Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • Pavel.Valach/warden
1 result
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 0 additions and 2915 deletions
src/warden-server/bin/getClients.pl deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl -w
#
# getClients.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use File::Basename;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenStatus.pm';
my $filename = basename($0);
#-------------------------------------------------------------------------------
# Functions
#-------------------------------------------------------------------------------
sub usage {
print "Usage: $filename [without parameters]\n";
exit 1;
}
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
our ($opt_h);
die usage unless getopts("h");
my $help = $opt_h;
# catch help param
if ($help) {
usage;
}
# superuser controle
my $UID = $<;
if ($UID != 0) {
die errMsg("You must be root for running this script!")
}
my @clients = WardenStatus::getClients($warden_path);
print "+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Registered | Requestor | Service | CT | Type | ROE | Description tags | IP Net Client |\n";
print "+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
foreach (@clients) {
printf("| %-10s ", @$_[0]);
printf("| %-30s ", @$_[1]);
printf("| %19s ", @$_[2]);
printf("| %-10s ", @$_[3]);
printf("| %-20s ", @$_[4]);
printf("| %-2s ", @$_[5]);
printf("| %-15s ", @$_[6]);
printf("| %-4s ", @$_[7]);
printf("| %-30s ", @$_[8]);
printf("| %-18s |\n", @$_[9]);
}
print "+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "\n";
print "Current registered clients in: " . scalar localtime(time) . "\n";
exit 0;
src/warden-server/bin/getStatus.pl deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl -w
#
# getStatus.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use File::Basename;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenStatus.pm';
my $filename = basename($0);
#-------------------------------------------------------------------------------
# Functions
#-------------------------------------------------------------------------------
sub usage {
print "Usage: $filename [without parameters]\n";
exit 1;
}
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
our ($opt_h);
die usage unless getopts("h");
my $help = $opt_h;
# catch help param
if ($help) {
usage;
}
# superuser controle
my $UID = $<;
if ($UID != 0) {
die errMsg("You must be root for running this script!")
}
my @status = WardenStatus::getStatus($warden_path);
# take and remove first element of array @status and save it into $server_status_ref
my $server_status_ref = shift(@status);
my @server_status = @$server_status_ref;
print "Warden server variables:\n";
print "========================\n";
print "SERVER_VERSION:\t\t$server_status[0]\n";
print "HOSTNAME:\t\t$server_status[1]\n";
print "IP_ADDRESS:\t\t$server_status[2]\n";
print "PORT:\t\t\t$server_status[3]\n";
print "DB_NAME:\t\t$server_status[4]\n";
print "DB_USER:\t\t$server_status[5]\n";
print "DB_HOST:\t\t$server_status[6]\n";
print "SYSLOG_FACILITY:\t$server_status[7]\n";
print "\n";
print "Warden server status:\n";
print "=====================\n";
print "Database size:\t\t\t$server_status[8]\n";
print "Count of saved events:\t\t$server_status[9]\n";
print "Last ID in events table:\t$server_status[10]\n";
print "Time of first inserted event:\t$server_status[11] (UTC)\n";
print "Time of latest inserted event:\t$server_status[12] (UTC)\n";
print "Count of registered clients:\t$server_status[13]\n";
print "\n";
# check if sum of registered client isn't 0
if ($server_status[13] != 0) {
print "Statistics of registered senders:\n";
print "+-----------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Service | Stored events | Last insertion (UTC) |\n";
print "+-----------------------------------------------------------------------------------------------------------+\n";
foreach my $client_status_ref (@status){
my @client_status = @$client_status_ref;
printf("| %-10s ", $client_status[0]);
printf("| %-30s ", $client_status[1]);
printf("| %-20s ", $client_status[2]);
printf("| %-13s ", $client_status[3]);
printf("| %-20s |\n", $client_status[4]);
}
print "+-----------------------------------------------------------------------------------------------------------+\n";
print "\n";
}
print "Current server status in:\t" . scalar localtime(time) . "\n";
exit 0;
src/warden-server/bin/getWebStatus.sh deleted 100755 → 0
View file @ abbf07a9
#!/bin/bash
DB_NAME=`cat /opt/warden-server/etc/warden-server.conf | grep '$DB_NAME' | sed 's/[";]//g' |awk '{print $3}'`
DB_USER=`cat /opt/warden-server/etc/warden-server.conf | grep '$DB_USER' | sed 's/[";]//g' |awk '{print $3}'`
DB_PASS=`cat /opt/warden-server/etc/warden-server.conf | grep '$DB_PASS' | sed 's/[";]//g' |awk '{print $3}'`
DB_HOST=`cat /opt/warden-server/etc/warden-server.conf | grep '$DB_HOST' | sed 's/[";]//g' |awk '{print $3}'`
echo "DB_NAME: $DB_NAME"
echo "DB_USER: $DB_USER"
#echo "DB_PASS: $DB_PASS"
echo "DB_HOST: $DB_HOST"
echo
echo "DB status:"
echo "----------"
echo "SELECT FROM_UNIXTIME( UNIX_TIMESTAMP( received ) - ( UNIX_TIMESTAMP( received ) % ( 60 ) ) ) AS t, COUNT( id ) FROM events GROUP BY t" | mysql -h $DB_HOST --user=$DB_USER $DB_NAME --password=$DB_PASS
echo
echo "apache2ctl status:"
echo "------------------"
apache2ctl status
echo
echo "uptime:"
echo "-------"
uptime
echo
echo -n klientu: ; netstat -nlpa | grep :443 | grep ESTA | wc -l;
echo -n FIN:; netstat | grep WAIT2 | wc -l
src/warden-server/bin/registerReceiver.pl deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl -w
#
# registerReceiver.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use Switch;
use File::Basename;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
my $filename = basename($0);
#-------------------------------------------------------------------------------
# Functions
#-------------------------------------------------------------------------------
sub usage {
print "Usage: $filename [-h -o -n <hostname> -r <requestor> -t <type> -i <ip_net_client>]\n";
exit 1;
}
sub help {
print "$filename [-h -o -n <hostname> -r <requestor> -t <type> -i <ip_net_client>]\n";
print "-h print this text and exit\n";
print "-n hostname of receiver\n";
print "-r client registration requestor\n";
print "-t type of received events\n";
print "-o enable receiving of own events\n";
print "-i CIDR of receiver\n";
exit 0;
}
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
our ($opt_n, $opt_r, $opt_t, $opt_o, $opt_i, $opt_h);
if ($#ARGV == -1) {usage}
die usage unless getopts("n:r:t:i:ho");
my $hostname = $opt_n;
my $requestor = $opt_r;
my $type = $opt_t;
my $ip_net_client = $opt_i;
my $help = $opt_h;
my $receive_own_events = "f";
if ($opt_o) {
$receive_own_events = "t";
}
# catch help param
if ($help) {
help;
}
if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
die errMsg("Enter correct IP in CIDR format!");
}
# superuser controle
my $UID = $<;
if ($UID != 0) {die errMsg("You must be root for running this script!")}
# check parameters definition
switch () {
case {!defined $hostname} { print "ERROR: Parameter 'hostname' is not defined!\n"; exit 1; }
case {!defined $requestor} { print "ERROR: Parameter 'requestor' is not defined!\n"; exit 1; }
case {!defined $type} { print "ERROR: Parameter 'type' is not defined!\n"; exit 1; }
case {!defined $receive_own_events} { print "ERROR: Parameter 'receive_own_events' is not defined!\n"; exit 1; }
case {!defined $ip_net_client} { print "ERROR: Parameter 'ip_net_client' is not defined!\n"; exit 1; }
}
my $return = WardenReg::registerReceiver($warden_path, $hostname, $requestor, $type, $receive_own_events, $ip_net_client);
$return ? print "Registration of $hostname was SUCCESSFUL...\n" : print "Registration of $hostname FAILED!\n";
exit 0;
src/warden-server/bin/registerSender.pl deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl -w
#
# registerSender.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use Switch;
use File::Basename;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
my $filename = basename($0);
#-------------------------------------------------------------------------------
# Functions
#-------------------------------------------------------------------------------
sub usage {
print "Usage: $filename [-h -n <hostname> -r <requestor> -s <service> -d <description_tags> -i <ip_net_client>]\n";
exit 1;
}
sub help {
print "$filename [-h -n <hostname> -r <requestor> -s <service> -d <description_tags> -i <ip_net_client>]\n";
print "-h print this text and exit\n";
print "-n hostname of sender\n";
print "-r client registration requestor\n";
print "-s name of service which sent events\n";
print "-d description tags of send events\n";
print "-i CIDR of sender\n";
exit 0;
}
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
our ($opt_n, $opt_r, $opt_s, $opt_d, $opt_i, $opt_h);
if ($#ARGV == -1) {usage}
die usage unless getopts("n:r:s:d:i:h");
my $hostname = $opt_n;
my $requestor = $opt_r;
my $service = $opt_s;
my $description_tags = $opt_d;
my $ip_net_client = $opt_i;
my $help = $opt_h;
# catch help param
if ($help) {
help;
}
if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
die errMsg("Enter correct IP in CIDR format!");
}
# superuser controle
my $UID = $<;
if ($UID != 0) {die errMsg("You must be root for running this script!")}
# check parameters definition
switch () {
case {!defined $hostname} { print "ERROR: Parameter 'hostname' is not defined!\n"; exit 1; }
case {!defined $requestor} { print "ERROR: Parameter 'requestor' is not defined!\n"; exit 1; }
case {!defined $service} { print "ERROR: Parameter 'service' is not defined!\n"; exit 1; }
case {!defined $description_tags} { print "ERROR: Parameter 'description_tags' is not defined!\n"; exit 1; }
case {!defined $ip_net_client} { print "ERROR: Parameter 'ip_net_client' is not defined!\n"; exit 1; }
}
# register sender at warden server
my $return = WardenReg::registerSender($warden_path, $hostname, $requestor, $service, $description_tags, $ip_net_client);
$return ? print "Registration of $hostname was SUCCESSFUL...\n" : print "Registration of $hostname FAILED!\n";
exit 0;
src/warden-server/bin/unregisterClient.pl deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl -w
#
# unregisterClient.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use Switch;
use File::Basename;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
my $filename = basename($0);
#-------------------------------------------------------------------------------
# Functions
#-------------------------------------------------------------------------------
sub usage {
print "Usage: $filename [-h -i <client_id>]\n";
exit 1;
}
sub help {
print "$filename [-h -i <client_id>]\n";
print "-h print this text and exit\n";
print "-i client_id for unregistration\n";
exit 0;
}
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
our ($opt_h, $opt_i);
if ($#ARGV == -1) {usage}
die usage unless getopts("i:h");
my $client_id = $opt_i;
my $help = $opt_h;
# catch help param
if ($help) {
help;
}
# superuser controle
my $UID = $<;
if ($UID != 0) {die errMsg("You must be root for running this script!")}
# check parameters definition
if (!defined $client_id) {
print "ERROR: Parameter 'client_id' is not defined!\n";
exit 1;
}
my $return = WardenReg::unregisterClient($warden_path, $client_id);
$return ? print "Unregistration of client (#$client_id) was SUCCESSFUL...\n" : print "Unregistration of client (# $client_id) FAILED!\n";
exit 0;
src/warden-server/bin/warden-alive deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl
# Pri pouziti Apache + mod_perl se tento soubor nepouziva
#
# warden-alive
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
# Author(s): Jan Mach <jan.mach@cesnet.cz>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# This software is provided ``as is'', and any express or implied
