYPE + SYNTAX Gauge32 + UNITS "K-octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total volume of messages currently stored in the MTA, + measured in kilo-octets. This volume should include all + stored data that is logically above the mail transport + protocol level. For example, an SMTP-based MTA should + use the number of kilo-octets in the message header and + body, while an X.400-based MTA would use the number of + kilo-octets of P2 data. This includes messages that are + awaiting transmission to some other MTA or are waiting + for delivery to an end-user or application." + ::= {mtaEntry 5} + +mtaTransmittedVolume OBJECT-TYPE + SYNTAX Counter32 + UNITS "K-octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total volume of messages transmitted since MTA + initialization, measured in kilo-octets. This volume should + include all transferred data that is logically above the mail + transport protocol level. For example, an SMTP-based MTA + should use the number of kilo-octets in the message header + and body, while an X.400-based MTA should use the number of + kilo-octets of P2 data. This includes messages that were + transmitted to some other MTA or are waiting for delivery + to an end-user or application." + ::= {mtaEntry 6} + +mtaReceivedRecipients OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of recipients specified in all messages + received since MTA initialization. Recipients this MTA + has no responsibility for, i.e. inactive envelope + recipients or ones referred to in message headers, + should not be counted even if information about such + recipients is available. This includes messages + transmitted to this MTA from other MTAs as well as + messages that have been submitted to the MTA directly + by end-users or applications." + ::= {mtaEntry 7} + +mtaStoredRecipients OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of recipients specified in all messages + currently stored in the MTA. Recipients this MTA has no + responsibility for, i.e. inactive envelope recipients or + ones referred to in message headers, should not be + counted. This includes messages that are awaiting + transmission to some other MTA or are waiting for + delivery to an end-user or application." + ::= {mtaEntry 8} + +mtaTransmittedRecipients OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of recipients specified in all messages + transmitted since MTA initialization. Recipients this + MTA had no responsibility for, i.e. inactive envelope + recipients or ones referred to in message headers, + should not be counted. This includes messages that were + transmitted to some other MTA or are waiting for + delivery to an end-user or application." + ::= {mtaEntry 9} + +mtaSuccessfulConvertedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages that have been successfully + converted from one form to another since MTA + initialization." + ::= {mtaEntry 10} + +mtaFailedConvertedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages for which an unsuccessful + attempt was made to convert them from one form to + another since MTA initialization." + ::= {mtaEntry 11} + +mtaLoopsDetected OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A message loop is defined as a situation where the MTA + decides that a given message will never be delivered to + one or more recipients and instead will continue to + loop endlessly through one or more MTAs. This variable + counts the number of times the MTA has detected such a + situation since MTA initialization. Note that the + mechanism MTAs use to detect loops (e.g., trace field + counting, count of references to this MTA in a trace + field, examination of DNS or other directory information, + etc.), the level at which loops are detected (e.g., per + message, per recipient, per directory entry, etc.), and + the handling of a loop once it is detected (e.g., looping + + messages are held, looping messages are bounced or sent + to the postmaster, messages that the MTA knows will loop + won't be accepted, etc.) vary widely from one MTA to the + next and cannot be inferred from this variable." + ::= {mtaEntry 12} + +-- MTAs typically group inbound reception, queue storage, and +-- outbound transmission in some way, rather than accounting for +-- such operations only across the MTA as a whole. In the most +-- extreme case separate information will be maintained for each +-- different entity that receives messages and for each entity +-- the MTA stores messages for and delivers messages to. Other +-- MTAs may elect to treat all reception equally, all queue +-- storage equally, all deliveries equally, or some combination +-- of this. Overlapped groupings are also possible, where an MTA +-- decomposes its traffic in different ways for different +-- purposes. + +-- In any case, a grouping abstraction is an extremely useful for +-- breaking down the activities of an MTA. For purposes of +-- labelling this will be called a "group" in this MIB. + +-- Each group contains all the variables needed to monitor all +-- aspects of an MTA's operation. However, the fact that all +-- groups contain all possible variables does not imply that all +-- groups must use all possible variables. For example, a single +-- group might be used to monitor only one kind of event (inbound +-- processing, outbound processing, or storage). In this sort of +-- configuration any counters that are unused as a result of a +-- given MTA's use of the group construct must be inaccessible; +-- e.g., returning either a noSuchName error (for an SNMPv1 get), +-- or a noSuchInstance exception (for an SNMPv2 get). + +-- Groups can be created at any time after MTA initialization. Once +-- a group is created it should not be deleted or its mtaGroupIndex +-- changed unless the MTA is reinitialized. + +-- Groups are not necessarily mutually exclusive. A given event may +-- be recorded by more than one group, a message may be seen as +-- stored by more than one group, and so on. Groups should be all +-- inclusive, however: if groups are implemented all aspects of an +-- MTA's operation should be registered in at least one group. +-- This freedom lets implementors use different sets of groups to +-- provide different "views" of an MTA. + +-- The possibility of overlap between groups means that summing +-- variables across groups may not produce values equal to those in +-- the mtaTable. mtaTable should always provide accurate information + +-- about the MTA as a whole. + +-- The term "channel" is often used in MTA implementations; channels +-- are usually, but not always, equivalent to a group. However, +-- this MIB does not use the term "channel" because there is no +-- requirement that an MTA supporting this MIB has to map its +-- "channel" abstraction one-to-one onto the MIB's group abstraction. + +-- An MTA may create a group or group of groups at any time. Once +-- created, however, an MTA cannot delete an entry for a group from +-- the group table. Deletion is only allowed when the MTA is +-- reinitialized, and is not required even then. This restriction +-- is imposed so that monitoring agents can rely on group +-- assignments being consistent across multiple query operations. + +-- Groups may be laid out so as to form a hierarchical