diff --git a/src/warden-server/etc/warden-watchdog.conf b/src/warden-server/etc/warden-watchdog.conf
index 6bfa3974a92e9c9ec5765af40e68abdd021cd161..0a355b21aac6081586e7c89e958d70b9fc74cddd 100644
--- a/src/warden-server/etc/warden-watchdog.conf
+++ b/src/warden-server/etc/warden-watchdog.conf
@@ -6,29 +6,24 @@
# Use of this source is governed by a BSD-style license, see LICENSE file.
#-------------------------------------------------------------------------------
-# domain_name - server full domain name
+# DOMAIN_NAME - server full domain name
#-------------------------------------------------------------------------------
-$domain_name = "warden-dev.cesnet.cz";
+$DOMAIN_NAME = "warden-dev.cesnet.cz";
#-------------------------------------------------------------------------------
-# contact - contact to server administrator
+# EMAIL_SUBJECT - subject of an report for Warden watchdog script
#-------------------------------------------------------------------------------
-$contact = "jakubcegan@cesnet.cz, ph@cesnet.cz";
+$EMAIL_SUBJECT = "Database check of a Warden server ($DOMAIN_NAME)";
#-------------------------------------------------------------------------------
-# email_subject - ...
+# EMAIL_SERVER_CONF - path and params of an email server for reports sending
#-------------------------------------------------------------------------------
-$email_subject = "Database check of a Warden server ($domain_name)";
+$EMAIL_SERVER_CONF = '|/usr/sbin/sendmail -oi -t';
#-------------------------------------------------------------------------------
-# email_server_conf - path and params of an email server for reports sending
+# SQL_PRECONDITION - array of procedures which are executed "before" main action
#-------------------------------------------------------------------------------
-$email_server_conf = '|/usr/sbin/sendmail -oi -t';
-
-#-------------------------------------------------------------------------------
-# sql_precondition - array of procedures which are executed "before" main action
-#-------------------------------------------------------------------------------
-@sql_precondition = ('DROP FUNCTION IF EXISTS iptest;', 'CREATE FUNCTION iptest(ip VARCHAR(15)) RETURNS TINYINT(1) DETERMINISTIC
+@SQL_PRECONDITION = ('DROP FUNCTION IF EXISTS iptest;', 'CREATE FUNCTION iptest(ip VARCHAR(15)) RETURNS TINYINT(1) DETERMINISTIC
BEGIN
SET @nip = INET_ATON(ip);
IF(
@@ -55,7 +50,7 @@ BEGIN
END;');
#-------------------------------------------------------------------------------
-# sql_queries - array of hashes of actions for the WardenWatchdog script.
+# SQL_QUERIES - array of hashes of actions for the WardenWatchdog script.
# Each action has three followin parts:
# query => sql query of an action (check) on Warden database
# text => body of an email which is send to a admin of an client
@@ -63,13 +58,13 @@ END;');