# warranties, including, but not limited to, the implied warranties of
# merchantability and fitness for a particular purpose are disclaimed.
# In no event shall the Cesnet z.s.p.o or contributors be liable for
# any direct, indirect, incidental, special, exemplary, or consequential
# damages (including, but not limited to, procurement of substitute
# goods or services; loss of use, data, or profits; or business
# interruption) however caused and on any theory of liability, whether
# in contract, strict liability, or tort (including negligence or
# otherwise) arising in any way out of the use of this software, even
# if advised of the possibility of such damage.
our $VERSION = "0.1";
my $rv = `ps aux | grep "/usr/bin/perl -w /opt/warden-server/bin/warden-server.pl" | grep -v grep | grep -v process-alive | wc -l`;
if ($rv) {
print "WARDEN OK: Warden server is running\n";
}
else {
print "WARDEN CRITICAL: Warden server is not running\n";
};
src/warden-server/bin/warden-server.pl deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl -w
# Pri pouziti Apache + mod_perl se tento soubor nepouziva
#
# warden-server.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
# Jan SOUKAL <soukal@ics.muni.cz>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# This software is provided ``as is'', and any express or implied
# warranties, including, but not limited to, the implied warranties of
# merchantability and fitness for a particular purpose are disclaimed.
# In no event shall the Cesnet z.s.p.o or contributors be liable for
# any direct, indirect, incidental, special, exemplary, or consequential
# damages (including, but not limited to, procurement of substitute
# goods or services; loss of use, data, or profits; or business
# interruption) however caused and on any theory of liability, whether
# in contract, strict liability, or tort (including negligence or
# otherwise) arising in any way out of the use of this software, even
# if advised of the possibility of such damage.
package Warden;
use strict;
use SOAP::Lite;
use SOAP::Transport::TCP;
use File::Pid;
use POSIX;
use DBI;
use Format::Human::Bytes;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use File::Basename;
use FindBin;
use Data::Dumper;
use Net::CIDR::Lite;
use DateTime;
our $VERSION = "0.1";
################################################################################
# CONFIG FILE VARIABLES
################################################################################
my $script_name = $FindBin::Script;
my $conf_file = "/opt/warden-server/etc/warden-server.conf";
# first declaration of globa variables from config file
our $ADDRESS = undef;
our $PORT = undef;
our $LOGDIR = undef;
our $PIDDIR = undef;
our $VARDIR = undef;
our $SSL_KEY_FILE = undef;
our $SSL_CERT_FILE = undef;
our $SSL_CA_FILE = undef;
our $FACILITY = undef;
# read config file
if ( ! open( TMP, $conf_file) ) {
die errMsg("Can't read config file '$conf_file': $!\n");
}
close TMP;
# load set variables by user
if ( !do $conf_file ) {
die errMsg("Errors in config file '$conf_file': $@");
}
################################################################################
# VARIABLES
################################################################################
my $die_now = 0;
# PID path
my $pid_file = $PIDDIR . $script_name . ".pid";
# DB file
my $db_file = "warden.db";
my $db = $VARDIR . $db_file;
# connect to DB - DBH is GLOBAL variable
my $dbargs = {AutoCommit => 0, PrintError => 1};
our $DBH = DBI->connect("dbi:SQLite:dbname=$db","","",$dbargs) or die errMsg("Can't connect to DB: $!");
#our $DBH = DBI->connect("DBI:mysql:database=warden;host=localhost", "root", "", {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBI::errstr";
################################################################################
# LOCAL FUNCTIONS
################################################################################
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# write2log - writing message to syslog
#-------------------------------------------------------------------------------
sub write2log
{
my $priority = shift;
my $msg = shift;
my $filename = File::Basename::basename($0);
Sys::Syslog::openlog($filename, "cons,pid", $FACILITY);
Sys::Syslog::syslog("$priority", "$msg");
Sys::Syslog::closelog();
} # End of write2log
#-------------------------------------------------------------------------------
# signalHandler - catch signals and end the program if one is caught.
#-------------------------------------------------------------------------------
sub signalHandler
{
$die_now = 1; # this will cause the "infinite loop" to exit
} # End of signalHandler
#-------------------------------------------------------------------------------
# sslErrorHandler - handle errors in SSL negitiation
#-------------------------------------------------------------------------------
sub sslErrorHandler
{
my $socket = shift;
my $msg = shift;
my $ip = $socket->peerhost;
print $socket $msg;
$socket->close;
write2log ("err", "Caught SSL handshake error from $ip: $msg");
return 1;
} # End of sslErrorHandler
#-------------------------------------------------------------------------------
# altNamesFilter - parse hostnames from subjectAltNames array for SQL
# IN operator in database query
#-------------------------------------------------------------------------------
sub altNamesFilter
{
my $alt_names_array_ref = shift;
my @alt_names_array = @$alt_names_array_ref;
our $CN;
my @an_array;
push @an_array, $DBH->quote($CN);
my $i = 1;
while ($i <= scalar @alt_names_array) {
push @an_array, $DBH->quote($alt_names_array[$i]);
$i+=2;
}
my $an_filter = join(',', @an_array);
return $an_filter;
}
################################################################################
# SOAP Functions
################################################################################
#-----------------------------------------------------------------------------
# saveNewEvent - save new received event into database
#-----------------------------------------------------------------------------
sub saveNewEvent
{
my ($class, $data) = @_;
my ($sth, $cidr_list);
# variables defined by server
our $IP; # IP address of sender
our $CN; # common name of sender
our $AN_FILTER; # alternate names of sender
my $cn_db = $DBH->quote($CN);
# variables defined by server
my $client_type = "s"; # incoming client MUST be sender
my $client_type_db = $DBH->quote($client_type);
my $valid = "t"; # registered sender has valid events
my $valid_db = $DBH->quote($valid);
my $received = DateTime->now; # time of event delivery (UTC)
my $received_db = $DBH->quote($received);
# parse object (event) parameters
my $service = $data->{'SERVICE'};
my $service_db = $DBH->quote($service);
my $detected = $data->{'DETECTED'};
my $detected_db = $DBH->quote($detected);
my $type = $data->{'TYPE'};
my $type_db = $DBH->quote($type);
my $source_type = $data->{'SOURCE_TYPE'};
my $source_type_db = $DBH->quote($source_type);
my $source = $data->{'SOURCE'};
my $source_db = $DBH->quote($source);
my $target_proto = $data->{'TARGET_PROTO'};
my $target_proto_db = $DBH->quote($target_proto);
my $target_port = $data->{'TARGET_PORT'};
my $target_port_db = $DBH->quote($target_port);
my $attack_scale = $data->{'ATTACK_SCALE'};
my $attack_scale_db = $DBH->quote($attack_scale);
my $note = $data->{'NOTE'};
my $note_db = $DBH->quote($note);
my $priority = $data->{'PRIORITY'};
my $priority_db = $DBH->quote($priority);
my $timeout = $data->{'TIMEOUT'};
my $timeout_db = $DBH->quote($timeout);
# Authorization of incomming client
#-----------------------------------------------------------------------------
# obtain cidr based on rigth common name and alternate names, service and client_type
# $sth = $DBH->prepare("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND service = $service_db AND client_type = $client_type_db limit 1;");
# if ( !defined $sth ) {die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
# $sth->execute;
# my ($an, $cidr) = $sth->fetchrow();
# # check if client is registered
# if (!defined $cidr) {
# write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - client is not registered");
# die("Access denied - client is not registered at warden server!");
# } else {
# $cidr_list = Net::CIDR::Lite
# -> new
# -> add($cidr);
# }
# check if client has IP from registered CIDR
# if (!$cidr_list->bin_find($IP)) {
# write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
# die("Access denied - access from bad subnet!");
# } else {
{
# insert new event
$DBH->do("INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
if ($DBH->err()) {die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n")}
#$DBH->commit();
# log last inserted ID
$sth = $DBH->prepare("SELECT last_insert_rowid()");
if ( !defined $sth ) {die("Cannot prepare last ID statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my $id= $sth->fetchrow();
write2log ("info", "Stored new event (#$id) from $IP (CN: $CN; AN: )");
if (! defined $id) {
write2log ("err", "Event from $IP ($CN) was not save: INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
die("Event was not save at warden server - database return empty ID!");
} else {
return 1;
}
}
} # END of saveNewEvent
#-----------------------------------------------------------------------------
# getNewEvents - get new events from the DB greater than received ID
#-----------------------------------------------------------------------------
sub getNewEvents
{
my ($class, $data) = @_;
my ($sth, @events, $event, @ids);
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
# variables defined by server
our $IP; # IP address of receiver
our $CN; # common name of receiver
our $AN_FILTER; # alternate name of receiver
my $cn_db = $DBH->quote($CN);
my $client_type = "r"; # incoming client MUST be sender
my $client_type_db = $DBH->quote($client_type);
my $cidr_list;