arrangement, +-- with some groups acting as subgroups for other groups. +-- Alternately, disjoint groups of groups may be used to provide +-- different sorts of "snapshots" of MTA operation. The +-- mtaGroupHierarchy variable provides an indication of how each +-- group fits into the overall arrangement being used. + +-- Note that SNMP also defines and uses term "group". MTA groups are +-- NOT the same as SNMP groups. + +mtaGroupTable OBJECT-TYPE + SYNTAX SEQUENCE OF MtaGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table holding information specific to each MTA group." + ::= {mta 2} + +mtaGroupEntry OBJECT-TYPE + SYNTAX MtaGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The entry associated with each MTA group." + INDEX {applIndex, mtaGroupIndex} + ::= {mtaGroupTable 1} + +MtaGroupEntry ::= SEQUENCE { + mtaGroupIndex + INTEGER, + mtaGroupReceivedMessages + Counter32, + mtaGroupRejectedMessages + + Counter32, + mtaGroupStoredMessages + Gauge32, + mtaGroupTransmittedMessages + Counter32, + mtaGroupReceivedVolume + Counter32, + mtaGroupStoredVolume + Gauge32, + mtaGroupTransmittedVolume + Counter32, + mtaGroupReceivedRecipients + Counter32, + mtaGroupStoredRecipients + Gauge32, + mtaGroupTransmittedRecipients + Counter32, + mtaGroupOldestMessageStored + TimeInterval, + mtaGroupInboundAssociations + Gauge32, + mtaGroupOutboundAssociations + Gauge32, + mtaGroupAccumulatedInboundAssociations + Counter32, + mtaGroupAccumulatedOutboundAssociations + Counter32, + mtaGroupLastInboundActivity + TimeInterval, + mtaGroupLastOutboundActivity + TimeInterval, + mtaGroupLastOutboundAssociationAttempt + TimeInterval, + mtaGroupRejectedInboundAssociations + Counter32, + mtaGroupFailedOutboundAssociations + Counter32, + mtaGroupInboundRejectionReason + SnmpAdminString, + mtaGroupOutboundConnectFailureReason + SnmpAdminString, + mtaGroupScheduledRetry + TimeInterval, + mtaGroupMailProtocol + OBJECT IDENTIFIER, + mtaGroupName + SnmpAdminString, + mtaGroupSuccessfulConvertedMessages + + Counter32, + mtaGroupFailedConvertedMessages + Counter32, + mtaGroupDescription + SnmpAdminString, + mtaGroupURL + URLString, + mtaGroupCreationTime + TimeInterval, + mtaGroupHierarchy + INTEGER, + mtaGroupOldestMessageId + SnmpAdminString, + mtaGroupLoopsDetected + Counter32 +} + +mtaGroupIndex OBJECT-TYPE + SYNTAX INTEGER (1..2147483647) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index associated with a group for a given MTA." + ::= {mtaGroupEntry 1} + +mtaGroupReceivedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages received to this group since + group creation." + ::= {mtaGroupEntry 2} + +mtaGroupRejectedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages rejected by this group since + group creation." + ::= {mtaGroupEntry 3} + +mtaGroupStoredMessages OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of messages currently stored in this + group's queue." + ::= {mtaGroupEntry 4} + +mtaGroupTransmittedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages transmitted by this group since + group creation." + ::= {mtaGroupEntry 5} + +mtaGroupReceivedVolume OBJECT-TYPE + SYNTAX Counter32 + UNITS "K-octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total volume of messages received to this group since + group creation, measured in kilo-octets. This volume + should include all transferred data that is logically above + the mail transport protocol level. For example, an + SMTP-based MTA should use the number of kilo-octets in the + message header and body, while an X.400-based MTA should use + the number of kilo-octets of P2 data." + ::= {mtaGroupEntry 6} + +mtaGroupStoredVolume OBJECT-TYPE + SYNTAX Gauge32 + UNITS "K-octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total volume of messages currently stored in this + group's queue, measured in kilo-octets. This volume should + include all stored data that is logically above the mail + transport protocol level. For example, an SMTP-based + MTA should use the number of kilo-octets in the message + header and body, while an X.400-based MTA would use the + number of kilo-octets of P2 data." + ::= {mtaGroupEntry 7} + +mtaGroupTransmittedVolume OBJECT-TYPE + SYNTAX Counter32 + UNITS "K-octets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total volume of messages transmitted by this group + since group creation, measured in kilo-octets. This + volume should include all transferred data that is logically + above the mail transport protocol level. For example, an + SMTP-based MTA should use the number of kilo-octets in the + message header and body, while an X.400-based MTA should use + the number of kilo-octets of P2 data." + ::= {mtaGroupEntry 8} + +mtaGroupReceivedRecipients OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of recipients specified in all messages + received to this group since group creation. + Recipients this MTA has no responsibility for should not + be counted." + ::= {mtaGroupEntry 9} + +mtaGroupStoredRecipients OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of recipients specified in all messages + currently stored in this group's queue. Recipients this + MTA has no responsibility for should not be counted." + ::= {mtaGroupEntry 10} + +mtaGroupTransmittedRecipients OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of recipients specified in all messages + transmitted by this group since group creation. + Recipients this MTA had no responsibility for should not + be counted." + ::= {mtaGroupEntry 11} + +mtaGroupOldestMessageStored OBJECT-TYPE + SYNTAX TimeInterval + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time since the oldest message in this group's queue was + + placed in the queue." + ::= {mtaGroupEntry 12} + +mtaGroupInboundAssociations OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of current associations to the group, where the + group is the responder." + ::= {mtaGroupEntry 13} + +mtaGroupOutboundAssociations OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of current associations to the group, where the + group is the initiator." + ::= {mtaGroupEntry 14} + +mtaGroupAccumulatedInboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of associations to the group since + group creation, where the MTA was the responder." + ::= {mtaGroupEntry 15} + +mtaGroupAccumulatedOutboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of associations from the group since + group creation, where the MTA was the initiator." + ::= {mtaGroupEntry 16} + +mtaGroupLastInboundActivity OBJECT-TYPE + SYNTAX TimeInterval + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time since the last time that this group had an active + inbound association for purposes of message reception." + ::= {mtaGroupEntry 17} + +mtaGroupLastOutboundActivity OBJECT-TYPE + SYNTAX TimeInterval + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time since the last time that this group had a + successful outbound association for purposes of + message delivery." + ::= {mtaGroupEntry 18} + +mtaGroupLastOutboundAssociationAttempt OBJECT-TYPE + SYNTAX TimeInterval + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time since the last time that this group attempted + to make an outbound association for purposes of + message