Skip to content
Snippets Groups Projects
Commit 008ab67b authored by Jakub Cegan's avatar Jakub Cegan
Browse files

Merge branch 'warden-server-2.2' of homeproj.cesnet.cz:warden 

Conflicts:
	packages/build-server.sh
	src/warden-server/bin/wardenWatchdog.pl
	src/warden-server/doc/CHANGELOG
	src/warden-server/doc/README
	src/warden-server/lib/Warden.pm
	src/warden-server/sh/uninstall.sh
	src/warden-server/sh/update.sh
parents 505ba410 981838c0
No related branches found
No related tags found
No related merge requests found
Expand all Show whitespace changes
Inline Side-by-side
Showing
with 1138 additions and 481 deletions
packages/build-server.sh
+ 4
0
View file @ 008ab67b
...@@ -24,7 +24,11 @@ err() ...@@ -24,7 +24,11 @@ err()
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# edit when you build new package # edit when you build new package
<<<<<<< HEAD
version="2.1" version="2.1"
=======
version="2.2"
>>>>>>> 981838c056f36b6f42b2de30eb017bd7ab441a1e
package_name="warden-server" package_name="warden-server"
package="${package_name}-${version}" package="${package_name}-${version}"
......
src/warden-server/bin/getClients.pl
+ 78
59
View file @ 008ab67b
#!/usr/bin/perl -w #!/usr/bin/perl
# #
# getClients.pl # getClients.pl
# #
# Copyright (C) 2011-2012 Cesnet z.s.p.o # Copyright (C) 2011-2013 Cesnet z.s.p.o
# #
# Use of this source is governed by a BSD-style license, see LICENSE file. # Use of this source is governed by a BSD-style license, see LICENSE file.
use strict; use strict;
use warnings;
use Getopt::Std; use Getopt::Std;
use File::Basename; use DBI;
use DBD::mysql;
use FindBin qw($RealBin $RealScript);
FindBin::again();
use lib "$RealBin/../lib";
use WardenCommon;
################################################################################
# VARIABLES
################################################################################
our $VERSION = "2.2";
my $etc = "$RealBin/../etc";
our $VERSION = "2.1"; # read config file
my $conf_file = "$etc/warden-server.conf";
WardenCommon::loadConf($conf_file);
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenStatus.pm';
my $filename = basename($0);
#------------------------------------------------------------------------------- ################################################################################
# Functions # FUNCTIONS
#------------------------------------------------------------------------------- ################################################################################
sub usage { sub usage {
print "Usage: $filename [without parameters]\n"; print "Usage: $RealScript (without parameters) [-h -V]\n";
exit 1; exit 1;
} }
#------------------------------------------------------------------------------- sub help {
# errMsg - print error message and die print "$RealScript (without parameters) [-h -V]\n";
#------------------------------------------------------------------------------- print "-h print this text and exit\n";
sub errMsg print "-V print version and exit\n";
{ exit 0;
my $msg = shift; }
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#------------------------------------------------------------------------------- sub version {
# trim - remove whitespace from the start and end of the string print "Current version: $VERSION\n";
#------------------------------------------------------------------------------- exit 0;
sub trim }
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#------------------------------------------------------------------------------- ################################################################################
# MAIN # MAIN
#------------------------------------------------------------------------------- ################################################################################
our ($opt_h); our ($opt_h, $opt_V);
die usage unless getopts("h"); die usage unless getopts("hV");
my $help = $opt_h; my $help = $opt_h;
my $script_version = $opt_V;
# catch help param # catch help option
if ($help) { if ($help) {
usage; help;
} }
# superuser controle # catch version option
my $UID = $<; if ($script_version) {
if ($UID != 0) { version;
die errMsg("You must be root for running this script!")
} }
# connect to DB
my @clients = WardenStatus::getClients($warden_path); my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Registered | Requestor | Service | CT | Type | ROE | Description tags | IP Net Client |\n"; # obtain data from DB
print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n"; my $sth = $dbh->prepare("SELECT * FROM clients ORDER BY client_id ASC;") or die "Cannot prepare statement: " . $dbh->errstr;
foreach (@clients) { $sth->execute or die "Cannot execute statement: " . $sth->errstr;
printf("| %-10s ", @$_[0] || "unknown"); my $hash_ref = $sth->fetchall_hashref("client_id");
printf("| %-30s ", @$_[1] || "unknown");
printf("| %19s ", @$_[2] || "unknown"); # print table of clients
printf("| %-23s ", @$_[3] || "unknown"); print "+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
printf("| %-25s ", @$_[4] || "unknown"); print "| Client ID | Hostname | Registered | Requestor | Service | CT | Type | ROE | Description tags | IP Net Client | Valid |\n";
printf("| %-2s ", @$_[5] || "unknown"); print "+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
printf("| %-15s ", @$_[6] || "unknown"); foreach my $key (sort {$a<=>$b} keys %$hash_ref) {
printf("| %-4s ", @$_[7] || "unknown"); printf("| %-10s ", $hash_ref->{$key}->{client_id} || "unknown");
printf("| %-50s ", @$_[8] || "unknown"); printf("| %-30s ", $hash_ref->{$key}->{hostname} || "unknown");
printf("| %-18s |\n", @$_[9] || "unknown"); printf("| %19s ", $hash_ref->{$key}->{registered} || "unknown");
printf("| %-23s ", $hash_ref->{$key}->{requestor} || "unknown");
printf("| %-25s ", $hash_ref->{$key}->{service} || "-");
printf("| %-2s ", $hash_ref->{$key}->{client_type} || "unknown");
printf("| %-15s ", $hash_ref->{$key}->{type} || "-");
printf("| %-4s ", $hash_ref->{$key}->{receive_own_events} || "-");
printf("| %-50s ", $hash_ref->{$key}->{description_tags} || "-");
printf("| %-18s ", $hash_ref->{$key}->{ip_net_client}|| "unknown");
printf("| %-5s |\n", $hash_ref->{$key}->{valid}|| "unknown");
} }
print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n"; print "+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "\n"; print "\n";
print "Current registered clients in: " . scalar localtime(time) . "\n"; print "Current registered clients in: " . scalar localtime(time) . "\n";
# cleanup section
END {
if (defined $dbh) {
$dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
}
}
exit 0; exit 0;
src/warden-server/bin/getStatus.pl
+ 209
75
View file @ 008ab67b
#!/usr/bin/perl -w #!/usr/bin/perl
# #
# getStatus.pl # getStatus.pl
# #
# Copyright (C) 2011-2012 Cesnet z.s.p.o # Copyright (C) 2011-2013 Cesnet z.s.p.o
# #
# Use of this source is governed by a BSD-style license, see LICENSE file. # Use of this source is governed by a BSD-style license, see LICENSE file.