# parse SOAP data object
my $requested_type = $data->{'REQUESTED_TYPE'};
my $requested_type_db = $DBH->quote($requested_type);
my $last_id = $data->{'LAST_ID'};
my $last_id_db = $DBH->quote($last_id);
# Authorization of incomming client
#-----------------------------------------------------------------------------
# obtain cidr based on rigth common name, service and client_type
$sth = $DBH->prepare("SELECT hostname, receive_own_events, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND type = $requested_type_db AND client_type = $client_type_db limit 1;");
if ( !defined $sth ) {die("Cannot prepare authorization statement in getNewEvents: $DBI::errstr\n")}
$sth->execute;
my ($an, $receive_own_events, $cidr) = $sth->fetchrow();
# check if client is registered
if (!defined $cidr) {
write2log ("err", "Unauthorized access to getNewEvents from: $IP (CN: $CN; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
-> new
-> add($cidr);
}
# check if client has IP from registered CIDR
if (!$cidr_list->bin_find($IP)) {
write2log ("err", "Unauthorized access to getNewEvents from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
die("Access denied - access from bad subnet!");
} else {
# check if client want your own events or not
if ($receive_own_events eq 't') {
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' ORDER BY id ASC;");
} else {
my ($domain) = $CN =~ /([^\.]+\.[^\.]+)$/;
my $domain_db = $DBH->quote("%$domain");
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' AND hostname NOT LIKE $domain_db ORDER BY id ASC;");
}
if ( !defined $sth ) { die("Cannot prepare statement in getNewEvents: $DBI::errstr\n") }
$sth->execute;
# parse items of events stored in DB
while (my @result = $sth->fetchrow()) {
$id = $result[0];
$hostname = $result[1];
$service = $result[2];
$detected = $result[3];
$type = $result[5];
$source_type = $result[6];
$source = $result[7];
$target_proto = $result[8];
$target_port = $result[9];
$attack_scale = $result[10];
$note = $result[11];
$priority = $result[12];
$timeout = $result[13];
# create SOAP data object
$event = SOAP::Data->name(event => \SOAP::Data->value(
SOAP::Data->name(ID => $id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(DETECTED => $detected),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(SOURCE_TYPE => $source_type),
SOAP::Data->name(SOURCE => $source),
SOAP::Data->name(TARGET_PROTO => $target_proto),
SOAP::Data->name(TARGET_PORT => $target_port),
SOAP::Data->name(ATTACK_SCALE => $attack_scale),
SOAP::Data->name(NOTE => $note),
SOAP::Data->name(PRIORITY => $priority),
SOAP::Data->name(TIMEOUT => $timeout)
));
push(@events, $event);
push(@ids, $id);
}
# log sent ID of events
if (scalar(@events)!=0) {
write2log("info", "Sent events with ID: [@ids] to $IP (CN: $CN; AN: $an)");
}
return @events;
}
} # END of getNewEvents
#-----------------------------------------------------------------------------
# getLastId - get lastest saved event ID
#-----------------------------------------------------------------------------
sub getLastId
{
my ($class, $arg) = @_;
my $sth = $DBH->prepare("SELECT max(id) FROM events;");
if ( !defined $sth ) { die("Cannot prepare statement in getLastId: $DBI::errstr\n") }
$sth->execute;
my $result = $sth->fetchrow();
return $result;
} # END of getLastID
#-----------------------------------------------------------------------------
# registerSender - register new sender
#-----------------------------------------------------------------------------
sub registerSender
{
my ($class, $data) = @_;
my $sth;
our $IP;
our $LOCAL_IP;
our $CN;
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to registerSender from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# defined variables by server
my $client_type = "s";
my $client_type_db = $DBH->quote($client_type);
my $registered = DateTime->now;
my $registered_db = $DBH->quote($registered);
my $type = "null";
my $type_db = $DBH->quote($type);
my $receive_own_events = "null";
my $receive_own_events_db = $DBH->quote($receive_own_events);
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $hostname_db = $DBH->quote($hostname);
my $requestor = $data->{'REQUESTOR'};
my $requestor_db = $DBH->quote($requestor);
my $service = $data->{'SERVICE'};
my $service_db = $DBH->quote($service);
my $description_tags = $data->{'DESCRIPTION_TAGS'};
my $description_tags_db = $DBH->quote($description_tags);
my $ip_net_client = $data->{'IP_NET_CLIENT'};
my $ip_net_client_db = $DBH->quote($ip_net_client);
# check if sender has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = $hostname_db AND requestor = $requestor_db AND service = $service_db AND client_type = $client_type_db AND type = $type_db AND receive_own_events = $receive_own_events_db AND description_tags = $description_tags_db AND ip_net_client = $ip_net_client_db;");
if ( !defined $sth ) {die("Cannot prepare check statement in registerSender: $DBI::errstr\n")}
$sth->execute;
my $result = $sth->fetchrow();
# register new sender
if (defined $result) {
write2log ("err", "Attempt to re-register the sender");
die("Error - sender has already been registered at $result");
} else {
$DBH->do("INSERT INTO clients VALUES (null,$hostname_db,$registered_db,$requestor_db,$service_db,$client_type_db,$type_db,$receive_own_events_db,$description_tags_db,$ip_net_client_db);");
if ($DBH->err()) {die("Cannot do statement in registerSender: $DBI::errstr\n")}
$DBH->commit();
write2log("info", "New sender $hostname (service: $service, cidr: $ip_net_client) was registered");
return 1;
}
}
} # END of registerSender
#-----------------------------------------------------------------------------
# registerReceiver - register new receiver
#-----------------------------------------------------------------------------
sub registerReceiver
{
my ($class, $data) = @_;
my $sth;
our $IP;
our $LOCAL_IP;
our $CN;
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to registerReceiver from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# variables defined by server
my $client_type = "r";
my $client_type_db = $DBH->quote($client_type);
my $registered = DateTime->now;
my $registered_db = $DBH->quote($registered);
my $service = "null";
my $service_db = $DBH->quote($service);
my $description_tags = "null";
my $description_tags_db = $DBH->quote($description_tags);
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $hostname_db = $DBH->quote($hostname);
my $requestor = $data->{'REQUESTOR'};
my $requestor_db = $DBH->quote($requestor);
my $type = $data->{'TYPE'};
my $type_db = $DBH->quote($type);
my $receive_own_events = $data->{'RECEIVE_OWN_EVENTS'};
my $receive_own_events_db = $DBH->quote($receive_own_events);
my $ip_net_client = $data->{'IP_NET_CLIENT'};
my $ip_net_client_db = $DBH->quote($ip_net_client);
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = $hostname_db AND requestor = $requestor_db AND service = $service_db AND client_type = $client_type_db AND type = $type_db AND receive_own_events = $receive_own_events_db AND description_tags = $description_tags_db AND ip_net_client = $ip_net_client_db;");
if ( !defined $sth ) {die("Cannot prepare check statement in registerReceiver: $DBI::errstr\n")}
$sth->execute;
my $result = $sth->fetchrow();
# register new receiver
if (defined $result) {
write2log ("err", "Attempt to re-register the receiver");
die("Error - receiver has already been registered at $result");
} else {
$DBH->do("INSERT INTO clients VALUES (null,$hostname_db,$registered_db,$requestor_db,$service_db,$client_type_db,$type_db,$receive_own_events_db,$description_tags_db,$ip_net_client_db);");
if ($DBH->err()) {die("Cannot do statement in registerReceiver: $DBI::errstr\n")}
$DBH->commit();
write2log("info", "New receiver $hostname (type: $type, cidr: $ip_net_client: receive_own_events: $receive_own_events) was registered");
return 1;
}
}
} # END of registerReceiver
#-----------------------------------------------------------------------------
# unregisterClient - unregister client
#-----------------------------------------------------------------------------
sub unregisterClient
{
my ($class, $data) = @_;
my $sth;
our $IP;
our $LOCAL_IP;
our $CN;
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to unregisterClients from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# parse SOAP data oject
my $client_id = $data->{'CLIENT_ID'};
my $client_id_db = $DBH->quote($client_id);
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT client_id, hostname, service, client_type FROM clients WHERE client_id = $client_id_db;");
if ( !defined $sth ) {die("Cannot prepare check statement in unregisterClient: $DBI::errstr\n")}
$sth->execute;
my ($id, $hostname, $service, $client_type) = $sth->fetchrow();
my $hostname_db = $DBH->quote($hostname);
my $service_db = $DBH->quote($service);
# delete registered client
if (!defined $id) {
write2log ("err", "Attempt to delete unregister client");
die("Error - client (#$client_id) is not registered");
} else {
if ($client_type eq 's') {
$DBH->do("DELETE FROM clients WHERE client_id = $client_id_db;");
if ($DBH->err()) {die("Cannot do delete statement of sender in unregisterClient: $DBI::errstr\n")}
$DBH->commit();
$DBH->do("UPDATE events SET valid = 'f' where hostname = $hostname_db AND service = $service_db;");
if ($DBH->err()) {die("Cannot do unvalidation statement in unregisterClient: $DBI::errstr\n")}
$DBH->commit();
write2log("info", "Sender $hostname (client_id: $client_id, service: $service) was deleted and its data were invalidated" );
return 1;
} else {
$DBH->do("DELETE FROM clients WHERE client_id = $client_id_db;");
if ($DBH->err()) {die("Cannot do delete statement of receiver in unregisterClient: $DBI::errstr\n")}
$DBH->commit();
write2log("info", "Receiver $hostname (client_id: $client_id) was deleted" );
return 1;
}
}
}
} # END of unregisterClient
#-----------------------------------------------------------------------------