delivery." + ::= {mtaGroupEntry 34} + +mtaGroupRejectedInboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of inbound associations the group has + rejected, since group creation. Rejected associations + are not counted in the accumulated association totals." + ::= {mtaGroupEntry 19} + +mtaGroupFailedOutboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number associations where the group was the + initiator and association establishment has failed, + since group creation. Failed associations are + not counted in the accumulated association totals." + ::= {mtaGroupEntry 20} + +mtaGroupInboundRejectionReason OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The failure reason, if any, for the last association this + group refused to respond to. If no association attempt + + has been made since the MTA was initialized the value + should be 'never'." + ::= {mtaGroupEntry 21} + +mtaGroupOutboundConnectFailureReason OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The failure reason, if any, for the last association attempt + this group initiated. If no association attempt has been + made since the MTA was initialized the value should be + 'never'." + ::= {mtaGroupEntry 22} + +mtaGroupScheduledRetry OBJECT-TYPE + SYNTAX TimeInterval + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The amount of time until this group is next scheduled to + attempt to make an association." + ::= {mtaGroupEntry 23} + +mtaGroupMailProtocol OBJECT-TYPE + SYNTAX OBJECT IDENTIFIER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "An identification of the protocol being used by this group. + For an group employing OSI protocols, this will be the + Application Context. For Internet applications, OID + values of the form {applTCPProtoID port} or {applUDPProtoID + port} are used for TCP-based and UDP-based protocols, + respectively. In either case 'port' corresponds to the + primary port number being used by the protocol. The + usual IANA procedures may be used to register ports for + new protocols. applTCPProtoID and applUDPProtoID are + defined in the NETWORK-SERVICES-MIB, RFC 2788." + ::= {mtaGroupEntry 24} + +mtaGroupName OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A descriptive name for the group. If this group connects to + a single remote MTA this should be the name of that MTA. If + + this in turn is an Internet MTA this should be the domain + name. For an OSI MTA it should be the string encoded + distinguished name of the managed object using the format + defined in RFC 2253. For X.400(1984) MTAs which do not + have a Distinguished Name, the RFC 2156 syntax + 'mta in globalid' used in X400-Received: fields can be + used." + ::= {mtaGroupEntry 25} + +mtaGroupSuccessfulConvertedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages that have been successfully + converted from one form to another in this group + since group creation." + ::= {mtaGroupEntry 26} + +mtaGroupFailedConvertedMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of messages for which an unsuccessful + attempt was made to convert them from one form to + another in this group since group creation." + ::= {mtaGroupEntry 27} + +mtaGroupDescription OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A description of the group's purpose. This information is + intended to identify the group in a status display." + ::= {mtaGroupEntry 28} + +mtaGroupURL OBJECT-TYPE + SYNTAX URLString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A URL pointing to a description of the group. This + information is intended to identify and briefly describe + the group in a status display." + ::= {mtaGroupEntry 29} + +mtaGroupCreationTime OBJECT-TYPE + SYNTAX TimeInterval + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time since this group was first created." + ::= {mtaGroupEntry 30} + +mtaGroupHierarchy OBJECT-TYPE + SYNTAX INTEGER (-2147483648..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Describes how this group fits into the hierarchy. A + positive value is interpreted as an mtaGroupIndex + value for some other group whose variables include + those of this group (and usually others). A negative + value is interpreted as a group collection code: Groups + with common negative hierarchy values comprise one + particular breakdown of MTA activity as a whole. A + zero value means that this MIB implementation doesn't + implement hierarchy indicators and thus the overall + group hierarchy cannot be determined." + ::= {mtaGroupEntry 31} + +mtaGroupOldestMessageId OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Message ID of the oldest message in the group's queue. + Whenever possible this should be in the form of an + RFC 822 msg-id; X.400 may convert X.400 message + identifiers to this form by following the rules laid + out in RFC2156." + ::= {mtaGroupEntry 32} + +mtaGroupLoopsDetected OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A message loop is defined as a situation where the MTA + decides that a given message will never be delivered to + one or more recipients and instead will continue to + loop endlessly through one or more MTAs. This variable + counts the number of times the MTA has detected such a + situation in conjunction with something associated with + + this group since group creation. Note that the + mechanism MTAs use to detect loops (e.g., trace field + counting, count of references to this MTA in a trace + field, examination of DNS or other directory information, + etc.), the level at which loops are detected (e.g., per + message, per recipient, per directory entry, etc.), and + the handling of a loop once it is detected (e.g., looping + messages are held, looping messages are bounced or sent + to the postmaster, messages that the MTA knows will loop + won't be accepted, etc.) vary widely from one MTA to the + next and cannot be inferred from this variable." + ::= {mtaGroupEntry 33} + +-- The mtaGroupAssociationTable provides a means of correlating +-- entries in the network services association table with the +-- MTA group responsible for the association. + +mtaGroupAssociationTable OBJECT-TYPE + SYNTAX SEQUENCE OF MtaGroupAssociationEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table holding information regarding the associations + for each MTA group." + ::= {mta 3} + +mtaGroupAssociationEntry OBJECT-TYPE + SYNTAX MtaGroupAssociationEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The entry holding information regarding the associations + for each MTA group." + INDEX {applIndex, mtaGroupIndex, mtaGroupAssociationIndex} + ::= {mtaGroupAssociationTable 1} + +MtaGroupAssociationEntry ::= SEQUENCE { + mtaGroupAssociationIndex + INTEGER +} + +mtaGroupAssociationIndex OBJECT-TYPE + SYNTAX INTEGER (1..