# obtain cidr based on rigth common name, service and client_type
$sth=$DBH->prepare("SELECT ip_net_client FROM clients WHERE hostname = $cn_db AND service = $service_db AND client_type = $client_type_db;");
# obtain cidr based on rigth common name and alternate names, service and client_type
$sth=$DBH->prepare("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND service = $service_db AND client_type = $client_type_db limit 1;");
if(!defined$sth){die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my$cidr=$sth->fetchrow();
my($an,$cidr)=$sth->fetchrow();
# check if client is registered
if(!defined$cidr){
write2log("err","Unauthorized access to saveNewEvent from: $IP ($CN) - client is not registered");
write2log("err","Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
}else{
$cidr_list=Net::CIDR::Lite
...
...
@@ -238,7 +263,7 @@ sub saveNewEvent
# check if client has IP from registered CIDR
if(!$cidr_list->bin_find($IP)){
write2log("err","Unauthorized access to saveNewEvent from: $IP ($CN) - access from bad subnet: $cidr");
write2log("err","Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
die("Access denied - access from bad subnet!");
}else{
...
...
@@ -252,7 +277,7 @@ sub saveNewEvent
if(!defined$sth){die("Cannot prepare last ID statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my$id=$sth->fetchrow();
write2log("info","Stored new event (#$id) from $IP ($CN)");
write2log("info","Stored new event (#$id) from $IP (CN: $CN; AN: $an)");
if(!defined$id){
write2log("err","Event from $IP ($CN) was not save: INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
# obtain cidr based on rigth common name, service and client_type
$sth=$DBH->prepare("SELECT receive_own_events, ip_net_client FROM clients WHERE hostname = $cn_db AND type = $requested_type_db AND client_type = $client_type_db;");
$sth=$DBH->prepare("SELECT hostname, receive_own_events, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND type = $requested_type_db AND client_type = $client_type_db limit 1;");
if(!defined$sth){die("Cannot prepare authorization statement in getNewEvents: $DBI::errstr\n")}