# getClients - get list of clients which were registered at warden server
#-----------------------------------------------------------------------------
sub getClients
{
my ($class, $arg) = @_;
our $IP;
our $LOCAL_IP;
our $CN;
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to getClients from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my (@clients, $client);
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $sth = $DBH->prepare("SELECT * FROM clients;");
if (!defined $sth) { die("Cannot prepare statement in getClients: $DBI::errstr\n") }
$sth->execute;
while ( my @result = $sth->fetchrow() ) {
$client_id = $result[0];
$hostname = $result[1];
$registered = $result[2];
$requestor = $result[3];
$service = $result[4];
$client_type = $result[5];
$type = $result[6];
$receive_own_events = $result[7];
$description_tags = $result[8];
$ip_net_client = $result[9];
$client = SOAP::Data->name(client => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(REGISTERED => $registered),
SOAP::Data->name(REQUESTOR => $requestor),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(CLIENT_TYPE => $client_type),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(RECEIVE_OWN_EVENTS => $receive_own_events),
SOAP::Data->name(DESCRIPTION_TAGS => $description_tags),
SOAP::Data->name(IP_NET_CLIENT => $ip_net_client),
));
push(@clients, $client);
}
my $sum = scalar @clients;
write2log("info", "Sending information about $sum registered clients");
return @clients;
}
} # END of getClients
#-----------------------------------------------------------------------------
# getStatus - get list of status items of warden server
#-----------------------------------------------------------------------------
sub getStatus
{
my ($class, $arg) = @_;
our $IP;
our $LOCAL_IP;
our $CN;
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to getStatus from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my ($sth, @status);
# size of database events
my $db_size = Format::Human::Bytes::base10(-s $db);
# sum of records in table events
$sth = $DBH->prepare("SELECT count(*) FROM events WHERE valid = 't';");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_sum = $sth->fetchrow();
if (!defined $events_sum) { $events_sum = "none" }
# id of last record in table events
$sth = $DBH->prepare("SELECT max(id) FROM events;");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_last_id = $sth->fetchrow();
if (!defined $events_last_id) { $events_last_id = "none" }
# timestamp of first record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events);");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_first_timestamp = $sth->fetchrow();
if (!defined $events_first_timestamp) { $events_first_timestamp = "none" }
# timestamp of last record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events);");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_last_timestamp = $sth->fetchrow();
if (!defined $events_last_timestamp) { $events_last_timestamp = "none" }
# sum of records in table clients
$sth = $DBH->prepare("SELECT count(*) FROM clients;");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $clients_sum = $sth->fetchrow();
if (!defined $clients_sum) { $clients_sum = "none" }
my $server_status = SOAP::Data->name(server_status => \SOAP::Data->value(
SOAP::Data->name(VERSION => $VERSION),
SOAP::Data->name(ADDRESS => $ADDRESS),
SOAP::Data->name(PORT => $PORT),
SOAP::Data->name(LOGDIR => $LOGDIR),
SOAP::Data->name(PIDDIR => $PIDDIR),
SOAP::Data->name(VARDIR => $VARDIR),
SOAP::Data->name(SSL_KEY_FILE => $SSL_KEY_FILE),
SOAP::Data->name(SSL_CERT_FILE => $SSL_CERT_FILE),
SOAP::Data->name(SSL_CA_FILE => $SSL_CA_FILE),
SOAP::Data->name(FACILITY => $FACILITY),
SOAP::Data->name(DB_SIZE => $db_size),
SOAP::Data->name(EVENTS_SUM => $events_sum),
SOAP::Data->name(EVENTS_LAST_ID => $events_last_id),
SOAP::Data->name(EVENTS_FIRST_TIMESTAMP => $events_first_timestamp),
SOAP::Data->name(EVENTS_LAST_TIMESTAMP => $events_last_timestamp),
SOAP::Data->name(CLIENTS_SUM => $clients_sum)
));
push(@status, $server_status);
# statistics of senders
if ($clients_sum != 0) {
$sth = $DBH->prepare("SELECT client_id, hostname, service FROM clients WHERE client_type = 's';");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my ($client_id, $hostname, $service);
my $client_status;
while(($client_id, $hostname, $service) = $sth->fetchrow()) {
my $hostname_db = $DBH->quote($hostname);
my $service_db = $DBH->quote($service);
my $sth2;
# sum of stored events
$sth2 = $DBH->prepare("SELECT count(*) FROM events WHERE hostname = $hostname_db AND service = $service_db;");
if ( !defined $sth2 ) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth2->execute;
my $count = $sth2->fetchrow();
if (!defined $count) {$count = "none"}
# timestamp of last stored event
$sth2 = $DBH->prepare("SELECT max(received) FROM events WHERE hostname = $hostname_db AND service = $service_db;");
if ( !defined $sth2 ) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth2->execute;
my $timestamp = $sth2->fetchrow();
if (!defined $timestamp) { $timestamp = "none" }
# create SOAP data object
$client_status = SOAP::Data->name(client_status => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(COUNT => $count),
SOAP::Data->name(TIMESTAMP => $timestamp),
));
push(@status, $client_status);
}
}
write2log("info", "Sent of warden server status info");
return @status;
}
} # END of getStatus
################################################################################
# MAIN warden-server
################################################################################
#-------------------------------------------------------------------------------
# Superuser controle
#-------------------------------------------------------------------------------
my $UID = $<;
if ($UID != 0) {
die errMsg("You must be root for running this script!")
}
#-------------------------------------------------------------------------------
# Daemonize section
#-------------------------------------------------------------------------------
use POSIX qw(setsid);
chdir '/';
umask 0;
# all STDERR messages are printed on terminal
open STDIN, '/dev/null' or die errMsg("Can't read /dev/null: $!");
open STDOUT, '/dev/null' or die errMsg("Can't write to /dev/null: $!");
defined( my $pid = fork ) or die errMsg("Can't fork: $!");
exit if $pid;
#-------------------------------------------------------------------------------
# Dissociate this process from the controlling terminal
# that started it and stop being part of whatever
# process group this process was a part of.
#------------------------------------------------------------------------------
POSIX::setsid() or die errMsg("Can't start a new session.");
#-------------------------------------------------------------------------------
# Callback signal handler for signals.
#-------------------------------------------------------------------------------
$SIG{INT} = $SIG{TERM} = $SIG{HUP} = \&signalHandler;
$SIG{PIPE} = 'ignore';
#-------------------------------------------------------------------------------
# Create pid file in /var/run/
#-------------------------------------------------------------------------------
my $pfh = File::Pid->new( { file => $pid_file, } );
$pfh->write or die errMsg("Can't write PID file $pid_file: $!");
my $pid_number = $pfh->pid;
#-------------------------------------------------------------------------------
# Starting of Warden server
#-------------------------------------------------------------------------------
write2log("info", "Starting WARDEN server daemon with pid $pid_number");
# log of warden database size
my $db_size_human = Format::Human::Bytes::base10(-s $db);
write2log("info", "Size of DB file ($db_file) is: $db_size_human");
# start TCP server
my $server = SOAP::Transport::TCP::Server
->new(
Listen => 20,
LocalAddr => $ADDRESS,
LocalPort => $PORT,
Proto => "tcp",
ReuseAddr => 1,
SSL_verify_mode => 0x02,
SSL_use_cert => 1,
SSL_server => 1,
SSL_key_file => $SSL_KEY_FILE,
SSL_cert_file => $SSL_CERT_FILE,
SSL_ca_file => $SSL_CA_FILE,
SSL_error_trap =>\&sslErrorHandler,
);
# check if socket exist
$server or die errMsg("Socket error: $!");
# start SOAP server
my $soap = SOAP::Server
->new()
->dispatch_to('Warden');
#-------------------------------------------------------------------------------
# Process of incoming client's requests and send response
#-------------------------------------------------------------------------------
write2log("info", "Starting TCP and SOAP server at $ADDRESS:$PORT");
while ($die_now != 1)
{
my $socket = $server->accept();
next if (!$socket);
our $CN = $socket->peer_certificate("cn");
my @alt_names_array = $socket->peer_certificate("subjectAltNames");
our $AN_FILTER = altNamesFilter(\@alt_names_array);
our $IP = $socket->peerhost;
our $LOCAL_IP = $socket->sockhost;
# read input serialized SOAP envelope and data
my ($request, $buf);
while (defined($buf = <$socket>))
{
$request .= $buf;
}
# handle of called server function from client and send response to client
my $response = $soap->handle($request);
print $socket $response;
$socket->close;
undef($socket);
undef($CN);
undef($AN_FILTER);
undef($IP);
undef($LOCAL_IP);
}
################################################################################
# Cleanup section
################################################################################
END {
if ($die_now == 1)
{
my $pid = trim(`cat $pid_file`);
write2log("info", "Stopping WARDEN server daemon with pid $pid");
# close connection to DB
$DBH->disconnect();
# remove pid file
$pfh->remove if defined $pfh;
}
}
src/warden-server/bin/wardend deleted 100755 → 0
View file @ abbf07a9
#!/bin/bash
# Pri pouziti Apache + mod_perl se tento soubor nepouziva
#
# wardend
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
# Jan SOUKAL <soukal@ics.muni.cz>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# This software is provided ``as is'', and any express or implied
# warranties, including, but not limited to, the implied warranties of
# merchantability and fitness for a particular purpose are disclaimed.
# In no event shall the Cesnet z.s.p.o or contributors be liable for
# any direct, indirect, incidental, special, exemplary, or consequential
# damages (including, but not limited to, procurement of substitute
# goods or services; loss of use, data, or profits; or business
# interruption) however caused and on any theory of liability, whether
# in contract, strict liability, or tort (including negligence or
# otherwise) arising in any way out of the use of this software, even
# if advised of the possibility of such damage.
### BEGIN INIT INFO
# Provides: wardend
# Required-Start: $local_fs $network $syslog $time
# Required-Stop: $local_fs $syslog $time
# Default-Start: 2 3 4 5
# Default-Stop:
# Short-Description: Start the Warden server
# Description: Starts or stops server for exchange of events
# among CSIRT teams
### END INIT INFO
VERSION="0.2"
DAEMON="/usr/local/bin/warden-server.pl"
PID_FILE="/var/run/warden-server.pl.pid"
LOCK_FILE="/var/lock/warden-server"
SCRIPTNAME=`basename "$0"`
# check if daemon is present and executable
test -x $DAEMON || exit 0
if [ $UID -ne 0 ]; then
echo "You must be root for runnnig this script!"
exit 1
fi
usage() {
echo "Usage: $0 [start|stop|status|restart|force-stop]"
exit 1
}
check_status() {
if /bin/ps axo pid,comm | grep -q "warden-serv*"; then
STATUS=1 # true - warden is running
else
STATUS=0 # false - warden is not running
fi
}
get_pid() {
PID=`ps axo pid,comm | grep "warden-serv*" | sed 's/^ \{1,4\}//g' | cut -f 1 -d " "`
return $PID
}
warden_start() {
check_status
if [ $STATUS -eq 1 ]; then
get_pid PID
echo "Warden server daemon is running (pid $PID)."
else
logger -s "Starting Warden server daemon ..."
$DAEMON
PID=`cat $PID_FILE`
logger -s "Warden server daemon is running (pid $PID)."
touch $LOCK_FILE
fi
}
warden_stop() {
check_status
if [ $STATUS -eq 1 ]; then
logger -s "Stopping Warden server daemon ..."
if [ -e $PID_FILE ]; then
PID=`cat $PID_FILE`
kill -1 $PID
rm -f $LOCK_FILE
logger -s "Warden server daemon (pid $PID) is stopped."
else
echo "Unable to stop Warden server daemon. Try to use: $SCRIPTNAME force-stop"
fi
else
echo "Warden daemon is NOT running."
fi
}
warden_status() {
check_status
if [ $STATUS -eq 1 ]; then
get_pid PID
echo "Warden daemon is running (pid $PID)."
exit 0
else
echo "Warden daemon is NOT running."
exit 1
fi
}
warden_force_stop() {
logger -s "Force stopping Warden server daemon ..."
get_pid PID
kill -9 $PID 1>/dev/null 2>&1
if [ -e $PID_FILE ]; then
rm -f $PID_FILE
fi
if [ -e $LOCK_FILE ]; then
rm -f $LOCK_FILE
fi
}
case $1 in
status)
warden_status
;;
start)
warden_start
;;
stop)
warden_stop
;;
force-stop)
warden_force_stop
;;
restart)
$0 stop
sleep 1
$0 start
;;
*)
usage
;;
esac
exit 0
src/warden-server/doc/AUTHORS deleted 100644 → 0
View file @ abbf07a9
AUTHORS AND MAINTAINERS :
MAIN DEVELOPERS:
Tomas Plesnik <plesnik@ics.muni.cz>
Jan Soukal <soukal@ics.muni.cz>
Michal Kostenec <kostenec@civ.zcu.cz>
CONTRIBUTORS:
Vit Slama <slama@cis.vutbr.cz>
Martin Drasar <drasar@ics.muni.cz>
TESTING:
Jakub Cegan <cegan@ics.muni.cz>
DEVELOPMENT MANAGER:
Jan Vykopal <vykopal@ics.muni.cz>
PROJECT MANAGERS:
Pavel Kacha <ph@cesnet.cz>
Andrea Kropacova <andrea@cesnet.cz>
COMMUNITY:
Radomir Orkac <orkac@cesnet.cz>
src/warden-server/doc/CHANGELOG deleted 100644 → 0
View file @ abbf07a9
2012-03-02 v0.1.0 beta version
------------------------------
- initial release of the Warden server
- SSL certificate authentication/authorization supported
- Subject Alternative Names of SSL certificates supported
- Syslog logging supported
- Nagios system check supported
- automated installation and uninstallation process
- SQLite database engine used
src/warden-server/doc/INSTALL deleted 100644 → 0
View file @ abbf07a9
Installation process
--------------------
For installation of warden-server package on local machine use install.sh.
Default destination directory is /opt/warden-server/.
For more information about install.sh options run install.sh -h.
You must be root for running this script.
Uninstallation process
----------------------
For uninstallation of warden-server package from local machine use uninstall.sh.
Default uninstallation directory is /opt/warden-server/.
For more information about uninstall.sh options run uninstall.sh -h.
You must be root for running this script.
src/warden-server/doc/README deleted 100644 → 0
View file @ abbf07a9
+------------------------------+
| README - Warden Server 0.1.0 |
+------------------------------+
Content
A. Overall Information
B. Installation Dependencies
C. Installation
D. Miscellaneous
E. Registration of Clients
F. Status Info
--------------------------------------------------------------------------------
A. Overall Information
1. About Warden System
Warden is a client-server architecture service designed to share detected
security events (issues) among CSIRT and CERT teams in a simple and fast way.
This package contains the Warden server.
2. Version
0.1.0 (2012-03-02)
3. Package structure
warden-server/
bin/
create_tables.sh
getClients.pl
getStatus.pl
registerReceiver.pl
registerSender.pl
unregisterClients.pl
warden-alive
wardend
warden-server.pl
doc/
CHANGELOG
INSTALL
LICENSE
README
etc/
warden-client.conf
warden-server.conf
package_version
lib/
WardenConf.pm
WardenReg.pm
WardenStatus.pm
var/
warden.db
uninstall.sh
--------------------------------------------------------------------------------
B. Installation Dependencies
1. Applications:
Perl >= 5.10.1
SQLite >= 3.7.3
2. Perl modules:
SOAP::Lite >= 0.712
SOAP::Transport::TCP >= 0.712
File::Pid >= 1.01
POSIX >= 1.17
DBI >= 1.612
DBD::SQLite >= 1.29
Format::Human::Bytes >= 0.05
Sys::Syslog >= 0.27
File::Basename >= 2.77
FindBin >= 1.50
Net::CIDR::Lite >= 0.21
DateTime >= 0.61
Getopt::Std >= 1.06
Switch >= 2.14
IO::Socket::SSL >= 1.33
--------------------------------------------------------------------------------
C. Installation
1. Check SHA1 checksum of the Warden server package archive.
$ sha1sum -c warden-server-0.1.0.tar.gz.sig
2. Untar it.
$ tar xzvf warden-server-0.1.0.tar.gz
3. Run install.sh.
Default destination directory is /opt/warden-server/
For more information about install.sh options run install.sh -h
You must be root for running this script.
4. Configuration files
You are advised to check configuration file warden-server.conf and
warden-client.conf in warden-server/etc/ directory after installation.
Although this is the Warden server package it also contains several
functions (for administration and maintenance) that are strictly
client-side in a way the Warden system handles functions. Therefore you have
to check both server and client config files to make sure your installation
of the Warden server was successful and complete.
SOAP protocol is used for handling communication between server and clients.
Therefore, correct URI of Warden server must be set.
Authentication of clients and server is performed using client and server
SSL certificates. Both clients and server must have valid certificate.
Configuration files contain following parameters:
a) warden-client.conf:
URI - URI Warden server
e.g. 'https://warden.server.com:443/Warden'
SSL_KEY_FILE - path to a host key file,
e.g. '/etc/ssl/private/warden.server.com.key'
SSL_CERT_FILE - path to a host certificate file,
e.g. '/etc/ssl/certs/warden.server.com.pem'
SSL_CA_FILE - path to a CA file
e.g. '/etc/ssl/certs/tcs-ca-bundle.pem'
b) warden-server.conf
The Warden server configuration file contains:
ADDRESS - IP address/domain name of the Warden server
e.g. warden.server.com
PORT - used TCP port for the Warden server
e.g. 443
BASEDIR - base directory of the Warden server
e.g. /opt/warden-server/
VARDIR - var directory
e.g. $BASEDIR/var/
LOGDIR - logging directory
e.g. /var/log/
PIDDIR - Process ID directory
e.g. /var/run/
SSL_KEY_FILE - path to the server SSL certificate key file
e.g. /etc/ssl/private/warden.server.com.key
SSL_CERT_FILE - path to the server SSL certificate file
e.g. /etc/ssl/certs/warden.server.com.pem
SSL_CA_FILE - path to a CA certificate file
e.g. /etc/ssl/certs/tcs-ca-bundle.pem
FACILITY - syslog facility
e.g. local7
5. Usage of install.sh
Usage: $ ./install.sh [-d <directory>] [-k <ssl_key_file>]
[-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]"
-d <directory> installation directory (default: /opt)
-k <ssl_key_file> SSL certificate key file path
-c <ssl_cert_file> SSL certificate file path
-a <ssl_ca_file> CA certificate file path
-h print this help
-V print script version number and exit
Example: $ ./install.sh -d /opt -k /etc/ssl/private/server.key
-c /etc/ssl/certs/server.pem
-a /etc/ssl/certs/bundle.pem
6. Usage of uninstall.sh
Usage: $ ./uninstall.sh [-d <directory>] [-hV]
-d <directory> uninstallation directory (default: /opt)
-h print this help
-V print script version number and exit
Example: # ./uninstall.sh -d /opt
--------------------------------------------------------------------------------
D. Miscellaneous
1. Error Messages
Error messages of the server functions are sent via Syslog to log file,
default is /var/log/messages.