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Reference into association table to allow correlation of + this group's active associations with the association table." + ::= {mtaGroupAssociationEntry 1} + +-- The mtaGroupErrorTable gives each group a way of tallying +-- the specific errors it has encountered. The mechanism +-- defined here uses RFC 1893 status codes to identify +-- various specific errors. There are also classes for generic +-- errors of various sorts, and the entire mechanism is also +-- extensible, in that new error codes can be defined at any +-- time. + +mtaGroupErrorTable OBJECT-TYPE + SYNTAX SEQUENCE OF MtaGroupErrorEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table holding information regarding accumulated errors + for each MTA group." + ::= {mta 5} + +mtaGroupErrorEntry OBJECT-TYPE + SYNTAX MtaGroupErrorEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The entry holding information regarding accumulated + errors for each MTA group." + INDEX {applIndex, mtaGroupIndex, mtaStatusCode} + ::= {mtaGroupErrorTable 1} + +MtaGroupErrorEntry ::= SEQUENCE { + mtaStatusCode + INTEGER (4000000..5999999), + mtaGroupInboundErrorCount + Counter32, + mtaGroupInternalErrorCount + Counter32, + mtaGroupOutboundErrorCount + Counter32 +} + +mtaGroupInboundErrorCount OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Count of the number of errors of a given type that have + been accumulated in association with a particular group + while processing incoming messages. In the case of SMTP + + these will typically be errors reporting by an SMTP + server to the remote client; in the case of X.400 + these will typically be errors encountered while + processing an incoming message." + ::= {mtaGroupErrorEntry 1} + +mtaGroupInternalErrorCount OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Count of the number of errors of a given type that have + been accumulated in association with a particular group + during internal MTA processing." + ::= {mtaGroupErrorEntry 2} + +mtaGroupOutboundErrorCount OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Count of the number of errors of a given type that have + been accumulated in association with a particular group's + outbound connection activities. In the case of an SMTP + client these will typically be errors reported while + attempting to contact or while communicating with the + remote SMTP server. In the case of X.400 these will + typically be errors encountered while constructing + or attempting to deliver an outgoing message." + ::= {mtaGroupErrorEntry 3} + +mtaStatusCode OBJECT-TYPE + SYNTAX INTEGER (4000000..5999999) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An index capable of representing an Enhanced Mail System + Status Code. Enhanced Mail System Status Codes are + defined in RFC 1893. These codes have the form + + class.subject.detail + + Here 'class' is either 2, 4, or 5 and both 'subject' and + 'detail' are integers in the range 0..999. Given a status + code the corresponding index value is defined to be + ((class * 1000) + subject) * 1000 + detail. Both SMTP + error response codes and X.400 reason and diagnostic codes + can be mapped into these codes, resulting in a namespace + + capable of describing most error conditions a mail system + encounters in a generic yet detailed way." + ::= {mtaGroupErrorEntry 4} + +-- Conformance information + +mtaConformance OBJECT IDENTIFIER ::= {mta 4} + +mtaGroups OBJECT IDENTIFIER ::= {mtaConformance 1} +mtaCompliances OBJECT IDENTIFIER ::= {mtaConformance 2} + +-- Compliance statements + +mtaCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 1566 implementations + which support the Mail Monitoring MIB for basic + monitoring of MTAs." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC1566Group} + ::= {mtaCompliances 1} + +mtaAssocCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 1566 implementations + which support the Mail Monitoring MIB for monitoring + of MTAs and their associations." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC1566Group, mtaRFC1566AssocGroup} + ::= {mtaCompliances 2} + +mtaRFC2249Compliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2249 implementations + which support the Mail Monitoring MIB for basic + monitoring of MTAs." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2249Group} + ::= {mtaCompliances 5} + +mtaRFC2249AssocCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2249 implementations + + which support the Mail Monitoring MIB for monitoring of + MTAs and their associations." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2249Group, mtaRFC2249AssocGroup} + ::= {mtaCompliances 6} + +mtaRFC2249ErrorCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2249 implementations + which support the Mail Monitoring MIB for monitoring of + MTAs and detailed errors." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2249Group, mtaRFC2249ErrorGroup} + ::= {mtaCompliances 7} + +mtaRFC2249FullCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2249 implementations + which support the full Mail Monitoring MIB for + monitoring of MTAs, associations, and detailed errors." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2249Group, mtaRFC2249AssocGroup, + mtaRFC2249ErrorGroup} + ::= {mtaCompliances 8} + +mtaRFC2789Compliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2789 implementations + which support the Mail Monitoring MIB for basic + monitoring of MTAs." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2789Group} + ::= {mtaCompliances 9} + +mtaRFC2789AssocCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2789 implementations + which support the Mail Monitoring MIB for monitoring of + MTAs and their associations." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2789Group, mtaRFC2789AssocGroup} + ::= {mtaCompliances 10} + +mtaRFC2789ErrorCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2789 implementations + which support the Mail Monitoring MIB for monitoring of + MTAs and detailed errors." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2789Group, mtaRFC2789ErrorGroup} + ::= {mtaCompliances 11} + +mtaRFC2789FullCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2789 implementations + which support the full Mail Monitoring MIB for + monitoring of MTAs, associations, and detailed errors." + MODULE -- this module + MANDATORY-GROUPS {mtaRFC2789Group, mtaRFC2789AssocGroup, + mtaRFC2789ErrorGroup} + ::= {mtaCompliances 12} + +-- Units of conformance + +mtaRFC1566Group OBJECT-GROUP + OBJECTS { + mtaReceivedMessages, mtaStoredMessages, + mtaTransmittedMessages, mtaReceivedVolume, mtaStoredVolume, + mtaTransmittedVolume, mtaReceivedRecipients, + mtaStoredRecipients, mtaTransmittedRecipients, + mtaGroupReceivedMessages, mtaGroupRejectedMessages, + mtaGroupStoredMessages, mtaGroupTransmittedMessages, + mtaGroupReceivedVolume, mtaGroupStoredVolume, + mtaGroupTransmittedVolume, mtaGroupReceivedRecipients, + mtaGroupStoredRecipients, mtaGroupTransmittedRecipients, + mtaGroupOldestMessageStored, mtaGroupInboundAssociations, + mtaGroupOutboundAssociations, + mtaGroupAccumulatedInboundAssociations, + mtaGroupAccumulatedOutboundAssociations, + mtaGroupLastInboundActivity, mtaGroupLastOutboundActivity, + mtaGroupRejectedInboundAssociations, + mtaGroupFailedOutboundAssociations, + mtaGroupInboundRejectionReason, + mtaGroupOutboundConnectFailureReason, + mtaGroupScheduledRetry, mtaGroupMailProtocol, mtaGroupName} + STATUS current + DESCRIPTION + "A collection of objects providing basic monitoring of MTAs. + This is the original set of such objects defined in RFC + 1566." + ::= {mtaGroups 10} + +mtaRFC1566AssocGroup OBJECT-GROUP + OBJECTS { + mtaGroupAssociationIndex} + STATUS current + DESCRIPTION + "A collection of objects providing monitoring of MTA + associations. This is the original set of such objects + defined in RFC 1566." + ::= {mtaGroups 11} + +mtaRFC2249Group OBJECT-GROUP + OBJECTS { + mtaReceivedMessages, mtaStoredMessages, + mtaTransmittedMessages, mtaReceivedVolume, mtaStoredVolume, + mtaTransmittedVolume, mtaReceivedRecipients, + mtaStoredRecipients, mtaTransmittedRecipients, + mtaSuccessfulConvertedMessages, mtaFailedConvertedMessages, + mtaGroupReceivedMessages, mtaGroupRejectedMessages, + mtaGroupStoredMessages, mtaGroupTransmittedMessages, + mtaGroupReceivedVolume, mtaGroupStoredVolume, + mtaGroupTransmittedVolume, mtaGroupReceivedRecipients, + mtaGroupStoredRecipients, mtaGroupTransmittedRecipients, + mtaGroupOldestMessageStored, mtaGroupInboundAssociations, + mtaGroupOutboundAssociations, mtaLoopsDetected, + mtaGroupAccumulatedInboundAssociations, + mtaGroupAccumulatedOutboundAssociations, + mtaGroupLastInboundActivity, mtaGroupLastOutboundActivity, + mtaGroupLastOutboundAssociationAttempt, + mtaGroupRejectedInboundAssociations, + mtaGroupFailedOutboundAssociations, + mtaGroupInboundRejectionReason, + mtaGroupOutboundConnectFailureReason, + mtaGroupScheduledRetry, mtaGroupMailProtocol, mtaGroupName, + mtaGroupSuccessfulConvertedMessages, + mtaGroupFailedConvertedMessages, mtaGroupDescription, + mtaGroupURL, mtaGroupCreationTime, mtaGroupHierarchy, + mtaGroupOldestMessageId, mtaGroupLoopsDetected} + STATUS current + DESCRIPTION + "A collection of objects providing basic monitoring of MTAs. + This group was originally defined in RFC 2249." + ::= {mtaGroups 4} + +mtaRFC2249AssocGroup OBJECT-GROUP + OBJECTS { + mtaGroupAssociationIndex} + STATUS current + DESCRIPTION + "A collection of objects providing monitoring of MTA + associations. This group was originally defined in RFC + 2249." + ::= {mtaGroups 5} + +mtaRFC2249ErrorGroup OBJECT-GROUP + OBJECTS { + mtaGroupInboundErrorCount, mtaGroupInternalErrorCount, + mtaGroupOutboundErrorCount} + STATUS current + DESCRIPTION + "A collection of objects providing monitoring of + detailed MTA errors. This group was originally defined + in RFC 2249." + ::= {mtaGroups 6} + +mtaRFC2789Group OBJECT-GROUP + OBJECTS { + mtaReceivedMessages, mtaStoredMessages, + mtaTransmittedMessages, mtaReceivedVolume, mtaStoredVolume, + mtaTransmittedVolume, mtaReceivedRecipients, + mtaStoredRecipients, mtaTransmittedRecipients, + mtaSuccessfulConvertedMessages, mtaFailedConvertedMessages, + mtaGroupReceivedMessages, mtaGroupRejectedMessages, + mtaGroupStoredMessages, mtaGroupTransmittedMessages, + mtaGroupReceivedVolume, mtaGroupStoredVolume, + mtaGroupTransmittedVolume, mtaGroupReceivedRecipients, + mtaGroupStoredRecipients, mtaGroupTransmittedRecipients, + mtaGroupOldestMessageStored, mtaGroupInboundAssociations, + mtaGroupOutboundAssociations, mtaLoopsDetected, + mtaGroupAccumulatedInboundAssociations, + mtaGroupAccumulatedOutboundAssociations, + mtaGroupLastInboundActivity, mtaGroupLastOutboundActivity, + mtaGroupLastOutboundAssociationAttempt, + mtaGroupRejectedInboundAssociations, + mtaGroupFailedOutboundAssociations, + mtaGroupInboundRejectionReason, + mtaGroupOutboundConnectFailureReason, + mtaGroupScheduledRetry, mtaGroupMailProtocol, mtaGroupName, + mtaGroupSuccessfulConvertedMessages, + mtaGroupFailedConvertedMessages, mtaGroupDescription, + mtaGroupURL, mtaGroupCreationTime, mtaGroupHierarchy, + mtaGroupOldestMessageId, mtaGroupLoopsDetected} + STATUS current + DESCRIPTION + "A collection of objects providing basic monitoring of MTAs. + + This is the appropriate group for RFC 2789." + ::= {mtaGroups 7} + +mtaRFC2789AssocGroup OBJECT-GROUP + OBJECTS { + mtaGroupAssociationIndex} + STATUS current + DESCRIPTION + "A collection of objects providing monitoring of MTA + associations. This is the appropriate group for RFC + 2789 association monitoring." + ::= {mtaGroups 8} + +mtaRFC2789ErrorGroup OBJECT-GROUP + OBJECTS { + mtaGroupInboundErrorCount, mtaGroupInternalErrorCount, + mtaGroupOutboundErrorCount} + STATUS current + DESCRIPTION + "A collection of objects providing monitoring of + detailed MTA errors. This is the appropriate group + for RFC 2789 error monitoring." + ::= {mtaGroups 9} + +END diff --git a/mibs/NETWORK-SERVICES-MIB.txt b/mibs/NETWORK-SERVICES-MIB.txt new file mode 100644 index 0000000000..0f2cabecbd --- /dev/null +++ b/mibs/NETWORK-SERVICES-MIB.txt @@ -0,0 +1,626 @@ +NETWORK-SERVICES-MIB DEFINITIONS ::= BEGIN + +IMPORTS + OBJECT-TYPE, Counter32, Gauge32, MODULE-IDENTITY, mib-2 + FROM SNMPv2-SMI + TimeStamp, TEXTUAL-CONVENTION + FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP + FROM SNMPv2-CONF + SnmpAdminString + FROM SNMP-FRAMEWORK-MIB; + +application MODULE-IDENTITY + LAST-UPDATED "200003030000Z" + ORGANIZATION "IETF Mail and Directory Management Working Group" + + CONTACT-INFO + " Ned Freed + + Postal: Innosoft International, Inc. + 1050 Lakes Drive + West Covina, CA 91790 + US + + Tel: +1 626 919 3600 + Fax: +1 626 919 3614 + + E-Mail: ned.freed@innosoft.com" + DESCRIPTION + "The MIB module describing network service applications" + REVISION "200003030000Z" + DESCRIPTION + "This revision, published in RFC 2788, changes a number of + DisplayStrings to SnmpAdminStrings. Note that this change + is not strictly supported by SMIv2. However, the alternative + of deprecating the old objects and defining new objects + would have a more adverse impact on backward compatibility + and interoperability, given the particular semantics of + these objects. The defining reference for distinguished + names has also been updated from RFC 1779 to RFC 2253." + REVISION "199905120000Z" + DESCRIPTION + "This revision fixes a few small technical problems found + in previous versions, mostly in regards to the conformance + groups for different versions of this MIB. No changes have + been made to the objects this MIB defines since RFC 2248." + REVISION "199708170000Z" + DESCRIPTION + "This revision, published in RFC 2248, adds the + applDescription and applURL objects, adds the quiescing + state to the applOperStatus object and renames the MIB + from the APPLICATION-MIB to the NETWORK-SERVICE-MIB." + REVISION "199311280000Z" + DESCRIPTION + "The original version of this MIB was published in RFC 1565" + ::= {mib-2 27} + +-- Textual conventions + +-- DistinguishedName is used to refer to objects in the +-- directory. + +DistinguishedName ::= TEXTUAL-CONVENTION + DISPLAY-HINT "255a" + STATUS current + DESCRIPTION + "A Distinguished Name represented in accordance with + RFC 2253, presented in the UTF-8 charset defined in + RFC 2279." + SYNTAX OCTET STRING (SIZE (0..255)) + +-- Uniform Resource Locators are stored in URLStrings. + +URLString ::= TEXTUAL-CONVENTION + DISPLAY-HINT "255a" + STATUS current + DESCRIPTION + "A Uniform Resource Locator represented in accordance + with RFCs 1738 and 2368, presented in the NVT ASCII + charset defined in RFC 854." + SYNTAX OCTET STRING (SIZE (0..255)) + +-- The basic applTable contains a list of the application +-- entities. + +applTable OBJECT-TYPE + SYNTAX SEQUENCE OF ApplEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table holding objects which apply to all different + kinds of applications providing network services. + Each network service application capable of being + monitored should have a single entry in this table." + ::= {application 1} + +applEntry OBJECT-TYPE + SYNTAX ApplEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry associated with a single network service + application." + INDEX {applIndex} + ::= {applTable 1} + +ApplEntry ::= SEQUENCE { + applIndex + INTEGER, + applName + SnmpAdminString, + applDirectoryName + + DistinguishedName, + applVersion + SnmpAdminString, + applUptime + TimeStamp, + applOperStatus + INTEGER, + applLastChange + TimeStamp, + applInboundAssociations + Gauge32, + applOutboundAssociations + Gauge32, + applAccumulatedInboundAssociations + Counter32, + applAccumulatedOutboundAssociations + Counter32, + applLastInboundActivity + TimeStamp, + applLastOutboundActivity + TimeStamp, + applRejectedInboundAssociations + Counter32, + applFailedOutboundAssociations + Counter32, + applDescription + SnmpAdminString, + applURL + URLString +} + +applIndex OBJECT-TYPE + SYNTAX INTEGER (1..2147483647) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An index to uniquely identify the network service + application. This attribute is the index used for + lexicographic ordering of the table." + ::= {applEntry 1} + +applName OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The name the network service application chooses to be + known by." + ::= {applEntry 2} + +applDirectoryName OBJECT-TYPE + SYNTAX DistinguishedName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Distinguished Name of the directory entry where + static information about this application is stored. + An empty string indicates that no information about + the application is available in the directory." + ::= {applEntry 3} + +applVersion OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The version of network service application software. + This field is usually defined by the vendor of the + network service application software." + ::= {applEntry 4} +applUptime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime at the time the network service + application was last initialized. If the application was + last initialized prior to the last initialization of the + network management subsystem, then this object contains + a zero value." + ::= {applEntry 5} + +applOperStatus OBJECT-TYPE + SYNTAX INTEGER { + up(1), + down(2), + halted(3), + congested(4), + restarting(5), + quiescing(6) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Indicates the operational status of the network service + application. 'down' indicates that the network service is + + not available. 'up' indicates that the network service + is operational and available. 'halted' indicates that the + service is operational but not available. 'congested' + indicates that the service is operational but no additional + inbound associations can be accommodated. 'restarting' + indicates that the service is currently unavailable but is + in the process of restarting and will be available soon. + 'quiescing' indicates that service is currently operational + but is in the process of shutting down. Additional inbound + associations may be rejected by applications in the + 'quiescing' state." + ::= {applEntry 6} + +applLastChange OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime at the time the network service + application entered its current operational state. If + the current state was entered prior to the last + initialization of the local network management subsystem, + then this object contains a zero value." + ::= {applEntry 7} + +applInboundAssociations OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of current associations to the network service + application, where it is the responder. An inbound + association occurs when another application successfully + connects to this one." + ::= {applEntry 8} + +applOutboundAssociations OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of current associations to the network service + application, where it is the initiator. An outbound + association occurs when this application successfully + connects to another one." + ::= {applEntry 9} + +applAccumulatedInboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of associations to the application entity + since application initialization, where it was the responder." + ::= {applEntry 10} + +applAccumulatedOutboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of associations to the application entity + since application initialization, where it was the initiator." + ::= {applEntry 11} + +applLastInboundActivity OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime at the time this application last + had an inbound association. If the last association + occurred prior to the last initialization of the network + subsystem, then this object contains a zero value." + ::= {applEntry 12} + +applLastOutboundActivity OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime at the time this application last + had an outbound association. If the last association + occurred prior to the last initialization of the network + subsystem, then this object contains a zero value." + ::= {applEntry 13} + +applRejectedInboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of inbound associations the application + entity has rejected, since application initialization. + Rejected associations are not counted in the accumulated + association totals. Note that this only counts + + associations the application entity has rejected itself; + it does not count rejections that occur at lower layers + of the network. Thus, this counter may not reflect the + true number of failed inbound associations." + ::= {applEntry 14} + +applFailedOutboundAssociations OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number associations where the application entity + is initiator and association establishment has failed, + since application initialization. Failed associations are + not counted in the accumulated association totals." + ::= {applEntry 15} + +applDescription OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A text description of the application. This information + is intended to identify and briefly describe the + application in a status display." + ::= {applEntry 16} + +applURL OBJECT-TYPE + SYNTAX URLString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A URL pointing to a description of the application. + This information is intended to identify and describe + the application in a status display." + ::= {applEntry 17} + +-- The assocTable augments the information in the applTable +-- with information about associations. Note that two levels +-- of compliance are specified below, depending on whether +-- association monitoring is mandated. + +assocTable OBJECT-TYPE + SYNTAX SEQUENCE OF AssocEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table holding a set of all active application + + associations." + ::= {application 2} + +assocEntry OBJECT-TYPE + SYNTAX AssocEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry associated with an association for a network + service application." + INDEX {applIndex, assocIndex} + ::= {assocTable 1} + +AssocEntry ::= SEQUENCE { + assocIndex + INTEGER, + assocRemoteApplication + SnmpAdminString, + assocApplicationProtocol + OBJECT IDENTIFIER, + assocApplicationType + INTEGER, + assocDuration + TimeStamp +} + +assocIndex OBJECT-TYPE + SYNTAX INTEGER (1..2147483647) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An index to uniquely identify each association for a network + service application. This attribute is the index that is + used for lexicographic ordering of the table. Note that the + table is also indexed by the applIndex." + ::= {assocEntry 1} + +assocRemoteApplication OBJECT-TYPE + SYNTAX SnmpAdminString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The name of the system running remote network service + application. For an IP-based application this should be + either a domain name or IP address. For an OSI application + it should be the string encoded distinguished name of the + managed object. For X.400(1984) MTAs which do not have a + Distinguished Name, the RFC 2156 syntax 'mta in + + globalid' used in X400-Received: fields can be used. Note, + however, that not all connections an MTA makes are + necessarily to another MTA." + ::= {assocEntry 2} + +assocApplicationProtocol OBJECT-TYPE + SYNTAX OBJECT IDENTIFIER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "An identification of the protocol being used for the + application. For an OSI Application, this will be the + Application Context. For Internet applications, OID + values of the form {applTCPProtoID port} or {applUDPProtoID + port} are used for TCP-based and UDP-based protocols, + respectively. In either case 'port' corresponds to the + primary port number being used by the protocol. The + usual IANA procedures may be used to register ports for + new protocols." + ::= {assocEntry 3} + +assocApplicationType OBJECT-TYPE + SYNTAX INTEGER { + uainitiator(1), + uaresponder(2), + peerinitiator(3), + peerresponder(4)} + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This indicates whether the remote application is some type of + client making use of this network service (e.g., a Mail User + Agent) or a server acting as a peer. Also indicated is whether + the remote end initiated an incoming connection to the network + service or responded to an outgoing connection made by the + local application. MTAs and messaging gateways are + considered to be peers for the purposes of this variable." + ::= {assocEntry 4} + +assocDuration OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime at the time this association was + started. If this association started prior to the last + initialization of the network subsystem, then this + object contains a zero value." + ::= {assocEntry 5} + +-- Conformance information + +applConformance OBJECT IDENTIFIER ::= {application 3} + +applGroups OBJECT IDENTIFIER ::= {applConformance 1} +applCompliances OBJECT IDENTIFIER ::= {applConformance 2} + +-- Compliance statements + +applCompliance MODULE-COMPLIANCE + STATUS obsolete + DESCRIPTION + "The compliance statement for RFC 1565 implementations + which support the Network Services Monitoring MIB + for basic monitoring of network service applications. + This is the basic compliance statement for RFC 1565." + MODULE + MANDATORY-GROUPS {applRFC1565Group} + ::= {applCompliances 1} + +assocCompliance MODULE-COMPLIANCE + STATUS obsolete + DESCRIPTION + "The compliance statement for RFC 1565 implementations + which support the Network Services Monitoring MIB + for basic monitoring of network service applications + and their associations." + MODULE + MANDATORY-GROUPS {applRFC1565Group, assocRFC1565Group} + ::= {applCompliances 2} + +applRFC2248Compliance MODULE-COMPLIANCE + STATUS deprecated + DESCRIPTION + "The compliance statement for RFC 2248 implementations + which support the Network Services Monitoring MIB + for basic monitoring of network service applications." + MODULE + MANDATORY-GROUPS {applRFC2248Group} + ::= {applCompliances 3} + +assocRFC2248Compliance MODULE-COMPLIANCE + STATUS deprecated + DESCRIPTION + "The compliance statement for RFC 2248 implementations + + which support the Network Services Monitoring MIB for + basic monitoring of network service applications and + their associations." + MODULE + MANDATORY-GROUPS {applRFC2248Group, assocRFC2248Group} + ::= {applCompliances 4} + +applRFC2788Compliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2788 implementations + which support the Network Services Monitoring MIB + for basic monitoring of network service applications." + MODULE + MANDATORY-GROUPS {applRFC2788Group} + ::= {applCompliances 5} + +assocRFC2788Compliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RFC 2788 implementations + which support the Network Services Monitoring MIB for + basic monitoring of network service applications and + their associations." + MODULE + MANDATORY-GROUPS {applRFC2788Group, assocRFC2788Group} + ::= {applCompliances 6} + +-- Units of conformance + +applRFC1565Group OBJECT-GROUP + OBJECTS { + applName, applVersion, applUptime, applOperStatus, + applLastChange, applInboundAssociations, + applOutboundAssociations, applAccumulatedInboundAssociations, + applAccumulatedOutboundAssociations, applLastInboundActivity, + applLastOutboundActivity, applRejectedInboundAssociations, + applFailedOutboundAssociations} + STATUS obsolete + DESCRIPTION + "A collection of objects providing basic monitoring of + network service applications. This is the original set + of such objects defined in RFC 1565." + ::= {applGroups 7} + +assocRFC1565Group OBJECT-GROUP + OBJECTS { + + assocRemoteApplication, assocApplicationProtocol, + assocApplicationType, assocDuration} + STATUS obsolete + DESCRIPTION + "A collection of objects providing basic monitoring of + network service applications' associations. This is the + original set of such objects defined in RFC 1565." + ::= {applGroups 2} + +applRFC2248Group OBJECT-GROUP + OBJECTS { + applName, applVersion, applUptime, applOperStatus, + applLastChange, applInboundAssociations, + applOutboundAssociations, applAccumulatedInboundAssociations, + applAccumulatedOutboundAssociations, applLastInboundActivity, + applLastOutboundActivity, applRejectedInboundAssociations, + applFailedOutboundAssociations, applDescription, applURL} + STATUS deprecated + DESCRIPTION + "A collection of objects providing basic monitoring of + network service applications. This group was originally + defined in RFC 2248; note that applDirectoryName is + missing." + ::= {applGroups 3} + +assocRFC2248Group OBJECT-GROUP + OBJECTS { + assocRemoteApplication, assocApplicationProtocol, + assocApplicationType, assocDuration} + STATUS deprecated + DESCRIPTION + "A collection of objects providing basic monitoring of + network service applications' associations. This group + was originally defined by RFC 2248." + ::= {applGroups 4} + +applRFC2788Group OBJECT-GROUP + OBJECTS { + applName, applDirectoryName, applVersion, applUptime, + applOperStatus, applLastChange, applInboundAssociations, + applOutboundAssociations, applAccumulatedInboundAssociations, + applAccumulatedOutboundAssociations, applLastInboundActivity, + applLastOutboundActivity, applRejectedInboundAssociations, + applFailedOutboundAssociations, applDescription, applURL} + STATUS current + DESCRIPTION + "A collection of objects providing basic monitoring of + network service applications. This is the appropriate + + group for RFC 2788 -- it adds the