use strict; use strict;
use warnings;
use Getopt::Std; use Getopt::Std;
use File::Basename; use DBI;
use DBD::mysql;
use Format::Human::Bytes;
use FindBin qw($RealBin $RealScript);
FindBin::again();
use lib "$RealBin/../lib";
use WardenCommon;
our $VERSION = "2.1";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenStatus.pm';
my $filename = basename($0);
#------------------------------------------------------------------------------- ################################################################################
# Functions # VARIABLES
#------------------------------------------------------------------------------- ################################################################################
our $VERSION = "2.2";
my $etc = "$RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
WardenCommon::loadConf($conf_file);
################################################################################
# FUNCTIONS
################################################################################
sub usage { sub usage {
print "Usage: $filename [without parameters]\n"; print "Usage: $RealScript (without parameters) [-h -V]\n";
exit 1; exit 1;
} }
#------------------------------------------------------------------------------- sub help {
# errMsg - print error message and die print "$RealScript (without parameters) [-h -V]\n";
#------------------------------------------------------------------------------- print "-h print this text and exit\n";
sub errMsg print "-V print version and exit\n";
{ exit 0;
my $msg = shift; }
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#------------------------------------------------------------------------------- sub version {
# trim - remove whitespace from the start and end of the string print "Current version: $VERSION\n";
#------------------------------------------------------------------------------- exit 0;
sub trim }
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
################################################################################
# MAIN # MAIN
#------------------------------------------------------------------------------- ################################################################################
our ($opt_h); our ($opt_h, $opt_V);
die usage unless getopts("h"); die usage unless getopts("hV");
my $help = $opt_h; my $help = $opt_h;
my $script_version = $opt_V;
# catch help param # catch help option
if ($help) { if ($help) {
usage; help;
}
# catch version option
if ($script_version) {
version;
} }
# superuser controle # superuser controle
my $UID = $<; my $UID = $<;
if ($UID != 0) { if ($UID != 0) {
die errMsg("You must be root for running this script!") WardenCommon::errMsg("You must be root for running this script!");
} }
my @status = WardenStatus::getStatus($warden_path); # connect to DB
my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
# take and remove first element of array @status and save it into $server_status_ref
my $server_status_ref = shift(@status);
my @server_status = @$server_status_ref;
my $syslog;
my $syslog_verbose;
if ($server_status[7] == 1) { #-----------------------------------------------------------------------------
# Warden server variables
my $package_version = WardenCommon::trim(`cat /opt/warden-server/etc/package_version`);
my $version = substr($package_version, 14);
my $hostname = WardenCommon::trim(`hostname -f`);
my $ip_address = WardenCommon::trim(`hostname -i`);
my $port = WardenCommon::trim(`netstat -pln | grep apache | cut -f 4 -d ":"`);
my ($syslog, $syslog_verbose);
if ($WardenCommon::SYSLOG == 1) {
$syslog = "enabled"; $syslog = "enabled";
} else { } else {
$syslog = "disabled"; $syslog = "disabled";
} }
if ($WardenCommon::SYSLOG_VERBOSE == 1) {
if ($server_status[8] == 1) {
$syslog_verbose = "enabled"; $syslog_verbose = "enabled";
} else { } else {
$syslog_verbose = "disabled"; $syslog_verbose = "disabled";
} }
#-------------------------------------------------------------------------------
# Warden server status
# size of database events
my $sth = $dbh->prepare("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute($WardenCommon::DB_NAME, 'events') or die "Cannot execute statement: " . $sth->errstr;
my $size = $sth->fetchrow();
my $db_size = defined $size ? Format::Human::Bytes::base10($size) : "none";
# sum of all records in table events
$sth = $dbh->prepare("SELECT count(*) FROM events;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $events_sum = $sth->fetchrow();
if (!defined $events_sum) {
$events_sum = "none";
}
# sum of valid records in table events
$sth = $dbh->prepare("SELECT count(*) FROM events WHERE valid = 't';") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $events_sum_valid = $sth->fetchrow();
if (!defined $events_sum_valid) {
$events_sum_valid = "none";
}
# sum of obsolete records in table events
$sth = $dbh->prepare("SELECT count(*) FROM events WHERE valid = 'o';") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $events_sum_obsolete = $sth->fetchrow();
if (!defined $events_sum_obsolete) {
$events_sum_obsolete = "none";
}
# sum of fail records in table events
$sth = $dbh->prepare("SELECT count(*) FROM events WHERE valid = 'f';") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $events_sum_invalid = $sth->fetchrow();
if (!defined $events_sum_invalid) {
$events_sum_invalid = "none";
}
# id of last record in table events
$sth = $dbh->prepare("SELECT max(id) FROM events WHERE valid = 't';") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $events_last_id = $sth->fetchrow();
if (!defined $events_last_id) {
$events_last_id = "none";
}
# timestamp of first record in table events
$sth = $dbh->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events WHERE valid = 't');") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $events_first_timestamp = $sth->fetchrow();
if (!defined $events_first_timestamp) {
$events_first_timestamp = "none";
}
# timestamp of last record in table events
$sth = $dbh->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events WHERE valid = 't');") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $events_last_timestamp = $sth->fetchrow();
if (!defined $events_last_timestamp) {
$events_last_timestamp = "none";
}
# sum of all records in table clients
$sth = $dbh->prepare("SELECT count(*) FROM clients;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $clients_sum = $sth->fetchrow();
if (!defined $clients_sum) {
$clients_sum = "none";
}
# sum of valid records in table clients
$sth = $dbh->prepare("SELECT count(*) FROM clients WHERE valid = 't';") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $clients_sum_valid = $sth->fetchrow();
if (!defined $clients_sum_valid) {
$clients_sum_valid = "none";
}
# sum of invaled records in table clients
$sth = $dbh->prepare("SELECT count(*) FROM clients WHERE valid = 'f';") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my $clients_sum_invalid = $sth->fetchrow();
if (!defined $clients_sum_invalid) {
$clients_sum_invalid = "none";
}
#-------------------------------------------------------------------------------
# Statistics of active registered senders
my $hash_ref;
if ($clients_sum != 0) {
# $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.client_id=clients.client_id) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my ($client_id, $hostname, $service, $count, $timestamp, $client_status);
$hash_ref = $sth->fetchall_hashref("client_id");
}
#-------------------------------------------------------------------------------
# Print status info output
print "Warden server variables:\n"; print "Warden server variables:\n";
print "========================\n"; print "========================\n";
print "SERVER_VERSION:\t\t$server_status[0]\n"; print "SERVER_VERSION:\t\t$version\n";
print "HOSTNAME:\t\t$server_status[1]\n"; print "HOSTNAME:\t\t$hostname\n";
print "IP_ADDRESS:\t\t$server_status[2]\n"; print "IP_ADDRESS:\t\t$ip_address\n";
print "PORT:\t\t\t$server_status[3]\n"; print "PORT:\t\t\t$port\n";
print "DB_NAME:\t\t$server_status[4]\n"; print "BASEDIR:\t\t$WardenCommon::BASEDIR\n";