During installation, until Syslog reporting is initiated, error
messages may be reported to the standard error output instead.
2. Init Script
Usage: /etc/init.d/wardend [start|stop|status|restart|force-stop]
The PID of the Warden server process is stored in
/var/run/warden-server.pl.pid.
The lock file is placed in /var/lock/warden-server.
To start the Warden server after rebooting, set init script
/etc/init.d/wardend to runlevels configuration system.
3. Nagios Integration
Nagios check is available via Nagios plugin located in
/opt/warden-server/bin/warden-alive.
4. Firewall Settings
Make sure that the TCP port listed in warden-server.conf ($PORT variable)
is allowed on your firewall.
5. Privileges
The Warden server runs only under root privileges.
6. Known Issues
Benchmarking of the Warden system showed that the system is capable of
sending/receiving about 4 events per second.
--------------------------------------------------------------------------------
E. Registration of Clients
The Warden server administrator is responsible for registering new clients or
removing those already registered. Both registration or unregistration scripts
are provided in the Warden server package. Those scripts should be run from
localhost (the same machine the Warden server is installed and running on).
Members of Warden community who would like to have their client registered must
contact the Warden server administrator with the requirement. This is usually
done via secured e-mail. Requestor should provide all important data to the
Warden server administrator so that the client can be successfully registered.
1. Register Sender
New sender clients are registered in Warden system via registerSender.pl.
Following attributes must be provided in order to register new client
successfully:
hostname - hostname of the client,
requestor - organization or authorized person who demands new
client registration,
service - name of the service of a new registered client,
description_tags - tags describing the nature of the service,
ip_net_client - CIDR the client is only allowed to communicate from.
One can run registerSender.pl with -h argument to see a help.
2. Register Receiver
New receiver clients are registered in Warden system via
registerReceiver.pl.
Following attributes must be provided in order to register new client
successfully:
hostname - hostname of the client,
requestor - organization or authorized person who demands new
client registration,
type - the type of events the client wish to receive (only
this and nothing else),
receive_own_events - boolean value describing if events originating from
the same CIDR will be sent to the client,
ip_net_client - CIDR the client is only allowed to communicate from.
One can run registerReceiver.pl with -h argument to see a help.
3. Unregister Client
In the Warden system, already registered clients can be removed
(unregistered) via unregisterClient.pl.
Following attribute must be provided in order to unregister existing client
successfully:
client_id - ID of the client that should be removed (unregistered).
One can run unregisterClient.pl with -h argument to see a help.
The process of unregistration deletes this client from clients table in DB.
But all messages stored by this client (considering "sender" client) are not
deleted, they are merely set 'invalid' in DB table events.
--------------------------------------------------------------------------------
F. Status Info
Functions in this section show status of the Warden server and active
(registered) clients to the Warden system administrator.
Similarly to (un)registration, these functions should be run from
localhost (e. g. from the same machine the Warden server is installed and
running on).
1. Get Status
Function getStatus is accessible via getStatus.pl. Function has no input
parameters and returns info about the Warden server and its DB status.
2. Get Clients
Function getClients is accessible via getClients.pl. Function has no input
parameters and returns detailed information about all registered clients.
--------------------------------------------------------------------------------
Copyright (C) 2011-2012 Cesnet z.s.p.o
src/warden-server/doc/README.warden-apache deleted 100644 → 0
View file @ abbf07a9
Strucny technicky navod pro preklopeni Warden serveru pod Apache a mod_perl
===========================================================================
INSTALACE
=========
1) Instalace Apache a MySQL DB
aptitude install apache2 mysql-server
2) Povoleni mod_ssl
an2enmod ssl
3) Instalace knihovny mod_perl
libapache2-mod-perl2
4) Instalace podpory metody prefork pro Apache
apache2-mpm-prefork
5) Instalace nove pridanych modulu
aptitude install libcrypt-x509-perl libmime-base64-perl
KONFIGURACE
===========
1) Nastaveni APACHE
a) /etc/apache2/sites-enables/default
- konfigurace sekce <VirtualHost *:443>
- includovani potrebnych parametru ze souboru {warden-server}/etc/warden-apache.conf
Include /opt/warden-server/etc/warden-apache.conf
b) Nastaveni vykonovych parametru Apache (/etc/apache2/apache2.conf)
- modul prefork (nastavujte dle vykonu vaseho serveru)
= pro 12C, 16GB RAM funguje dobre
<IfModule mpm_prefork_module>
StartServers 2
MinSpareServers 4
MaxSpareServers 8
ServerLimit 700
MaxClients 700
MaxRequestsPerChild 0
</IfModule>
- parametry spojeni
Timeout 10
KeepAlive Off
c) restartovani Apache po kazde zmene Warden.pm (serverova cast)
2) Nastaveni DB
a) (volitelne) Vytvoreni noveho uzivatele
b) Vytvoreni databazove struktury
mysql -u uzivatel -p heslo < {warden-server}/doc/warden.mysql
3) Nastaveni warden-server.conf, warden-client.conf, {warden-server}/etc/warden-apache.conf
a) Zkontrolovat spravnost IP adres, portu a hlavne cest k certifikatum + nove udaje pro pripojeni do DB
b) Pro klienta a server na jednom stroji jsou zrejme treba 2 ruzne certifikaty (me to jinak nejde, zkuste;))
Tato chyba se vypisuje pri problemu s certifikaty (chybna adresa serveru, chybne cesty pro certifikat, stejny certifikat pro klienta a server)
DEBUG: .../IO/Socket/SSL.pm:420: fatal SSL error: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed not well-formed (invalid token) at line 1, column 3, byte 3 at /usr/lib/perl5/XML/Parser.pm line 187
SLEDOVATKO
==========
Pro sledovani stavu Apache, poctu prijatych udalosti, poctu klientu lze pouzit sledovatko
{warden-server}/bin/getWebStatus.sh
src/warden-server/doc/warden.mysql deleted 100644 → 0
View file @ abbf07a9
-- MySQL dump 10.11
--
-- Host: localhost Database: warden
-- ------------------------------------------------------
-- Server version 5.0.51a-24+lenny3
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
--
-- Current Database: `warden`
--
CREATE DATABASE /*!32312 IF NOT EXISTS*/ `warden` /*!40100 DEFAULT CHARACTER SET latin1 */;
USE `warden`;
--
-- Table structure for table `clients`
--
DROP TABLE IF EXISTS `clients`;
SET @saved_cs_client = @@character_set_client;
SET character_set_client = utf8;
CREATE TABLE `clients` (
`client_id` int(11) NOT NULL auto_increment,
`hostname` varchar(256) default NULL,
`registered` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
`requestor` varchar(256) default NULL,
`service` varchar(64) default NULL,
`client_type` varchar(1) default NULL,
`type` varchar(64) default NULL,
`receive_own_events` varchar(1) default NULL,
`description_tags` varchar(256) default NULL,
`ip_net_client` varchar(256) default NULL,
PRIMARY KEY (`client_id`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client;
--
-- Table structure for table `events`
--
DROP TABLE IF EXISTS `events`;
SET @saved_cs_client = @@character_set_client;
SET character_set_client = utf8;
CREATE TABLE `events` (
`id` int(11) NOT NULL auto_increment,
`hostname` varchar(256) default NULL,
`service` varchar(64) default NULL,
`detected` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
`received` timestamp NOT NULL default '0000-00-00 00:00:00',
`type` varchar(64) default NULL,
`source_type` varchar(64) default NULL,
`source` varchar(256) default NULL,
`target_proto` varchar(16) default NULL,
`target_port` int(2) default NULL,
`attack_scale` int(4) default NULL,
`note` text,
`priority` int(1) default NULL,
`timeout` int(2) default NULL,
`valid` varchar(1) default NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2012-03-22 15:29:35
src/warden-server/etc/package_version deleted 100644 → 0
View file @ abbf07a9
warden-server-2.0.0
src/warden-server/etc/warden-apache.conf deleted 100644 → 0
View file @ abbf07a9
#
# warden-apache.conf - configuration file for the Apache server
#
SSLEngine on
SSLVerifyDepth 3
SSLVerifyClient require
SSLOptions +StdEnvVars +ExportCertData
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/warden-dev.cesnet.cz.pem
SSLCertificateKeyFile /opt/warden-client/etc/warden-dev.cesnet.cz.key
SSLCACertificateFile /etc/ssl/certs/tcs-ca-bundle.pem
PerlOptions +Parent
PerlSwitches -I/opt/warden-server/lib
<Location /Warden>
SetHandler perl-script
PerlHandler Warden::ApacheDispatch
SSLOptions +StdEnvVars
</Location>
src/warden-server/etc/warden-client.conf deleted 100644 → 0
View file @ abbf07a9
#
# warden-client.conf - configuration file for registration and status clients
#
#-------------------------------------------------------------------------------
# URI - URI address of Warden server
#-------------------------------------------------------------------------------
$URI = "https://warden-dev.cesnet.cz:443/Warden";
#-------------------------------------------------------------------------------
# SSL_KEY_FILE - path to server SSL certificate key file
#-------------------------------------------------------------------------------
$SSL_KEY_FILE = "/etc/ssl/private/warden-dev.cesnet.cz.key";
#-------------------------------------------------------------------------------
# SSL_CERT_FILE - path toserver SSL certificate file
#-------------------------------------------------------------------------------
$SSL_CERT_FILE = "/etc/ssl/certs/warden-dev.cesnet.cz.pem";
#-------------------------------------------------------------------------------
# SSL_CA_FILE - path to CA certificate file
#-------------------------------------------------------------------------------
$SSL_CA_FILE = "/etc/ssl/certs/tcs-ca-bundle.pem";
src/warden-server/etc/warden-server.conf deleted 100644 → 0
View file @ abbf07a9
#
# warden-server.conf - configuration file for Warden server
#
#-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server
#-------------------------------------------------------------------------------
$BASEDIR = "/opt/warden-server";
#-------------------------------------------------------------------------------
# FACILITY - syslog facility
#-------------------------------------------------------------------------------
$FACILITY = "local7";
#-------------------------------------------------------------------------------
# DB_NAME - database name of Warden server
#-------------------------------------------------------------------------------
$DB_NAME = "warden";
#-------------------------------------------------------------------------------
# DB_USER - user of Warden server database
#-------------------------------------------------------------------------------
$DB_USER = "root";
#-------------------------------------------------------------------------------
# DB_PASS - password of Warden server database
#-------------------------------------------------------------------------------
$DB_PASS = "";
#-------------------------------------------------------------------------------
# DB_HOST - what IP address to listen on of Warden server
#-------------------------------------------------------------------------------
$DB_HOST = "localhost";
src/warden-server/lib/Warden.pm deleted 100755 → 0
View file @ abbf07a9
#!/usr/bin/perl -w
#
# Warden.pm
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
package Warden;
use strict;
use DBI;
use DBD::mysql;
use Format::Human::Bytes;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use File::Basename;
use Net::CIDR::Lite;
use DateTime;
use MIME::Base64;
use Crypt::X509;
our $VERSION = "2.0";
################################################################################
# READING OF CONFIGURATION VARIABLES
################################################################################
my $conf_file = "/opt/warden-server-2/etc/warden-server.conf";
our $FACILITY = undef;
our $DB_NAME = undef;
our $DB_USER = undef;
our $DB_PASS = undef;
our $DB_HOST = undef;
# read config file
if (!open( TMP, $conf_file)) {
die errMsg("Can't read config file '$conf_file': $!\n");
}
close TMP;
# load set variables by user
if (!do $conf_file) {
die errMsg("Errors in config file '$conf_file': $@");
}
################################################################################
# VARIABLES
################################################################################
our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBI::errstr";
################################################################################
# LOCAL FUNCTIONS
################################################################################
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# write2log - writing message to syslog
#-------------------------------------------------------------------------------
sub write2log
{
my $priority = shift;
my $msg = shift;
my $filename = File::Basename::basename($0);
Sys::Syslog::openlog($filename, "cons,pid", $FACILITY);
Sys::Syslog::syslog("$priority", "$msg");
Sys::Syslog::closelog();
} # End of write2log
#-------------------------------------------------------------------------------
# getAltNames - parse Alternate names from SSL certifiate
#-------------------------------------------------------------------------------
sub getAltNames
{
my @an_array;
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
push(@an_array, $DBH->quote($cn));
my @a = split("\n", $ENV{'SSL_CLIENT_CERT'});
pop @a;
shift @a;
my $der = decode_base64(join("", @a));
my $decoded= Crypt::X509->new(cert => $der);
foreach my $tmp (@{$decoded->SubjectAltName}){
if($tmp =~ s/dNSName=//){
push(@an_array, $DBH->quote($tmp));
}
}
my $alt_names = join(',', @an_array);
return $alt_names;
}
################################################################################
# SOAP Functions
################################################################################
#-----------------------------------------------------------------------------
# saveNewEvent - save new received event into database
#-----------------------------------------------------------------------------
sub saveNewEvent
{
my ($class, $data) = @_;
my ($sth, $cidr_list);
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $alt_names = getAltNames(undef);
my $ip = $ENV{'REMOTE_ADDR'};
# variables defined by server
my $client_type = "s"; # incoming client MUST be sender
my $valid = "t"; # registered sender has valid events
my $received = DateTime->now; # time of event delivery (UTC)
# parse object (event) parameters
my $service = $data->{'SERVICE'};
my $detected = $data->{'DETECTED'};
my $type = $data->{'TYPE'};
my $source_type = $data->{'SOURCE_TYPE'};
my $source = $data->{'SOURCE'};
my $target_proto = $data->{'TARGET_PROTO'};
my $target_port = $data->{'TARGET_PORT'};
my $attack_scale = $data->{'ATTACK_SCALE'};
my $note = $data->{'NOTE'};
my $priority = $data->{'PRIORITY'};
my $timeout = $data->{'TIMEOUT'};
# obtain cidr based on rigth common name and alternate names, service and client_type
$sth = $DBH->prepare("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? LIMIT 1;");
if (!defined $sth) {die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute($service, $client_type);
my ($an, $cidr) = $sth->fetchrow();
# check if client is registered
if (!defined $cidr) {
write2log ("err", "Unauthorized access to saveNewEvent from: $ip (CN: $cn; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
-> new
-> add($cidr);
}
# check if client has IP from registered CIDR
if (!$cidr_list->bin_find($ip)) {
write2log ("err", "Unauthorized access to saveNewEvent from: $ip (CN: $cn; AN: $an) - access from bad subnet: $cidr");
die("Access denied - access from unauthorized subnet!");
} else {
# insert new events into DB
$sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
if (!defined $sth) {die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute(undef, $cn, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
}
} # END of saveNewEvent
#-----------------------------------------------------------------------------
# getNewEvents - get new events from the DB greater than received ID
#-----------------------------------------------------------------------------
sub getNewEvents
{
my ($class, $data) = @_;
my ($sth, @events, $event, @ids, $cidr_list);
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $alt_names = getAltNames(undef);
my $ip = $ENV{'REMOTE_ADDR'};
my $client_type = "r"; # incoming client MUST be sender
# parse SOAP data object
my $requested_type = $data->{'REQUESTED_TYPE'};
my $last_id = $data->{'LAST_ID'};
# obtain cidr based on rigth common name, service and client_type
$sth = $DBH->prepare("SELECT hostname, receive_own_events, ip_net_client FROM clients WHERE hostname IN ($alt_names) AND type = ? AND client_type = ? LIMIT 1;");
if (!defined $sth) {die("Cannot prepare authorization statement in getNewEvents: $DBI::errstr\n")}
$sth->execute($requested_type, $client_type);
my ($an, $receive_own_events, $cidr) = $sth->fetchrow();
# check if client is registered
if (!defined $cidr) {
write2log ("err", "Unauthorized access to getNewEvents from: $ip (CN: $cn; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
-> new
-> add($cidr);
}
# check if client has IP from registered CIDR
if (!$cidr_list->bin_find($ip)) {
write2log ("err", "Unauthorized access to getNewEvents from: $ip (CN: $cn; AN: $an) - access from bad subnet: $cidr");
die("Access denied - access from unathorized subnet!");
} else {
# check if client want your own events or not
if ($receive_own_events eq 't') {
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC;");
if (!defined $sth) {die("Cannot prepare ROE statement in getNewEvents: $DBI::errstr\n")}
$sth->execute($last_id, $requested_type);
} else {
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
if (!defined $sth) {die("Cannot prepare statement in getNewEvents: $DBI::errstr\n")}
my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
$domain = '\%' . $domain;
$sth->execute($last_id, $requested_type, $domain);
}
# parse items of events stored in DB
while (my @result = $sth->fetchrow()) {
$id = $result[0];
$hostname = $result[1];
$service = $result[2];
$detected = $result[3];
$type = $result[5];
$source_type = $result[6];
$source = $result[7];
$target_proto = $result[8];
$target_port = $result[9];
$attack_scale = $result[10];
$note = $result[11];
$priority = $result[12];
$timeout = $result[13];
# create SOAP data object
$event = SOAP::Data->name(event => \SOAP::Data->value(
SOAP::Data->name(ID => $id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(DETECTED => $detected),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(SOURCE_TYPE => $source_type),
SOAP::Data->name(SOURCE => $source),
SOAP::Data->name(TARGET_PROTO => $target_proto),
SOAP::Data->name(TARGET_PORT => $target_port),
SOAP::Data->name(ATTACK_SCALE => $attack_scale),
SOAP::Data->name(NOTE => $note),
SOAP::Data->name(PRIORITY => $priority),
SOAP::Data->name(TIMEOUT => $timeout)
));
push(@events, $event);
push(@ids, $id);
}
# log sent ID of events
if (scalar @events != 0) {
if (scalar @ids == 1) {
write2log("info", "Sent 1 events [#$ids[0]] to $ip (CN: $cn; AN: $an)");
} else {
write2log("info", "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to $ip (CN: $cn; AN: $an)");
}
}
return @events;
}
} # END of getNewEvents
#-----------------------------------------------------------------------------
# getLastId - get lastest saved event ID
#-----------------------------------------------------------------------------
sub getLastId
{
my ($class, $arg) = @_;
my $sth = $DBH->prepare("SELECT max(id) FROM events;");
if ( !defined $sth ) { die("Cannot prepare statement in getLastId: $DBI::errstr\n") }
$sth->execute;
my $result = $sth->fetchrow();
return $result;
} # END of getLastID
#-----------------------------------------------------------------------------
# registerSender - register new sender
#-----------------------------------------------------------------------------
sub registerSender
{
my ($class, $data) = @_;
my $sth;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
if ($local_ip ne $ip) {
write2log ("err", "Unauthorized access to registerSender from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# defined variables by method
my $client_type = "s";
my $registered = DateTime->now;
my $type = undef;
my $receive_own_events = undef;
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $requestor = $data->{'REQUESTOR'};
my $service = $data->{'SERVICE'};
my $description_tags = $data->{'DESCRIPTION_TAGS'};
my $ip_net_client = $data->{'IP_NET_CLIENT'};
# check if sender has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND requestor = ? AND service = ? AND client_type = ? AND type = ? AND receive_own_events = ? AND description_tags = ? AND ip_net_client = ? LIMIT 1;");
if (!defined $sth) {die("Cannot prepare check statement in registerSender: $DBI::errstr\n")}
$sth->execute($hostname, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $result = $sth->fetchrow();
# register new sender
if (defined $result) {
write2log ("err", "Attempt to re-register the sender");
die("Error - sender has already been registered at $result");
} else {
$sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
if (!defined $sth) {die("Cannot do statement in registerSender: $DBI::errstr\n")}
$sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
write2log("info", "New sender $hostname (service: $service, cidr: $ip_net_client) was registered");
return 1;
}
}
} # END of registerSender
#-----------------------------------------------------------------------------
# registerReceiver - register new receiver
#-----------------------------------------------------------------------------
sub registerReceiver
{
my ($class, $data) = @_;
my $sth;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
if ($local_ip ne $ip) {
write2log ("err", "Unauthorized access to registerReceiver from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# variables defined by method
my $client_type = "r";
my $registered = DateTime->now;
my $service = undef;
my $description_tags = undef;
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $requestor = $data->{'REQUESTOR'};
my $type = $data->{'TYPE'};
my $receive_own_events = $data->{'RECEIVE_OWN_EVENTS'};
my $ip_net_client = $data->{'IP_NET_CLIENT'};
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND requestor = ? AND service = ? AND client_type = ? AND type = ? AND receive_own_events = ? AND description_tags = ? AND ip_net_client = ? LIMIT 1;");
if (!defined $sth) {die("Cannot prepare check statement in registerReceiver: $DBI::errstr\n")}
$sth->execute($hostname, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $result = $sth->fetchrow();
# register new receiver
if (defined $result) {
write2log ("err", "Attempt to re-register the receiver");
die("Error - receiver has already been registered at $result");
} else {
$sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
if (!defined($sth)) {die("Cannot do statement in registerReceiver: $DBI::errstr\n")}
$sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
write2log("info", "New receiver $hostname (type: $type, cidr: $ip_net_client: receive_own_events: $receive_own_events) was registered");
return 1;
}
}
} # END of registerReceiver
#-----------------------------------------------------------------------------
# unregisterClient - unregister client
#-----------------------------------------------------------------------------
sub unregisterClient
{
my ($class, $data) = @_;
my $sth;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
if ($local_ip ne $ip) {
write2log ("err", "Unauthorized access to unregisterClients from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# parse SOAP data oject
my $client_id = $data->{'CLIENT_ID'};
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT client_id, hostname, service, client_type FROM clients WHERE client_id = ? LIMIT 1;");
if (!defined $sth) {die("Cannot prepare check statement in unregisterClient: $DBI::errstr\n")}
$sth->execute($client_id);
my ($id, $hostname, $service, $client_type) = $sth->fetchrow();
# delete registered client
if (!defined $id) {
write2log ("err", "Attempt to delete unregister client");
die("Error - client (#$client_id) is not registered");
} else {
if ($client_type eq 's') {
$sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
if (!defined $sth) {die("Cannot do delete statement of sender in unregisterClient: $DBI::errstr\n")}
$sth->execute($client_id);
$sth = $DBH->prepare("UPDATE events SET valid = 'f' where hostname = ? AND service = ?;");
if (!defined $sth) {die("Cannot do unvalidation statement in unregisterClient: $DBI::errstr\n")}
$sth->execute($hostname, $service);
write2log("info", "Sender $hostname (client_id: $client_id, service: $service) was deleted and its data were invalidated" );
return 1;
} else {
$sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
if (!defined $sth) {die("Cannot do delete statement of receiver in unregisterClient: $DBI::errstr\n")}
$sth->execute($client_id);
write2log("info", "Receiver $hostname (client_id: $client_id) was deleted" );
return 1;
}
}
}
} # END of unregisterClient
#-----------------------------------------------------------------------------
# getClients - get list of clients which were registered at warden server
#-----------------------------------------------------------------------------
sub getClients
{
my ($class, $arg) = @_;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
if ($local_ip ne $ip) {
write2log ("err", "Unauthorized access to getClients from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my (@clients, $client);
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
if (!defined $sth) { die("Cannot prepare statement in getClients: $DBI::errstr\n") }
$sth->execute;
while ( my @result = $sth->fetchrow() ) {
$client_id = $result[0];
$hostname = $result[1];
$registered = $result[2];
$requestor = $result[3];
$service = $result[4];
$client_type = $result[5];
$type = $result[6];
$receive_own_events = $result[7];
$description_tags = $result[8];
$ip_net_client = $result[9];
$client = SOAP::Data->name(client => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(REGISTERED => $registered),
SOAP::Data->name(REQUESTOR => $requestor),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(CLIENT_TYPE => $client_type),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(RECEIVE_OWN_EVENTS => $receive_own_events),
SOAP::Data->name(DESCRIPTION_TAGS => $description_tags),
SOAP::Data->name(IP_NET_CLIENT => $ip_net_client),
));
push(@clients, $client);
}
my $sum = scalar @clients;
write2log("info", "Sending information about $sum registered clients");
return @clients;
}
} # END of getClients
#-----------------------------------------------------------------------------
# getStatus - get list of status items of warden server
#-----------------------------------------------------------------------------
sub getStatus
{
my ($class, $arg) = @_;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
if ($local_ip ne $ip) {
write2log ("err", "Unauthorized access to getStatus from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my ($sth, @status);
# Warden server hostname
my $hostname = $ENV{'SERVER_NAME'};
# IP address of Warden server
my $ip_address = $ENV{'REMOTE_ADDR'};
# used port
my $port = $ENV{'SERVER_PORT'};
# size of database events
$sth = $DBH->prepare("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?");
$sth->execute('warden', 'events');
my $size = $sth->fetchrow();
my $db_size = (defined $size ? Format::Human::Bytes::base10($size) : "none");
# sum of records in table events
$sth = $DBH->prepare("SELECT count(*) FROM events WHERE valid = 't';");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_sum = $sth->fetchrow();
if (!defined $events_sum) { $events_sum = "none" }
# id of last record in table events
$sth = $DBH->prepare("SELECT max(id) FROM events;");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_last_id = $sth->fetchrow();
if (!defined $events_last_id) { $events_last_id = "none" }
# timestamp of first record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events);");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_first_timestamp = $sth->fetchrow();
if (!defined $events_first_timestamp) { $events_first_timestamp = "none" }
# timestamp of last record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events);");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_last_timestamp = $sth->fetchrow();
if (!defined $events_last_timestamp) { $events_last_timestamp = "none" }
# sum of records in table clients
$sth = $DBH->prepare("SELECT count(*) FROM clients;");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $clients_sum = $sth->fetchrow();
if (!defined $clients_sum) { $clients_sum = "none" }
my $server_status = SOAP::Data->name(server_status => \SOAP::Data->value(
SOAP::Data->name(VERSION => $VERSION),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(IP_ADDRESS => $ip_address),
SOAP::Data->name(PORT => $port),
SOAP::Data->name(FACILITY => $FACILITY),
SOAP::Data->name(DB_NAME => $DB_NAME),
SOAP::Data->name(DB_USER => $DB_USER),
SOAP::Data->name(DB_HOST => $DB_HOST),
SOAP::Data->name(DB_SIZE => $db_size),
SOAP::Data->name(EVENTS_SUM => $events_sum),
SOAP::Data->name(EVENTS_LAST_ID => $events_last_id),
SOAP::Data->name(EVENTS_FIRST_TIMESTAMP => $events_first_timestamp),
SOAP::Data->name(EVENTS_LAST_TIMESTAMP => $events_last_timestamp),
SOAP::Data->name(CLIENTS_SUM => $clients_sum)
));
push(@status, $server_status);
# statistics of senders
if ($clients_sum != 0) {
$sth = $DBH->prepare("SELECT client_id, hostname, service FROM clients WHERE client_type = 's' ORDER BY client_id ASC;");
if (!defined $sth) {die("Cannot prepare statement in getStatus: $DBI::errstr\n")}
$sth->execute;
my ($client_id, $hostname, $service);
my $client_status;
while(($client_id, $hostname, $service) = $sth->fetchrow()) {
my $sth2;
# sum of stored events
$sth2 = $DBH->prepare("SELECT count(*) FROM events WHERE hostname = ? AND service = ?;");
if (!defined $sth2) {die("Cannot prepare statement in getStatus: $DBI::errstr\n")}
$sth2->execute($hostname, $service);
my $count = $sth2->fetchrow();
if (!defined $count) {$count = "none"}
# timestamp of last stored event
$sth2 = $DBH->prepare("SELECT max(received) FROM events WHERE hostname = ? AND service = ?;");
if (!defined $sth2) {die("Cannot prepare statement in getStatus: $DBI::errstr\n")}
$sth2->execute($hostname, $service);
my $timestamp = $sth2->fetchrow();
if (!defined $timestamp) {$timestamp = "none"}
# create SOAP data object
$client_status = SOAP::Data->name(client_status => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(COUNT => $count),
SOAP::Data->name(TIMESTAMP => $timestamp),
));
push(@status, $client_status);
}
}
write2log("info", "Sent of warden server status info");
return @status;
}
} # END of getStatus
1;