applDirectoryName object + missing in RFC 2248." + ::= {applGroups 5} + +assocRFC2788Group OBJECT-GROUP + OBJECTS { + assocRemoteApplication, assocApplicationProtocol, + assocApplicationType, assocDuration} + STATUS current + DESCRIPTION + "A collection of objects providing basic monitoring of + network service applications' associations. This is + the appropriate group for RFC 2788." + ::= {applGroups 6} + +-- OIDs of the form {applTCPProtoID port} are intended to be used +-- for TCP-based protocols that don't have OIDs assigned by other +-- means. {applUDPProtoID port} serves the same purpose for +-- UDP-based protocols. In either case 'port' corresponds to +-- the primary port number being used by the protocol. For example, +-- assuming no other OID is assigned for SMTP, an OID of +-- {applTCPProtoID 25} could be used, since SMTP is a TCP-based +-- protocol that uses port 25 as its primary port. + +applTCPProtoID OBJECT IDENTIFIER ::= {application 4} +applUDPProtoID OBJECT IDENTIFIER ::= {application 5} + +END From 2f88cb93a3da75d4faa70a1f9c469fbafe6a03fa Mon Sep 17 00:00:00 2001 From: Rosiak Date: Sun, 20 Dec 2015 21:10:36 +0100 Subject: [PATCH 36/39] Basic LigoPTP Discovery fix #2636 --- includes/definitions.inc.php | 8 ++++++++ includes/discovery/os/ligoos.inc.php | 17 +++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 includes/discovery/os/ligoos.inc.php diff --git a/includes/definitions.inc.php b/includes/definitions.inc.php index efdc18a340..b2fc891122 100644 --- a/includes/definitions.inc.php +++ b/includes/definitions.inc.php @@ -1380,6 +1380,14 @@ $config['os'][$os]['icon'] = 'riverbed'; $config['os'][$os]['over'][0]['graph'] = 'device_bits'; $config['os'][$os]['over'][0]['text'] = 'Traffic'; +// Ligowave LigoOS +$os = 'ligoos'; +$config['os'][$os]['text'] = 'LigoWave LigoOS'; +$config['os'][$os]['type'] = 'wireless'; +$config['os'][$os]['icon'] = 'ligowave'; +$config['os'][$os]['over'][0]['graph'] = 'device_bits'; +$config['os'][$os]['over'][0]['text'] = 'Traffic'; + // Appliances $os = 'fortios'; $config['os'][$os]['text'] = 'FortiOS'; diff --git a/includes/discovery/os/ligoos.inc.php b/includes/discovery/os/ligoos.inc.php new file mode 100644 index 0000000000..08d0a3c2e3 --- /dev/null +++ b/includes/discovery/os/ligoos.inc.php @@ -0,0 +1,17 @@ + + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation, either version 3 of the License, or (at your + * option) any later version. Please see LICENSE.txt at the top level of + * the source code distribution for details. + */ + +if (!$os) { + if (preg_match('/^LigoPTP/', $sysDescr)) { + $os = 'ligoos'; + } +} From 2d8fa4d753471881b8d4983d93537fc0a7d214e1 Mon Sep 17 00:00:00 2001 From: laf Date: Sun, 20 Dec 2015 21:39:02 +0000 Subject: [PATCH 37/39] Updated changelog 20/12/2015 --- doc/General/Changelog.md | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/doc/General/Changelog.md b/doc/General/Changelog.md index 8eb76733d8..5e83df17dc 100644 --- a/doc/General/Changelog.md +++ b/doc/General/Changelog.md @@ -5,26 +5,59 @@ - Fixed regex for negative lat/lng coords (PR2524) - Fixed map page looping due to device connected to itself (PR2545) - Fixed PATH_INFO for nginx (PR2551) + - urlencode the custom port types (PR2597) + - Stop non-admin users from being able to get to settings pages (PR2627) + - Fix JpGraph php version compare (PR2631) - Discovery / Polling: - Pointed snmp calls for Huawei to correct MIB folder (PR2541) + - Fixed Ceph unix-agent support. (PR2588) + - Moved memory graphs from storage to memory polling (PR2616) + - Mask alert_log mysql output when debug is enabled to stop console crashes (PR2618) + - Stop Quanta devices being detected as Ubiquiti (PR2632) + - Fix MySQL unix-agent graphs (PR2645) + - Added MTA-MIB and NETWORK-SERVICES-MIB to stop warnings printed in poller debug (PR2653) + - Services: + - Fix SSL check for PHP 7 (PR2647) - Alerting: - Fix glue-expansion for alerts (PR2522) + - Fix HipChat transport (PR2586) - Documentation: - Removed duplicate mysql-client install from Debian/Ubuntu install docs (PR2543) + - Misc: + - Update daily.sh to ignore issues writing to log file (PR2595) #### Improvements - WebUI: - Converted sensors page to use bootgrid (PR2531) + - Added new widgets for dashboard. Notes (PR2582), Generic image (PR2617) + - Added config option to disable lazy loading of images (PR2589) + - Visual update to Navbar. (PR2593) + - Update alert rules to show actual alert rule ID (PR2603) + - Initial support added for per user default dashboard (PR2620) + - Updated Worldmap to show clusters in red if one device is down (PR2621) - Discovery / Polling - Added traffic bits as default for Cambium devices (PR2525) - Overwrite eth0 port data from UniFi MIBs for AirFibre devices (PR2544) + - Added lastupdate column to sensors table for use with alerts (PR2590,PR2592) + - Updated auto discovery via lldp to check for devices that use mac address in lldpRemPortId (PR2591) + - Updated auto discovery via lldp with absent lldpRemSysName (PR2619) - API: - Added ability to filter devices by type and os for Oxidized API call (PR2539) + - Added ability to update device information (PR2585) + - Added support for returning device groups (PR2611) + - Added ability to select port graphs based on ifDescr (PR2648) - Documentation: - Improved alerting docs explaining more options (PR2560) + - Added Docs for Ubuntu/Debian Smokeping integration (PR2610) - Added detection for: - Updated Netonix switch MIBs (PR2523) - Updated Fotinet MIBs (PR2529, PR2534) + - Cisco SG500 (PR2609) + - Updated processor support for Fortigate (PR2613) + - Misc: + - Updated validation to check for php extension and classes required (PR2602) + - Added Radius Authentication support (PR2615) + - Removed distinct() from alerts query to use indexes (PR2649) ### November 2015 From 5f4837cdb8154c6132d97a08ecb1a002e972cd64 Mon Sep 17 00:00:00 2001 From: laf Date: Mon, 21 Dec 2015 18:22:36 +0000 Subject: [PATCH 38/39] Did not update vars to _GET before submitting --- html/includes/api_functions.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index cbba6fbba5..8c4cf2817a 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -62,7 +62,7 @@ function get_graph_by_port_hostname() { $vars['to'] = $_GET['to']; } - if (!empty($vars['ifDescr']) == true) { + if ($_GET['ifDescr'] == true) { $port = 'ifDescr'; } else { From 5898d01bcdbfa361bbe48ceefddd7afd4bc6817d Mon Sep 17 00:00:00 2001 From: Rosiak Date: Mon, 21 Dec 2015 21:26:24 +0100 Subject: [PATCH 39/39] Add polling --- includes/polling/os/ligoos.inc.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 includes/polling/os/ligoos.inc.php diff --git a/includes/polling/os/ligoos.inc.php b/includes/polling/os/ligoos.inc.php new file mode 100644 index 0000000000..66f7b195fb --- /dev/null +++ b/includes/polling/os/ligoos.inc.php @@ -0,0 +1,15 @@ + + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation, either version 3 of the License, or (at your + * option) any later version. Please see LICENSE.txt at the top level of + * the source code distribution for details. + */ + +list($hardware,$version) = explode(',', $poll_device['sysDescr']); +preg_match('/(v[0-9\-\.]+)/', $version, $tmp_version); +$version = rtrim($tmp_version[0],'.');