# contact => contact for message, which overrides contact collumn
# in a database table.
#-------------------------------------------------------------------------------
-@sql_queries = (
- {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "These clients do not report any events for a long time. It is possible, that they are misconfigured or not running.", contact => "$contact"},
- {query => "SELECT clients.* FROM clients JOIN events ON clients.service=events.service WHERE events.detected > '$date' AND NOT FIND_IN_SET(events.type, 'portscan,bruteforce,probe,spam,phishing,botnet_c_c,dos,malware,copyright,webattack,test,other') AND events.valid = 't' GROUP BY requestor;", text => "Following client(s) report unsupported or obsolete type of event to a Warden server.", contact => "$contact"},
- {query => "SELECT hostname, service, type, COUNT(*) FROM events WHERE detected - received > 0 AND received > '$date' GROUP BY hostname, service, type;", text => "Following client(s) report events to a Warden server with a timestamp from future. Server timestamp (received) has to be always greater or equal to a timestam of detection.", contact => "$contact"},
- {query => "SELECT hostname, service, received, source, count(source) AS c, min(received), max(received) FROM events WHERE valid = 't' AND source_type = 'IP' AND iptest(source) GROUP BY hostname, service, source ORDER BY c DESC;", text => "Following client(s) report events to a Warden server with a private or invalid IPv4 address.", contact => "$contact"});
+@SQL_QUERIES = (
+ {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "These clients do not report any events for a long time. It is possible, that they are misconfigured or not running.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT clients.* FROM clients JOIN events ON clients.service=events.service WHERE events.detected > '$date' AND NOT FIND_IN_SET(events.type, 'portscan,bruteforce,probe,spam,phishing,botnet_c_c,dos,malware,copyright,webattack,test,other') AND events.valid = 't' GROUP BY requestor;", text => "Following client(s) report unsupported or obsolete type of event to a Warden server.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT hostname, service, type, COUNT(*) FROM events WHERE detected - received > 0 AND received > '$date' GROUP BY hostname, service, type;", text => "Following client(s) report events to a Warden server with a timestamp from future. Server timestamp (received) has to be always greater or equal to a timestam of detection.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT hostname, service, received, source, count(source) AS c, min(received), max(received) FROM events WHERE valid = 't' AND source_type = 'IP' AND iptest(source) GROUP BY hostname, service, source ORDER BY c DESC;", text => "Following client(s) report events to a Warden server with a private or invalid IPv4 address.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"});
#-------------------------------------------------------------------------------
-# sql_postcondition - array of procedures which are executed "after" main action
+# SQL_POSTCONDITION - array of procedures which are executed "after" main action
#-------------------------------------------------------------------------------
-@sql_postcondition = ('DROP FUNCTION IF EXISTS iptest;');
+@SQL_POSTCONDITION = ('DROP FUNCTION IF EXISTS iptest;');
diff --git a/src/warden-server/lib/WardenCommon.pm b/src/warden-server/lib/WardenCommon.pm
index 0ef763d08e335ca80fac92981c68ed7ea076bc38..0f6f90d3baca1b87f07d5436ed85fa5123ec1a84 100755
--- a/src/warden-server/lib/WardenCommon.pm
+++ b/src/warden-server/lib/WardenCommon.pm
@@ -83,20 +83,20 @@ sub sendMsg
#-------------------------------------------------------------------------------
# loadConf - load configuration file
#-------------------------------------------------------------------------------
-sub loadConf
+sub loadConf
{
- my $conf_file = shift;
+ my $conf_file = shift;
- our $BASEDIR = undef;
- our $SYSLOG = undef;
- our $SYSLOG_VERBOSE = undef;
- our $SYSLOG_FACILITY = undef;
+ our $BASEDIR = undef;
+ our $SYSLOG = undef;
+ our $SYSLOG_VERBOSE = undef;
+ our $SYSLOG_FACILITY = undef;
our $DB_NAME = undef;
our $DB_USER = undef;
our $DB_PASS = undef;
our $DB_HOST = undef;
- our $MAX_EVENTS_LIMIT = 1000000;
- our %VALID_STRINGS = ();
+ our $MAX_EVENTS_LIMIT = 1000000;
+ our %VALID_STRINGS = ();
unless (do $conf_file) {
die("Errors in config file '$conf_file': $@") if $@;
die("Can't read config file '$conf_file': $!") unless defined $_;
@@ -110,10 +110,10 @@ sub loadConf
#-------------------------------------------------------------------------------
sub connectDB
{
- my $db_name = shift;
- my $db_host = shift;
- my $db_user = shift;
- my $db_pass = shift;
+ my $db_name = shift;
+ my $db_host = shift;
+ my $db_user = shift;
+ my $db_pass = shift;
my $dbh = DBI->connect("DBI:mysql:database=$db_name;host=$db_host",$db_user, $db_pass, {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database '$db_name' at '$db_host': $DBI::errstr";
return $dbh;