print "DB_USER:\t\t$server_status[5]\n"; print "DB_NAME:\t\t$WardenCommon::DB_NAME\n";
print "DB_HOST:\t\t$server_status[6]\n"; print "DB_USER:\t\t$WardenCommon::DB_USER\n";
print "DB_HOST:\t\t$WardenCommon::DB_HOST\n";
print "SYSLOG:\t\t\t$syslog\n"; print "SYSLOG:\t\t\t$syslog\n";
print "SYSLOG_VERBOSE:\t\t$syslog_verbose\n"; print "SYSLOG_VERBOSE:\t\t$syslog_verbose\n";
print "SYSLOG_FACILITY:\t$server_status[9]\n"; print "SYSLOG_FACILITY:\t$WardenCommon::SYSLOG_FACILITY\n";
print "MAX_EVENTS_LIMIT:\t$WardenCommon::MAX_EVENTS_LIMIT\n";
print "\n"; print "\n";
print "Warden server status:\n"; print "Warden server status:\n";
print "=====================\n"; print "=====================\n";
print "Database size:\t\t\t$server_status[10]\n"; print "Database size:\t\t\t\t$db_size\n";
print "Count of saved events:\t\t$server_status[11]\n"; print "Count of all saved events:\t\t$events_sum\n";
print "Last ID in events table:\t$server_status[12]\n"; print " - count of valid events:\t\t$events_sum_valid\n";
print "Time of first inserted event:\t$server_status[13] (UTC)\n"; print " - count of obsolete events:\t\t$events_sum_obsolete\n";
print "Time of latest inserted event:\t$server_status[14] (UTC)\n"; print " - count of invalid events:\t\t$events_sum_invalid\n";
print "Count of registered clients:\t$server_status[15]\n"; print "Last (valid) ID in events table:\t$events_last_id\n";
print "Time of first (valid) inserted event:\t$events_first_timestamp (UTC)\n";
print "Time of latest (valid) inserted event:\t$events_last_timestamp (UTC)\n";
print "Count of all registered clients:\t$clients_sum\n";
print " - count of valid registered clients:\t$clients_sum_valid\n";
print " - count of invalid registered clients:\t$clients_sum_invalid\n";
print "\n"; print "\n";
# check if sum of registered client isn't 0 if ($clients_sum != 0) {
if ($server_status[15] != 0) { print "Statistics of ACTIVE and VALID registered senders:\n";
print "Statistics of active registered senders:\n"; print "==================================================\n";
print "========================================\n";
print "+----------------------------------------------------------------------------------------------------------------+\n"; print "+----------------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Service | Stored events | Last insertion (UTC) |\n"; print "| Client ID | Hostname | Service | Stored events | Last insertion (UTC) |\n";
print "+----------------------------------------------------------------------------------------------------------------+\n"; print "+----------------------------------------------------------------------------------------------------------------+\n";
foreach my $client_status_ref (@status){ foreach my $key (sort {$a<=>$b} keys %$hash_ref) {
my @client_status = @$client_status_ref; printf("| %-10s ", $hash_ref->{$key}->{client_id} || "unknown");
printf("| %-10s ", $client_status[0] || "unknown"); printf("| %-30s ", $hash_ref->{$key}->{hostname}|| "unknown");
printf("| %-30s ", $client_status[1] || "unknown"); printf("| %-25s ", $hash_ref->{$key}->{service} || "unknown");
printf("| %-25s ", $client_status[2] || "unknown"); printf("| %-13s ", $hash_ref->{$key}->{"count(*)"} || "unknown");
printf("| %-13s ", $client_status[3] || "unknown"); printf("| %-20s |\n", $hash_ref->{$key}->{"max(received)"} || "unknown");
printf("| %-20s |\n", $client_status[4] || "unknown");
} }
print "+----------------------------------------------------------------------------------------------------------------+\n"; print "+----------------------------------------------------------------------------------------------------------------+\n";
print "\n"; print "\n";
...@@ -134,4 +261,11 @@ if ($server_status[15] != 0) { ...@@ -134,4 +261,11 @@ if ($server_status[15] != 0) {
print "Current server status in:\t" . scalar localtime(time) . "\n"; print "Current server status in:\t" . scalar localtime(time) . "\n";
# cleanup section
END {
if (defined $dbh) {
$dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
}
}
exit 0; exit 0;
src/warden-server/bin/registerReceiver.pl
+ 128
53
View file @ 008ab67b
#!/usr/bin/perl -w #!/usr/bin/perl
# #
# registerReceiver.pl # registerReceiver.pl
# #
# Copyright (C) 2011-2012 Cesnet z.s.p.o # Copyright (C) 2011-2013 Cesnet z.s.p.o
# #
# Use of this source is governed by a BSD-style license, see LICENSE file. # Use of this source is governed by a BSD-style license, see LICENSE file.
use strict; use strict;
use warnings;
use Getopt::Std; use Getopt::Std;
use Switch; use Switch;
use File::Basename; use DBI;
use DBD::mysql;
use DateTime;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use Carp;
use FindBin qw($RealBin $RealScript);
FindBin::again();
use lib "$RealBin/../lib";
use WardenCommon;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
my $filename = basename($0);
#------------------------------------------------------------------------------- ################################################################################
# Functions # VARIABLES
#------------------------------------------------------------------------------- ################################################################################
our $VERSION = "2.2";
my $etc = "$RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
WardenCommon::loadConf($conf_file);
################################################################################
# FUNCTIONS
################################################################################
sub usage { sub usage {
print "Usage: $filename [-h -o -n <hostname> -r <requestor> -t <type> -i <ip_net_client>]\n"; print "Usage: $RealScript -n <hostname> -r <requestor> -t <type> -o -c <ip_net_client> [-i <client_id> -h -V]\n";
exit 1; exit 1;
} }
sub help { sub help {
print "$filename [-h -o -n <hostname> -r <requestor> -t <type> -i <ip_net_client>]\n"; print "$RealScript -n <hostname> -r <requestor> -t <type> -o -c <ip_net_client> [-i <client_id> -h -V]\n";
print "-h print this text and exit\n";
print "-n hostname of receiver\n"; print "-n hostname of receiver\n";
print "-r client registration requestor\n"; print "-r e-mail address of client registration requestor\n";
print "-t type of received events or '_any_' for receiving of all types of events\n"; print "-t type of received events or '_any_' for receiving of all types of events\n";
print "-o enable receiving of own events\n"; print "-o enable receiving of own events\n";
print "-i CIDR of receiver\n"; print "-c CIDR of receiver\n";
print "-i user defined client ID (optional)\n";
print "-h print this text and exit\n";
print "-V print version and exit\n";
exit 0; exit 0;
} }
#------------------------------------------------------------------------------- sub version {
# errMsg - print error message and die print "Current version: $VERSION\n";
#------------------------------------------------------------------------------- exit 0;
sub errMsg }
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string # sendMsg - wrapper for more complex WardenCommon::sendMsg function
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
sub trim sub sendMsg
{ {
my $string = shift; my $severity = shift;
$string =~ s/^\s+//; my $syslog_msg = shift;
$string =~ s/\s+$//;
return $string; WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
} # End of trim $syslog_msg, undef, $RealScript);
}
#-------------------------------------------------------------------------------
################################################################################
# MAIN # MAIN
#------------------------------------------------------------------------------- ################################################################################
our ($opt_n, $opt_r, $opt_t, $opt_o, $opt_i, $opt_h); our ($opt_n, $opt_r, $opt_t, $opt_o, $opt_c, $opt_i, $opt_h, $opt_V);
if ($#ARGV == -1) {usage} if ($#ARGV == -1) {
usage;
}
die usage unless getopts("n:r:t:i:ho"); die usage unless getopts("n:r:t:c:i:ohV");
my $hostname = $opt_n; my $hostname = $opt_n;
my $requestor = $opt_r; my $requestor = $opt_r;
my $type = $opt_t; my $type = $opt_t;
my $ip_net_client = $opt_i; my $ip_net_client = $opt_c;
my $client_id = $opt_i;
my $help = $opt_h; my $help = $opt_h;
my $script_version = $opt_V;
my $receive_own_events = "f"; my $receive_own_events = "f";
if ($opt_o) { if ($opt_o) {
$receive_own_events = "t"; $receive_own_events = "t";
} }
# catch help param # catch help option
if ($help) { if ($help) {
help; help;
} }
if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) { # catch version option
die errMsg("Enter correct IP in CIDR format!"); if ($script_version) {
version;
} }
# superuser controle
my $UID = $<;
if ($UID != 0) {die errMsg("You must be root for running this script!")}
# check parameters definition # check parameters definition
switch () { switch () {
case {!defined $hostname} { print "ERROR: Parameter 'hostname' is not defined!\n"; exit 1; } case {!defined $hostname} {WardenCommon::errMsg("Parameter 'hostname' is not defined!")}
case {!defined $requestor} { print "ERROR: Parameter 'requestor' is not defined!\n"; exit 1; } case {!defined $requestor} {WardenCommon::errMsg("Parameter 'requestor' is not defined!")}
case {!defined $type} { print "ERROR: Parameter 'type' is not defined!\n"; exit 1; } case {!defined $type} {WardenCommon::errMsg("Parameter 'type' is not defined!")}
case {!defined $receive_own_events} { print "ERROR: Parameter 'receive_own_events' is not defined!\n"; exit 1; } case {!defined $receive_own_events} {WardenCommon::errMsg("Parameter 'receive_own_events' is not defined!")}
case {!defined $ip_net_client} { print "ERROR: Parameter 'ip_net_client' is not defined!\n"; exit 1; } case {!defined $ip_net_client} {WardenCommon::errMsg("Parameter 'ip_net_client' is not defined!")}
}
# check validity of IP address (CIDR format)
if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
WardenCommon::errMsg("Enter correct IP address in CIDR format!");
} }
my $return = WardenReg::registerReceiver($warden_path, $hostname, $requestor, $type, $receive_own_events, $ip_net_client); # check client ID
$return ? print "Registration of $hostname was SUCCESSFUL...\n" : print "Registration of $hostname FAILED!\n"; if (defined $client_id && $client_id !~ /^\d+\z/) {
WardenCommon::errMsg("Parameter 'client_id' is not a integer!");
}
# defined variables by script
my $client_type = "r";
my $valid = "t";
my $registered = DateTime->now;
my $service = undef;
my $description_tags = undef;
# connect to DB
my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
my $warden_server = WardenCommon::trim(`hostname -f`);
# check if user defined client_id wasn't used
my ($sth, $client_id_db, $registered_db);
if (defined $client_id) {
$sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
($client_id_db, $registered_db) = $sth->fetchrow();
if (defined $client_id_db) {
sendMsg("err", "Attempt to use client_id (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
WardenCommon::errMsg("Client with ID '$client_id_db' has been already registered at Warden server '$warden_server' in '$registered_db'");
}
}
# check if receiver has been already registered
$sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE hostname = ? AND client_type = ? AND type = ? AND ip_net_client = ? LIMIT 1;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute($hostname, $client_type, $type, $ip_net_client) or die "Cannot execute statement: " . $sth->errstr;
($client_id_db, $registered_db) = $sth->fetchrow();
if (defined $client_id_db) {
sendMsg("err", "Attempt to re-register receiver (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
WardenCommon::errMsg("Receiver has been already registered at Warden server '$warden_server' in '$registered_db' with ID '$client_id_db'");
} else {
# register receiver
$sth = $dbh->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?,?);") or die "Cannot prepare statement: " . $dbh->errstr;
my $ret_val = $sth->execute($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client, $valid) or die "Cannot execute statement: " . $sth->errstr;
if ($ret_val == 1) {
my $last_insert_id = $dbh->last_insert_id(undef, undef, "clients", undef);
sendMsg("info", "New receiver [ID: '$last_insert_id', Hostname: '$hostname', Requestor: '$requestor', Type: '$type', ROE: '$receive_own_events', CIDR: '$ip_net_client'] has been registered");
WardenCommon::succMsg("Registration of receiver (#$last_insert_id) was SUCCESSFUL!!!");
} else {
WardenCommon::errMsg("Registration of receiver $hostname ($type) FAILED!!!");
}
}
# cleanup section
END {
if (defined $dbh) {
$dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
}
}
exit 0; exit 0;
src/warden-server/bin/registerSender.pl
+ 129
54
View file @ 008ab67b
#!/usr/bin/perl -w #!/usr/bin/perl
# #
# registerSender.pl # registerSender.pl
# #
# Copyright (C) 2011-2012 Cesnet z.s.p.o # Copyright (C) 2011-2013 Cesnet z.s.p.o
# #
# Use of this source is governed by a BSD-style license, see LICENSE file. # Use of this source is governed by a BSD-style license, see LICENSE file.
use strict; use strict;
use warnings;
use Getopt::Std; use Getopt::Std;
use Switch; use Switch;
use File::Basename; use DBI;
use DBD::mysql;
use DateTime;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use Carp;
use FindBin qw($RealBin $RealScript);
FindBin::again();
use lib "$RealBin/../lib";
use WardenCommon;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
my $filename = basename($0);
#------------------------------------------------------------------------------- ################################################################################
# Functions # VARIABLES
#------------------------------------------------------------------------------- ################################################################################
our $VERSION = "2.2";
my $etc = "$RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
WardenCommon::loadConf($conf_file);
################################################################################
# FUNCTIONS
################################################################################
sub usage { sub usage {
print "Usage: $filename [-h -n <hostname> -r <requestor> -s <service> -d <description_tags> -i <ip_net_client>]\n"; print "Usage: $RealScript -n <hostname> -r <requestor> -s <service> -d <description_tags> -c <ip_net_client> [-i <client_id> -h -V]\n";
exit 1; exit 1;
} }
sub help { sub help {
print "$filename [-h -n <hostname> -r <requestor> -s <service> -d <description_tags> -i <ip_net_client>]\n"; print "$RealScript -n <hostname> -r <requestor> -s <service> -d <description_tags> -c <ip_net_client> [-i <client_id> -h -V]\n";
print "-h print this text and exit\n";
print "-n hostname of sender\n"; print "-n hostname of sender\n";
print "-r client registration requestor\n"; print "-r e-mail address of client registration requestor\n";
print "-s name of service which sent events\n"; print "-s name of service which sent events\n";
print "-d description tags of send events\n"; print "-d description tags of send events\n";
print "-i CIDR of sender\n"; print "-c CIDR of sender\n";
print "-i user defined client ID (optional)\n";
print "-h print this text and exit\n";
print "-V print version and exit\n";
exit 0; exit 0;
} }
#------------------------------------------------------------------------------- sub version {
# errMsg - print error message and die print "Current version: $VERSION\n";
#------------------------------------------------------------------------------- exit 0;
sub errMsg }
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string # sendMsg - wrapper for more complex WardenCommon::sendMsg function
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
sub trim sub sendMsg
{ {
my $string = shift; my $severity = shift;
$string =~ s/^\s+//; my $syslog_msg = shift;
$string =~ s/\s+$//;
return $string;
} # End of trim
WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
$syslog_msg, undef, $RealScript);
}
#-------------------------------------------------------------------------------
################################################################################
# MAIN # MAIN
#------------------------------------------------------------------------------- ################################################################################
our ($opt_n, $opt_r, $opt_s, $opt_d, $opt_i, $opt_h); our ($opt_n, $opt_r, $opt_s, $opt_d, $opt_c, $opt_i, $opt_h, $opt_V);
if ($#ARGV == -1) {usage} if ($#ARGV == -1) {
usage;
}
die usage unless getopts("n:r:s:d:i:h"); die usage unless getopts("n:r:s:d:c:i:hV");
my $hostname = $opt_n; my $hostname = $opt_n;
my $requestor = $opt_r; my $requestor = $opt_r;
my $service = $opt_s; my $service = $opt_s;
my $description_tags = $opt_d; my $description_tags = $opt_d;
my $ip_net_client = $opt_i; my $ip_net_client = $opt_c;
my $client_id = $opt_i;
my $help = $opt_h; my $help = $opt_h;
my $script_version = $opt_V;
# catch help param # catch help option
if ($help) { if ($help) {
help; help;
} }
if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) { # catch version option
die errMsg("Enter correct IP in CIDR format!"); if ($script_version) {
version;
} }
# superuser controle
my $UID = $<;
if ($UID != 0) {die errMsg("You must be root for running this script!")}
# check parameters definition # check parameters definition
switch () { switch () {
case {!defined $hostname} { print "ERROR: Parameter 'hostname' is not defined!\n"; exit 1; } case {!defined $hostname} {WardenCommon::errMsg("Parameter 'hostname' is not defined!")}
case {!defined $requestor} { print "ERROR: Parameter 'requestor' is not defined!\n"; exit 1; } case {!defined $requestor} {WardenCommon::errMsg("Parameter 'requestor' is not defined!")}
case {!defined $service} { print "ERROR: Parameter 'service' is not defined!\n"; exit 1; } case {!defined $service} {WardenCommon::errMsg("Parameter 'service' is not defined!")}
case {!defined $description_tags} { print "ERROR: Parameter 'description_tags' is not defined!\n"; exit 1; } case {!defined $description_tags} {WardenCommon::errMsg("Parameter 'description_tags' is not defined!")}
case {!defined $ip_net_client} { print "ERROR: Parameter 'ip_net_client' is not defined!\n"; exit 1; } case {!defined $ip_net_client} {WardenCommon::errMsg("Parameter 'ip_net_client' is not defined!")}
}
# check validity of IP address (CIDR format)
if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
WardenCommon::errMsg("Enter correct IP in CIDR format!");
} }
# register sender at warden server # check client ID
my $return = WardenReg::registerSender($warden_path, $hostname, $requestor, $service, $description_tags, $ip_net_client); if (defined $client_id && $client_id !~ /^\d+\z/) {
$return ? print "Registration of $hostname was SUCCESSFUL...\n" : print "Registration of $hostname FAILED!\n"; WardenCommon::errMsg("Parameter 'client_id' is not a integer!");
}
# defined variables by method
my $client_type = "s";
my $valid = "t";
my $registered = DateTime->now;
my $type = undef;
my $receive_own_events = undef;
# connect to DB
my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
my $warden_server = WardenCommon::trim(`hostname -f`);
# check if user defined client_id wasn't used
my ($sth, $client_id_db, $registered_db);
if (defined $client_id) {
$sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
($client_id_db, $registered_db) = $sth->fetchrow();
if (defined $client_id_db) {
sendMsg("err", "Attempt to use client_id (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
WardenCommon::errMsg("Client with ID '$client_id_db' has been already registered at Warden server '$warden_server' in '$registered_db'");
}
}
# check if sender has been already registered
$sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE hostname = ? AND service = ? AND client_type = ? AND ip_net_client = ? LIMIT 1;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute($hostname, $service, $client_type, $ip_net_client) or die "Cannot execute statement: " . $sth->errstr;
($client_id_db, $registered_db) = $sth->fetchrow();
if (defined $client_id_db) {
sendMsg("err", "Attempt to re-register sender (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
WardenCommon::errMsg("Sender has been already registered at Warden server '$warden_server' in '$registered_db' with ID '$client_id_db'");
} else {
# register sender
$sth = $dbh->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?,?);") or die "Cannot prepare statement: " . $dbh->errstr;
my $ret_val = $sth->execute($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client, $valid) or die "Cannot execute statement: " . $sth->errstr;
if ($ret_val == 1) {
my $last_insert_id = $dbh->last_insert_id(undef, undef, "clients", undef);
sendMsg("info", "New sender [ID: '$last_insert_id', Hostname: '$hostname', Requestor: '$requestor', Service: '$service', Description_tags: '$description_tags', CIDR: '$ip_net_client'] has been registered");
WardenCommon::succMsg("Registration of sender (#$last_insert_id) was SUCCESSFUL!!!");
} else {
WardenCommon::errMsg("Registration of sender $hostname ($service) FAILED!!!");
}
}
# cleanup section
END {
if (defined $dbh) {
$dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
}
}
exit 0; exit 0;
src/warden-server/bin/unregisterClient.pl
+ 109
46
View file @ 008ab67b
#!/usr/bin/perl -w #!/usr/bin/perl
# #
# unregisterClient.pl # unregisterClient.pl
# #
# Copyright (C) 2011-2012 Cesnet z.s.p.o # Copyright (C) 2011-2013 Cesnet z.s.p.o
# #
# Use of this source is governed by a BSD-style license, see LICENSE file. # Use of this source is governed by a BSD-style license, see LICENSE file.
use strict; use strict;
use warnings;
use Getopt::Std; use Getopt::Std;
use Switch; use Switch;
use File::Basename; use DBI;
use DBD::mysql;
use DateTime;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use Carp;
use FindBin qw($RealBin $RealScript);
FindBin::again();
use lib "$RealBin/../lib";
use WardenCommon;
our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
my $filename = basename($0);
#------------------------------------------------------------------------------- ################################################################################
# Functions # VARIABLES
#------------------------------------------------------------------------------- ################################################################################
our $VERSION = "2.2";
my $etc = "$RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
WardenCommon::loadConf($conf_file);
################################################################################
# FUNCTIONS
################################################################################
sub usage { sub usage {
print "Usage: $filename [-h -i <client_id>]\n"; print "Usage: $RealScript -i <client_id> [-h -V]\n";
exit 1; exit 1;
} }
sub help { sub help {
print "$filename [-h -i <client_id>]\n"; print "$RealScript -i <client_id> [-h -V]\n";
print "-h print this text and exit\n";
print "-i client_id for unregistration\n"; print "-i client_id for unregistration\n";
print "-h print this text and exit\n";
print "-V print version and exit\n";
exit 0; exit 0;
} }
#------------------------------------------------------------------------------- sub version {
# errMsg - print error message and die print "Current version: $VERSION\n";
#------------------------------------------------------------------------------- exit 0;
sub errMsg }
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string # sendMsg - wrapper for more complex WardenCommon::sendMsg function
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
sub trim sub sendMsg
{ {
my $string = shift; my $severity = shift;
$string =~ s/^\s+//; my $syslog_msg = shift;
$string =~ s/\s+$//;
return $string;
} # End of trim
WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
$syslog_msg, undef, $RealScript);
}
#-------------------------------------------------------------------------------
################################################################################
# MAIN # MAIN
#------------------------------------------------------------------------------- ################################################################################
our ($opt_h, $opt_i); our ($opt_i, $opt_h, $opt_V);
if ($#ARGV == -1) {usage} if ($#ARGV == -1) {
usage;
}
die usage unless getopts("i:h"); die usage unless getopts("i:hV");
my $client_id = $opt_i; my $client_id = $opt_i;
my $help = $opt_h; my $help = $opt_h;
my $script_version = $opt_V;
# catch help param # catch help option
if ($help) { if ($help) {
help; help;
} }
# superuser controle # catch version option
my $UID = $<; if ($script_version) {
if ($UID != 0) {die errMsg("You must be root for running this script!")} version;
}
# check parameters definition # check parameters definition
if (!defined $client_id) { if (!defined $client_id) {
print "ERROR: Parameter 'client_id' is not defined!\n"; WardenCommon::errMsg("Parameter 'client_id' is not defined!");
exit 1;
} }
my $return = WardenReg::unregisterClient($warden_path, $client_id); # connect to DB
$return ? print "Unregistration of client (#$client_id) was SUCCESSFUL...\n" : print "Unregistration of client (# $client_id) FAILED!\n"; my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
my $warden_server = WardenCommon::trim(`hostname -f`);
# check if client has been already registered
my $sth = $dbh->prepare("SELECT client_id, hostname, service, client_type, type FROM clients WHERE client_id = ? AND valid = 't' LIMIT 1;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
my ($id, $hostname, $service, $client_type, $type) = $sth->fetchrow();
# delete registered client
if (!defined $id) {
sendMsg("err", "Attempt to delete unregister client [Client_id: '$client_id'] from Warden server '$warden_server'");
WardenCommon::errMsg("Client (#$client_id) is not registered at Warden server '$warden_server'");
} else {
if ($client_type eq 's') {
$sth = $dbh->prepare("UPDATE clients SET valid = 'f' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
my $ret_val = $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
if ($ret_val == 1) {
$sth = $dbh->prepare("UPDATE events SET valid = 'o' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
$sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
# log message until after invalidate all events
sendMsg("info", "Sender [Client_id: '$client_id', Hostname: '$hostname', Service: '$service'] has been deleted and its data were invalidated from Warden server '$warden_server'");
WardenCommon::succMsg("Unregistration of sender (#$client_id) was SUCCESSFUL!!!");
} else {
WardenCommon::errMsg("Unregistration of sender (#$client_id) FAILED!!!");
}
} else {
$sth = $dbh->prepare("UPDATE clients SET valid = 'f' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
my $ret_val = $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
if ($ret_val == 1) {
sendMsg("info", "Receiver [Client_id: '$client_id', Hostname: '$hostname', Type: '$type'] has been deleted from Warden server '$warden_server'");
WardenCommon::succMsg("Unregistration of receiver (#$client_id) was SUCCESSFUL!!!");
} else {
WardenCommon::errMsg("Unregistration of receiver (#$client_id) FAILED!!!");
}
}
}
# cleanup section
END {
if (defined $dbh) {
$dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
}
}
exit 0; exit 0;
src/warden-server/bin/wardenWatchdog.pl 0 → 100755
+ 207
0
View file @ 008ab67b
#!/usr/bin/perl
#
# WardenWatchdog.pl
#
# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use WardenConf;
use strict;
use warnings;
use DBI;
use DBD::mysql;
use DateTime;
#use Email::Simple;
use Sys::Hostname;
use Text::Wrap;
use Data::Dumper;
sub sendmailWrapper{
my $message = shift;
if(open(my $sendmail, '|/usr/sbin/sendmail -oi -t')){
print $sendmail $message;
close $sendmail;
return 1;
} else {
return (0, "Sending email failed: $!");
}
}
# Array of hashes
#{query => ; text => ; contact => }
# Get clients admins
sub sendReport{
my $input_data = shift;
my $contact = $$input_data{'contact'};
my $domain = $$input_data{'domain'};
my $text = $$input_data{'text'};
my $from_hostname;
my $message;
if(!($contact)){
return (0, "Empty 'To' email header!\n");
}
$domain =~ s/\./\./;
eval{
$from_hostname = hostname();
if(!($from_hostname =~ m/$domain/gi)){
$from_hostname .= $domain;
}
};
if($@){
return (0, "Can't retrive hostname for 'From' header!\n");
}
eval{
#$message = Email::Simple->create(
#header => [
#To => $contact,
#From => 'warden_watchdog@'.$from_hostname,
#Subject => 'Kotrola stavu udalosti na Wardenu'],
#body => fill('','',$text));
};
if($@){
return (0, "Can't create email message\n");
}
print "== $contact ==\n$text\n";
my ($rc, $err) = 1;#sendmailWrapper($message->as_string);
if(!$rc){
return (0, $err);
}
return 1;
}
sub connect_to_DB {
my $dbPlatform = 'mysql';
my $dbName = 'warden';
my $dbHostname = 'localhost';
my $dbUser = 'root';
my $dbPasswd = 'w4rd3n&r00t';
my $dbhRef = shift;
my $dbh;
if($dbh = DBI->connect( "dbi:$dbPlatform:database=$dbName;host=$dbHostname", $dbUser, $dbPasswd, {RaiseError => 1, mysql_auto_reconnect => 1})){
$$dbhRef = $dbh;
return 1;
}
else{
return (0,"Cannot connect to database! ".DBI->errstr);
}
}
sub sendQuery{
my $configRef = shift;
my $eventsRef = shift;
my @config = @{$configRef};
my %bad_events;
my ($rc,$err);
my $dbh;
my $i = 0;
# connect to DB
($rc,$err) = connect_to_DB(\$dbh);
if (!$rc){
return (0, $err);
}
while ($i < scalar(@config)) {
my $contact;
# run DB query -> requestor, client name
my $sth;
if (defined($config[$i]{query})){
$sth = $dbh->prepare($config[$i]{query});
}
else{
return (0, "No query availble\n");
}
if (!($sth->execute)){
return (0, "Couldn't get data from my database: $sth->errstr\n");
};
my @result;
while(@result = $sth->fetchrow()){
if (defined($config[$i]{contact})){
$contact = $config[$i]{contact};
}
else{
$contact = "from_db\@$result[0]";
}
$bad_events{$contact} .= $config[$i]{text} . "DB INFO: ". join(', ',@result) ."\n";
}
$sth->finish;
$i++;
}
# disconnect to DB
$dbh->disconnect;
%$eventsRef = %bad_events;
return 1;
}
sub run{
my $domain = shift;
my $period = shift;
my $date;
eval{
my $dt = DateTime->now();
$dt = DateTime->now()->subtract(days => $period);
$date = $dt->date();
};
if($@){
print "Warden watchdog - can't work with date\n";
#syslog("err|Warden watchdog - can't work with date\n");
}
my @configuration = (
{query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "Hey, this is test of warning for admin!\n"},
{query => "SELECT requestor FROM clients WHERE service IN (SELECT service FROM events WHERE detected > '$date' AND type NOT IN ('portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other') AND valid = 't' GROUP BY service) GROUP BY requestor;", text => "Hey, this is test of warning!\n", contact => 'warden-administrator@cesnet.cz'});
$Text::Wrap::columns = 80;
my %bad_events;
my $i = 0;
while ($i < scalar(@configuration)) {
my ($rc,$err) = sendQuery(\@configuration,\%bad_events);
if (!$rc){
print "Warden watchdog - $err\n";
#syslog("err|Warden watchdog - $err\n");
}
$i++;
}
while (my ($contact, $text) = each(%bad_events)){
my %input = (contact => $contact, domain => $domain, text => $text);
my ($rc,$err) = sendReport(\%input);
if (!$rc){
# TODO syslog
print $err;
#syslog("err|Warden client - networkReporter $err\n");
}
print "\n\n";
}
}
run('warden-dev.cesnet.cz',7);
1;
src/warden-server/doc/CHANGELOG
+ 8
0
View file @ 008ab67b
<<<<<<< HEAD
2013-02-05 v2.1 stable version 2013-02-05 v2.1 stable version
=======
2013-??-?? v2.2 stable version
------------------------------
2012-11-16 v2.1 stable version
>>>>>>> 981838c056f36b6f42b2de30eb017bd7ab441a1e
------------------------------ ------------------------------
- fixed bug in default value of database timestamp type (#576, #577) - fixed bug in default value of database timestamp type (#576, #577)
- fixed bug in getStatus function (#566) - fixed bug in getStatus function (#566)
......
src/warden-server/doc/INSTALL
+ 2
2
View file @ 008ab67b
...@@ -52,7 +52,7 @@ D. Post-installation steps ...@@ -52,7 +52,7 @@ D. Post-installation steps
- include parameters from the Warden server configuration file (<warden-server_path>/etc/warden-apache.conf) - include parameters from the Warden server configuration file (<warden-server_path>/etc/warden-apache.conf)
# vim /etc/apache2/sites-enables/default(-ssl) # vim /etc/apache2/sites-enabled/default(-ssl)
<VirtualHost *:443> <VirtualHost *:443>
... ...
...@@ -93,7 +93,7 @@ D. Post-installation steps ...@@ -93,7 +93,7 @@ D. Post-installation steps
4) Warden server configuration 4) Warden server configuration
- configure warden-server.conf, warden-client.conf and warden-apache.conf placed in <warden-server_path>/etc directory - configure warden-server.conf and warden-apache.conf placed in <warden-server_path>/etc directory
5) Restart of Apache server 5) Restart of Apache server
......
src/warden-server/doc/LICENSE
+ 1
1
View file @ 008ab67b
BSD License BSD License
Copyright © 2011-2012 Cesnet z.s.p.o Copyright © 2011-203 Cesnet z.s.p.o
All rights reserved. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, Redistribution and use in source and binary forms, with or without modification,
......
src/warden-server/doc/README
+ 25
42
View file @ 008ab67b
+----------------------------+ +----------------------------+
| README - Warden Server 2.1 | | README - Warden Server 2.2 |
+----------------------------+ +----------------------------+
Content Content
...@@ -25,7 +25,11 @@ A. Overall Information ...@@ -25,7 +25,11 @@ A. Overall Information
2. Version 2. Version
<<<<<<< HEAD
2.1 (2013-02-05) 2.1 (2013-02-05)
=======
2.2 (2013-??-??)
>>>>>>> 981838c056f36b6f42b2de30eb017bd7ab441a1e
3. Package structure 3. Package structure
...@@ -49,13 +53,10 @@ A. Overall Information ...@@ -49,13 +53,10 @@ A. Overall Information
etc/ etc/
package_version package_version
warden-apache.conf warden-apache.conf
warden-client.conf
warden-server.conf warden-server.conf
lib/ lib/
WardenConf.pm
Warden.pm Warden.pm
WardenReg.pm WardenCommon.pm
WardenStatus.pm
Warden/ Warden/
ApacheDispatch.pm ApacheDispatch.pm
uninstall.sh uninstall.sh
...@@ -94,11 +95,11 @@ C. Installation ...@@ -94,11 +95,11 @@ C. Installation
1. Check SHA1 checksum of the Warden server package archive. 1. Check SHA1 checksum of the Warden server package archive.
$ sha1sum -c warden-server-2.1.tar.gz.sig $ sha1sum -c warden-server-2.2.tar.gz.sig
2. Untar it. 2. Untar it.
$ tar xzvf warden-server-2.1.tar.gz $ tar xzvf warden-server-2.2.tar.gz
3. Run install.sh. 3. Run install.sh.
...@@ -123,16 +124,10 @@ C. Installation ...@@ -123,16 +124,10 @@ C. Installation
4. Configuration files 4. Configuration files
You are advised to check configuration file warden-apache.conf, You are advised to check configuration file warden-apache.conf and
warden-server.conf and warden-client.conf in warden-server/etc/ warden-server.conf in warden-server/etc/ directory after installation.
directory after installation. For more information about post-installation For more information about post-installation steps see INSTALL file in
steps see INSTALL file in 'doc' directory. 'doc' directory.
Although this is the Warden server package it also contains several
functions (for administration and maintenance) that are strictly
client-side in a way the Warden system handles functions. Therefore you have
to check both server and client config files to make sure your installation
of the Warden server was successful and complete.
SOAP protocol is used for handling communication between server and clients. SOAP protocol is used for handling communication between server and clients.
Therefore, correct URI of Warden server must be set. Therefore, correct URI of Warden server must be set.
...@@ -142,22 +137,8 @@ C. Installation ...@@ -142,22 +137,8 @@ C. Installation
Configuration files contain following parameters: Configuration files contain following parameters:
a) warden-client.conf:
URI - URI Warden server
e.g. 'https://warden.server.com:443/Warden'
SSL_KEY_FILE - path to a host key file,
e.g. '/etc/ssl/private/warden.server.com.key'
SSL_CERT_FILE - path to a host certificate file,
e.g. '/etc/ssl/certs/warden.server.com.pem'
SSL_CA_FILE - path to a CA file
e.g. '/etc/ssl/certs/tcs-ca-bundle.pem'
b) warden-server.conf: a) warden-server.conf:
The Warden server configuration file contains: The Warden server configuration file contains:
...@@ -197,7 +178,7 @@ C. Installation ...@@ -197,7 +178,7 @@ C. Installation
); );
c) warden-apache.conf b) warden-apache.conf
The Apache2 configuration file for Warden server: The Apache2 configuration file for Warden server:
...@@ -295,7 +276,7 @@ G. Registration of Clients ...@@ -295,7 +276,7 @@ G. Registration of Clients
The Warden server administrator is responsible for registering new clients or The Warden server administrator is responsible for registering new clients or
removing those already registered. Both registration or unregistration scripts removing those already registered. Both registration or unregistration scripts
are provided in the Warden server package. Those scripts should be run from are provided in the Warden server package. Those scripts should be run from
localhost (the same machine the Warden server is installed and running on). the same machine the Warden server is installed and running on.
Members of Warden community who would like to have their client registered must Members of Warden community who would like to have their client registered must
contact the Warden server administrator with the requirement. This is usually contact the Warden server administrator with the requirement. This is usually
...@@ -314,7 +295,8 @@ G. Registration of Clients ...@@ -314,7 +295,8 @@ G. Registration of Clients
client registration, client registration,
service - name of the service of a new registered client, service - name of the service of a new registered client,
description_tags - tags describing the nature of the service, description_tags - tags describing the nature of the service,
ip_net_client - CIDR the client is only allowed to communicate from. ip_net_client - CIDR the client is only allowed to communicate from,
client_id - user defined client ID (optionaly).
One can run registerSender.pl with -h argument to see a help. One can run registerSender.pl with -h argument to see a help.
...@@ -333,14 +315,15 @@ G. Registration of Clients ...@@ -333,14 +315,15 @@ G. Registration of Clients
for receiving of all types of events, for receiving of all types of events,
receive_own_events - boolean value describing if events originating from receive_own_events - boolean value describing if events originating from
the same CIDR will be sent to the client, the same CIDR will be sent to the client,
ip_net_client - CIDR the client is only allowed to communicate from. ip_net_client - CIDR the client is only allowed to communicate from,
client_id - user defined client ID (optionaly)
One can run registerReceiver.pl with -h argument to see a help. One can run registerReceiver.pl with -h argument to see a help.
3. Unregister Client 3. Unregister Client
In the Warden system, already registered clients can be removed In the Warden system, already registered clients can be unregistered
(unregistered) via unregisterClient.pl. via unregisterClient.pl.
Following attribute must be provided in order to unregister existing client Following attribute must be provided in order to unregister existing client
successfully: successfully:
...@@ -349,9 +332,9 @@ G. Registration of Clients ...@@ -349,9 +332,9 @@ G. Registration of Clients
One can run unregisterClient.pl with -h argument to see a help. One can run unregisterClient.pl with -h argument to see a help.
The process of unregistration deletes this client from clients table in DB. The process of unregistration set client (specified by client_id) like 'invalid'
But all messages stored by this client (considering "sender" client) are not in DB table clients and all messages stored by this client (considering "sender"
deleted, they are merely set 'invalid' in DB table events. client) are not deleted, they are merely set 'invalid' in DB table events too.
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
H. Status Info H. Status Info
...@@ -376,4 +359,4 @@ H. Status Info ...@@ -376,4 +359,4 @@ H. Status Info
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Copyright (C) 2011-2012 Cesnet z.s.p.o Copyright (C) 2011-2013 Cesnet z.s.p.o
src/warden-server/doc/warden.mysql
+ 2
2
View file @ 008ab67b
...@@ -41,6 +41,7 @@ CREATE TABLE `clients` ( ...@@ -41,6 +41,7 @@ CREATE TABLE `clients` (
`receive_own_events` varchar(1) default NULL, `receive_own_events` varchar(1) default NULL,
`description_tags` varchar(256) default NULL, `description_tags` varchar(256) default NULL,
`ip_net_client` varchar(256) default NULL, `ip_net_client` varchar(256) default NULL,
`valid` varchar(1) DEFAULT NULL,
PRIMARY KEY (`client_id`) PRIMARY KEY (`client_id`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1; ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client; SET character_set_client = @saved_cs_client;
...@@ -54,8 +55,6 @@ SET @saved_cs_client = @@character_set_client; ...@@ -54,8 +55,6 @@ SET @saved_cs_client = @@character_set_client;
SET character_set_client = utf8; SET character_set_client = utf8;
CREATE TABLE `events` ( CREATE TABLE `events` (
`id` int(11) NOT NULL auto_increment, `id` int(11) NOT NULL auto_increment,
`hostname` varchar(256) default NULL,
`service` varchar(64) default NULL,
`detected` timestamp NOT NULL default '0000-00-00 00:00:00', `detected` timestamp NOT NULL default '0000-00-00 00:00:00',
`received` timestamp NOT NULL default '0000-00-00 00:00:00', `received` timestamp NOT NULL default '0000-00-00 00:00:00',
`type` varchar(64) default NULL, `type` varchar(64) default NULL,
...@@ -68,6 +67,7 @@ CREATE TABLE `events` ( ...@@ -68,6 +67,7 @@ CREATE TABLE `events` (
`priority` int(1) unsigned default NULL, `priority` int(1) unsigned default NULL,
`timeout` int(2) unsigned default NULL, `timeout` int(2) unsigned default NULL,
`valid` varchar(1) default NULL, `valid` varchar(1) default NULL,
`client_id` int(11) DEFAULT NULL,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1; ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client; SET character_set_client = @saved_cs_client;
......
src/warden-server/doc/warden20to21.patch deleted 100644 → 0
+ 0
8
View file @ 505ba410
ALTER TABLE `clients` CHANGE `registered` `registered` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00';
ALTER TABLE `events`
CHANGE `detected` `detected` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
CHANGE `target_port` `target_port` INT( 2 ) UNSIGNED DEFAULT NULL ,
CHANGE `attack_scale` `attack_scale` INT( 4 ) UNSIGNED DEFAULT NULL ,
CHANGE `priority` `priority` INT( 1 ) UNSIGNED DEFAULT NULL ,
CHANGE `timeout` `timeout` INT( 2 ) UNSIGNED DEFAULT NULL;
src/warden-server/doc/warden21to22.patch 0 → 100644
+ 7
0
View file @ 008ab67b
ALTER TABLE `clients`
ADD `valid` varchar(1) DEFAULT NULL;
ALTER TABLE `events`
DROP COLUMN `hostname`,
DROP COLUMN `service`,
ADD `client_id` int(11) DEFAULT NULL;
src/warden-server/etc/package_version
+ 1
1
View file @ 008ab67b
warden-server-2.1 warden-server-2.2
src/warden-server/etc/warden-apache.conf
+ 6
5
View file @ 008ab67b
# #
#
# warden-apache.conf - configuration file for the Apache server # warden-apache.conf - configuration file for the Apache server
# #
...@@ -10,8 +11,8 @@ SSLOptions +StdEnvVars +ExportCertData ...@@ -10,8 +11,8 @@ SSLOptions +StdEnvVars +ExportCertData
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/warden-dev.cesnet.cz.pem SSLCertificateFile /etc/ssl/certs/warden-c.cesnet.cz.pem
SSLCertificateKeyFile /etc/ssl/private/warden-dev.cesnet.cz.key SSLCertificateKeyFile /etc/ssl/private/warden-c.cesnet.cz.key
SSLCACertificateFile /etc/ssl/certs/tcs-ca-bundle.pem SSLCACertificateFile /etc/ssl/certs/tcs-ca-bundle.pem
PerlOptions +Parent PerlOptions +Parent
......
src/warden-server/etc/warden-client.conf deleted 100644 → 0
+ 0
23
View file @ 505ba410
#
# warden-client.conf - configuration file for registration and status clients
#
#-------------------------------------------------------------------------------
# URI - URI address of Warden server
#-------------------------------------------------------------------------------
$URI = "https://warden-dev.cesnet.cz:443/Warden";
#-------------------------------------------------------------------------------
# SSL_KEY_FILE - path to server SSL certificate key file
#-------------------------------------------------------------------------------
$SSL_KEY_FILE = "/etc/ssl/private/warden-dev.cesnet.cz.key";
#-------------------------------------------------------------------------------
# SSL_CERT_FILE - path to server SSL certificate file
#-------------------------------------------------------------------------------
$SSL_CERT_FILE = "/etc/ssl/certs/warden-dev.cesnet.cz.pem";
#-------------------------------------------------------------------------------
# SSL_CA_FILE - path to CA certificate file
#-------------------------------------------------------------------------------
$SSL_CA_FILE = "/etc/ssl/certs/tcs-ca-bundle.pem";
src/warden-server/etc/warden-server.conf
+ 10
10
View file @ 008ab67b
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server # BASEDIR - base directory of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$BASEDIR = '/opt/warden-server'; $BASEDIR = "/opt/warden-server";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# SYSLOG - enable/disable syslog logging # SYSLOG - enable/disable syslog logging
...@@ -20,38 +20,38 @@ $SYSLOG_VERBOSE = 1; ...@@ -20,38 +20,38 @@ $SYSLOG_VERBOSE = 1;
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# SYSLOG_FACILITY - syslog facility # SYSLOG_FACILITY - syslog facility
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$SYSLOG_FACILITY = 'local7'; $SYSLOG_FACILITY = "local7";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_NAME - MySQL database name of Warden server # DB_NAME - MySQL database name of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_NAME = 'warden'; $DB_NAME = "warden";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_USER - MySQL database user of Warden server # DB_USER - MySQL database user of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_USER = 'root'; $DB_USER = "root";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_PASS - MySQL database password of Warden server # DB_PASS - MySQL database password of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_PASS = ''; $DB_PASS = "";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_HOST - MySQL database host # DB_HOST - MySQL database host
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_HOST = 'localhost'; $DB_HOST = "localhost";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be # MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
# delivered to one client in one batch # delivered to one client in one batch
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$MAX_EVENTS_LIMIT = '1000000'; $MAX_EVENTS_LIMIT = 1000000;
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# VALID_STRINGS - validation hash containing allowed event attributes # VALID_STRINGS - validation hash containing allowed event attributes
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
%VALID_STRINGS = ( %VALID_STRINGS = (
'type' => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'], "type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"],
'source_type' => ['IP', 'URL', 'Reply-To:'] "source_type" => ["IP", "URL", "Reply-To:"]
); );
src/warden-server/lib/Warden.pm
+ 211
99
View file @ 008ab67b
This diff is collapsed.
src/warden-server/lib/Warden/ApacheDispatch.pm
+ 1
1
View file @ 008ab67b
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# #
# ApacheDispatch.pm # ApacheDispatch.pm
# #
# Copyright (C) 2011-2012 Cesnet z.s.p.o # Copyright (C) 2011-2013 Cesnet z.s.p.o
# #
# Use of this source is governed by a BSD-style license, see LICENSE file. # Use of this source is governed by a BSD-style license, see LICENSE file.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment