Skip to content
Snippets Groups Projects
Commit 4dc80ef4 authored by Tomáš Plesník's avatar Tomáš Plesník
Browse files

odstranen SOAP z volani getClients.pl

parent d2cffbe6
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/warden-server/bin/getClients.pl
+ 45
18
View file @ 4dc80ef4
......@@ -9,17 +9,21 @@
use strict;
use Getopt::Std;
use File::Basename;
use DBI;
use DBD::mysql;
our $VERSION = "2.1";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenStatus.pm';
################################################################################
# GLOBAL VARIABLES
################################################################################
our $VERSION = "2.2";
my $filename = basename($0);
#-------------------------------------------------------------------------------
################################################################################
# Functions
#-------------------------------------------------------------------------------
################################################################################
sub usage {
print "Usage: $filename [without parameters]\n";
exit 1;
......@@ -50,9 +54,10 @@ sub trim
} # End of trim
#-------------------------------------------------------------------------------
################################################################################
# MAIN
#-------------------------------------------------------------------------------
################################################################################
our ($opt_h);
die usage unless getopts("h");
......@@ -69,23 +74,45 @@ if ($UID != 0) {
die errMsg("You must be root for running this script!")
}
# read config file
my $conf_file = "/opt/warden-server/etc/warden-server.conf"; # path is updated by install.sh
our $DB_NAME = undef;
our $DB_USER = undef;
our $DB_PASS = undef;
our $DB_HOST = undef;
unless (do $conf_file) {
die("Errors in config file '$conf_file': $@") if $@;
die("Can't read config file '$conf_file': $!") unless defined $_;
# if $_ defined, it's retvalue of last statement of conf, for which we don't care
}
# connect to DB
our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBH->errstr";
my @clients = WardenStatus::getClients($warden_path);
# obtain data from DB
my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;") or die "Cannot prepare statement: " . $DBH->errstr;
$sth->execute or die "Couldn't execute statement: " . $sth->errstr;
my @clients = $sth->fetchall_arrayref();
# print table of clients
print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Registered | Requestor | Service | CT | Type | ROE | Description tags | IP Net Client |\n";
print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
foreach (@clients) {
my @client = @$_;
foreach (@client) {
printf("| %-10s ", @$_[0] || "unknown");
printf("| %-30s ", @$_[1] || "unknown");
printf("| %19s ", @$_[2] || "unknown");
printf("| %-23s ", @$_[3] || "unknown");
printf("| %-25s ", @$_[4] || "unknown");
printf("| %-25s ", @$_[4] || "-");
printf("| %-2s ", @$_[5] || "unknown");
printf("| %-15s ", @$_[6] || "unknown");
printf("| %-4s ", @$_[7] || "unknown");
printf("| %-50s ", @$_[8] || "unknown");
printf("| %-15s ", @$_[6] || "-");
printf("| %-4s ", @$_[7] || "-");
printf("| %-50s ", @$_[8] || "-");
printf("| %-18s |\n", @$_[9] || "unknown");
}
}
print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "\n";
print "Current registered clients in: " . scalar localtime(time) . "\n";
......
src/warden-server/etc/warden-apache.conf
+ 6
5
View file @ 4dc80ef4
#
#
# warden-apache.conf - configuration file for the Apache server
#
......@@ -10,8 +11,8 @@ SSLOptions +StdEnvVars +ExportCertData
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/warden-dev.cesnet.cz.pem
SSLCertificateKeyFile /etc/ssl/private/warden-dev.cesnet.cz.key
SSLCertificateFile /etc/ssl/certs/warden-c.cesnet.cz.pem
SSLCertificateKeyFile /etc/ssl/private/warden-c.cesnet.cz.key
SSLCACertificateFile /etc/ssl/certs/tcs-ca-bundle.pem
PerlOptions +Parent
......
src/warden-server/etc/warden-client.conf
+ 6
6
View file @ 4dc80ef4
#
# warden-client.conf - configuration file for registration and status clients
# warden-client.conf - configuration file for the warden sender/receiver client
#
#-------------------------------------------------------------------------------
# URI - URI address of Warden server
#-------------------------------------------------------------------------------
$URI = "https://warden-dev.cesnet.cz:443/Warden";
$URI = "https://warden-c.cesnet.cz:443/Warden";
#-------------------------------------------------------------------------------
# SSL_KEY_FILE - path to server SSL certificate key file
# SSL_KEY_FILE - path to client SSL certificate key file
#-------------------------------------------------------------------------------
$SSL_KEY_FILE = "/etc/ssl/private/warden-dev.cesnet.cz.key";
$SSL_KEY_FILE = "/etc/ssl/private/warden-c.cesnet.cz.key";
#-------------------------------------------------------------------------------
# SSL_CERT_FILE - path to server SSL certificate file
# SSL_CERT_FILE - path to client SSL certificate file
#-------------------------------------------------------------------------------
$SSL_CERT_FILE = "/etc/ssl/certs/warden-dev.cesnet.cz.pem";
$SSL_CERT_FILE = "/etc/ssl/certs/warden-c.cesnet.cz.pem";
#-------------------------------------------------------------------------------
# SSL_CA_FILE - path to CA certificate file
......
src/warden-server/etc/warden-server.conf
+ 10
10
View file @ 4dc80ef4
......@@ -5,7 +5,7 @@
#-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server
#-------------------------------------------------------------------------------
$BASEDIR = '/opt/warden-server';
$BASEDIR = "/opt/warden-server";
#-------------------------------------------------------------------------------
# SYSLOG - enable/disable syslog logging
......@@ -20,38 +20,38 @@ $SYSLOG_VERBOSE = 1;
#-------------------------------------------------------------------------------
# SYSLOG_FACILITY - syslog facility
#-------------------------------------------------------------------------------
$SYSLOG_FACILITY = 'local7';
$SYSLOG_FACILITY = "local7";
#-------------------------------------------------------------------------------
# DB_NAME - MySQL database name of Warden server
#-------------------------------------------------------------------------------
$DB_NAME = 'warden';
$DB_NAME = "warden";
#-------------------------------------------------------------------------------
# DB_USER - MySQL database user of Warden server
#-------------------------------------------------------------------------------
$DB_USER = 'root';
$DB_USER = "root";
#-------------------------------------------------------------------------------
# DB_PASS - MySQL database password of Warden server
#-------------------------------------------------------------------------------
$DB_PASS = '';
$DB_PASS = "";
#-------------------------------------------------------------------------------
# DB_HOST - MySQL database host
#-------------------------------------------------------------------------------
$DB_HOST = 'localhost';
$DB_HOST = "localhost";
#-------------------------------------------------------------------------------
# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
# delivered to one client in one batch
#-------------------------------------------------------------------------------
$MAX_EVENTS_LIMIT = '1000000';
$MAX_EVENTS_LIMIT = 1000000;
#-------------------------------------------------------------------------------
# VALID_STRINGS - validation hash containing allowed event attributes
#-------------------------------------------------------------------------------
%VALID_STRINGS = (
'type' => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
'source_type' => ['IP', 'URL', 'Reply-To:']
"type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"],
"source_type" => ["IP", "URL", "Reply-To:"]
);
src/warden-server/lib/Warden.pm
+ 3
66
View file @ 4dc80ef4
......@@ -22,7 +22,7 @@ use Crypt::X509;
use SOAP::Lite;
use Carp;
our $VERSION = "2.2";
our $VERSION = "2.2-devel";
################################################################################
......@@ -631,70 +631,6 @@ sub unregisterClient
} # END of unregisterClient
#-----------------------------------------------------------------------------
# getClients - get list of clients which were registered at warden server
#-----------------------------------------------------------------------------
sub getClients
{
my ($class, $arg) = @_;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
my $function_name = 'getClients';
if ($local_ip ne $ip) {
sendMsg("err",
"Unauthorized access to function '$function_name' from: '$ip' ('$cn') - access allowed only from localhost",
"Access denied - access allowed only from localhost");
} else {
my (@clients, $client);
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute;
while ( my @result = $sth->fetchrow() ) {
$client_id = $result[0];
$hostname = $result[1];
$registered = $result[2];
$requestor = $result[3];
$service = $result[4];
$client_type = $result[5];
$type = $result[6];
$receive_own_events = $result[7];
$description_tags = $result[8];
$ip_net_client = $result[9];
$client = SOAP::Data->name(client => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(REGISTERED => $registered),
SOAP::Data->name(REQUESTOR => $requestor),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(CLIENT_TYPE => $client_type),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(RECEIVE_OWN_EVENTS => $receive_own_events),
SOAP::Data->name(DESCRIPTION_TAGS => $description_tags),
SOAP::Data->name(IP_NET_CLIENT => $ip_net_client),
));
push(@clients, $client);
}
my $sum = scalar @clients;
sendMsg("info",
"Sending information about '$sum' registered clients from $ENV{'SERVER_NAME'}",
undef);
return @clients;
}
} # END of getClients
#-----------------------------------------------------------------------------
# getStatus - get list of status items of warden server
#-----------------------------------------------------------------------------
......@@ -842,7 +778,8 @@ sub getStatus
#-------------------------------------------------------------------------------
# getClientInfo
# getClientInfo - get list of registered clients on Warden server
# by Warden client
#-------------------------------------------------------------------------------
sub getClientInfo
{
......
src/warden-server/lib/WardenStatus.pm
+ 0
45
View file @ 4dc80ef4
......@@ -71,51 +71,6 @@ sub c2s
}
#-------------------------------------------------------------------------------
# getClients - get list of registered clients
#-------------------------------------------------------------------------------
sub getClients
{
my $warden_path = shift;
my $etcdir = $warden_path . "/etc/";
my $libdir = $warden_path . "/lib/";
# read the config file
require $libdir . "WardenConf.pm";
my $conf_file = $etcdir . "warden-client.conf";
my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
# call method getClients on the Warden server
my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getClients");
# parse returned SOAP data object with clients
my @clients;
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my @response_list = $response->valueof('/Envelope/Body/getClientsResponse/client/');
while (scalar @response_list) {
my $response_data = shift(@response_list);
my @client;
$client_id = $response_data->{'CLIENT_ID'} ;
$hostname = $response_data->{'HOSTNAME'};
$registered = $response_data->{'REGISTERED'};
$requestor = $response_data->{'REQUESTOR'};
$service = defined $response_data->{'SERVICE'} ? $response_data->{'SERVICE'} : "-";
$client_type = $response_data->{'CLIENT_TYPE'};
$type = defined $response_data->{'TYPE'} ? $response_data->{'TYPE'} : "-";
$receive_own_events = defined $response_data->{'RECEIVE_OWN_EVENTS'} ? $response_data->{'RECEIVE_OWN_EVENTS'} : "-";
$description_tags = defined $response_data->{'DESCRIPTION_TAGS'} ? $response_data->{'DESCRIPTION_TAGS'} : "-";
$ip_net_client = $response_data->{'IP_NET_CLIENT'};
# push received clients from warden server into @clients which is returned
@client = ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
push (@clients,\@client);
}
return @clients;
} # End of getClients
#-------------------------------------------------------------------------------
# getStatus - get warden server status
#-------------------------------------------------------------------------------
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment