You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
435 lines
16 KiB
435 lines
16 KiB
#!/usr/bin/perl |
|
# |
|
# This periodically runs a basic ping sweep using nmap to find devices on the given network. As devices are |
|
# found, they may be further processed (ie: to see if a MAC address matches a server to find the IP address |
|
# of a hosted server). |
|
# |
|
# Exit codes; |
|
# 0 = Normal exit |
|
# 1 = No databases available. |
|
# 2 = The '--network X' value is not valid. |
|
# 3 = Not yet time to rescan. |
|
# |
|
# TODO: * Support '--dhcp' where, if set, we look up the DHCP range offered by the Striker dashboard(s) and |
|
# scan just the lease range. This should speed up discovery of new/replacement foundation pack |
|
# equipment. |
|
|
|
use strict; |
|
use warnings; |
|
use Anvil::Tools; |
|
use Data::Dumper; |
|
|
|
# Turn off buffering so that the pinwheel will display while waiting for the SSH call(s) to complete. |
|
$| = 1; |
|
|
|
my $THIS_FILE = ($0 =~ /^.*\/(.*)$/)[0]; |
|
my $running_directory = ($0 =~ /^(.*?)\/$THIS_FILE$/)[0]; |
|
if (($running_directory =~ /^\./) && ($ENV{PWD})) |
|
{ |
|
$running_directory =~ s/^\./$ENV{PWD}/; |
|
} |
|
|
|
my $anvil = Anvil::Tools->new(); |
|
|
|
# Make sure we're running as 'root' |
|
# $< == real UID, $> == effective UID |
|
if (($< != 0) && ($> != 0)) |
|
{ |
|
# Not root |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, 'print' => 1, level => 0, key => "error_0005"}); |
|
$anvil->nice_exit({exit_code => 5}); |
|
} |
|
|
|
$anvil->Database->connect; |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, secure => 0, key => "log_0132"}); |
|
if (not $anvil->data->{sys}{database}{connections}) |
|
{ |
|
# No databases, exit. |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0003"}); |
|
$anvil->nice_exit({exit_code => 1}); |
|
} |
|
|
|
# Do we have a specified network to scan? |
|
$anvil->data->{switches}{network} = ""; |
|
$anvil->data->{switches}{'job-uuid'} = ""; |
|
$anvil->data->{switches}{force} = ""; |
|
$anvil->Get->switches; |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, secure => 0, key => "log_0115", variables => { program => $THIS_FILE }}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
"switches::network" => $anvil->data->{switches}{network}, |
|
"switches::job-uuid" => $anvil->data->{switches}{'job-uuid'}, |
|
"switches::force" => $anvil->data->{switches}{force}, |
|
}}); |
|
|
|
|
|
update_progress($anvil, 0, "clear"); |
|
update_progress($anvil, 1, "log_0239,!!job-uuid!".$anvil->data->{switches}{'job-uuid'}."!!"); |
|
$anvil->data->{progress} = 1; |
|
|
|
check_if_time($anvil); |
|
scan($anvil); |
|
|
|
# We're done |
|
print $anvil->Words->string({key => "message_0025"})."\n"; |
|
update_progress($anvil, 100, "message_0025"); |
|
$anvil->nice_exit({exit_code => 0}); |
|
|
|
|
|
############################################################################################################# |
|
# Functions # |
|
############################################################################################################# |
|
|
|
# If this is being called as a job, this will allow the progress to be updated. |
|
sub update_progress |
|
{ |
|
my ($anvil, $progress, $message) = @_; |
|
$progress = 95 if $progress > 100; |
|
|
|
if (not $anvil->data->{switches}{'job-uuid'}) |
|
{ |
|
return(0); |
|
} |
|
|
|
$anvil->Job->update_progress({ |
|
progress => $progress, |
|
message => $message, |
|
job_uuid => $anvil->data->{switches}{'job-uuid'}, |
|
}); |
|
|
|
return(0); |
|
} |
|
|
|
# This checks to see if it's time to run the scan yet or not. If not, it will exit the program. If so, it |
|
# returns with '0'. |
|
sub check_if_time |
|
{ |
|
my ($anvil) = @_; |
|
|
|
# NOTE: We only scan once a day, unless 'force' is used. |
|
if ($anvil->data->{switches}{force}) |
|
{ |
|
return(0); |
|
} |
|
elsif ($anvil->data->{switches}{network}) |
|
{ |
|
# We're being asked to scan a specific network. |
|
return(0); |
|
} |
|
elsif (not $anvil->data->{switches}{'job-uuid'}) |
|
{ |
|
# No job_uuid, so a manual call. |
|
return(0); |
|
} |
|
else |
|
{ |
|
my ($unixtime, $variable_uuid, $modified_date) = $anvil->Database->read_variable({variable_name => "network-scan::scanned"}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
unixtime => $unixtime, |
|
variable_uuid => $variable_uuid, |
|
modified_date => $modified_date, |
|
}}); |
|
if (($unixtime eq "") or ($unixtime =~ /\D/)) |
|
{ |
|
$unixtime = 0; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { unixtime => $unixtime }}); |
|
} |
|
|
|
### TODO: Allow the user to set a "scan time" that will wait until the local time is after a |
|
### certain time before scaning. Also, allow the user to disable auto-scan entirely. |
|
# If the database variable 'network-scan::scanned' is not set, or is more than 24 hours old, |
|
# scan. |
|
$anvil->data->{'network-scan'}{'scan-period'} = 86400 if not defined $anvil->data->{'network-scan'}{'scan-period'}; |
|
$anvil->data->{'network-scan'}{'scan-period'} =~ s/,//g; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
'network-scan::scan-period' => $anvil->data->{'network-scan'}{'scan-period'}, |
|
}}); |
|
if ($anvil->data->{'network-scan'}{'scan-period'} =~ /\D/) |
|
{ |
|
$anvil->data->{'network-scan'}{'scan-period'} = 86400; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
'network-scan::scan-period' => $anvil->data->{'network-scan'}{'scan-period'}, |
|
}}); |
|
} |
|
my $time_now = time; |
|
my $next_scan = $unixtime + $anvil->data->{'network-scan'}{'scan-period'}; |
|
my $difference = ($next_scan - $time_now); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
's1:time_now' => $time_now, |
|
's2:next_scan' => $next_scan, |
|
's3:difference' => $difference, |
|
}}); |
|
if ((not $variable_uuid) or ($unixtime !~ /^\d+/) or ($difference < 0)) |
|
{ |
|
# It's been long enough (or it's the first time), scan. |
|
return(0); |
|
} |
|
elsif ($difference > 0) |
|
{ |
|
# Log when the next scan will happen and then exit. |
|
my $say_when = $anvil->Convert->time({'time' => $difference, long => 1}); |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, 'print' => 1, key => "log_0450", variables => { next_scan => $anvil->Convert->add_commas({number => $say_when}) }}); |
|
update_progress($anvil, 100, "log_0450,!!next_scan!".$anvil->Convert->add_commas({number => $say_when})."!!"); |
|
$anvil->nice_exit({exit_code => 3}); |
|
} |
|
} |
|
|
|
return(0); |
|
} |
|
|
|
# This scans any networks passed in. |
|
sub scan |
|
{ |
|
my ($anvil) = @_; |
|
|
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "switches::network" => $anvil->data->{switches}{network} }}); |
|
if ($anvil->data->{switches}{network}) |
|
{ |
|
# If this network is a specific subnet, scan it. If the network is 'bcn', 'sn', 'ifn' or |
|
# 'bcnX', 'snX', 'snX', find the network on the appropriate interfaces and use it's network. |
|
if ($anvil->data->{switches}{network} =~ /^(\d+.*?)\/(\d+.*)$/) |
|
{ |
|
my $ip = $1; |
|
my $subnet_mask = $2; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "switches::network" => $anvil->data->{switches}{network} }}); |
|
|
|
my $ip_valid = $anvil->Validate->ipv4({ip => $ip}); |
|
my $subnet_mask_valid = $anvil->Validate->ipv4({ip => $subnet_mask}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
ip_valid => $ip_valid, |
|
subnet_mask_valid => $subnet_mask_valid, |
|
}}); |
|
if (not $subnet_mask_valid) |
|
{ |
|
# Migt be cidr |
|
if (($subnet_mask =~ /^\d+$/) && ($subnet_mask >= 0) && ($subnet_mask <= 32)) |
|
{ |
|
# Valid CIDR address |
|
$subnet_mask_valid = 1; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { subnet_mask_valid => $subnet_mask_valid }}); |
|
} |
|
} |
|
|
|
if ((not $ip_valid) or (not $subnet_mask_valid)) |
|
{ |
|
# Bail out. |
|
update_progress($anvil, 100, "error_0097,!!range!".$anvil->data->{switches}{network}."!!"); |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0097", variables => { range => $anvil->data->{switches}{network} }}); |
|
$anvil->nice_exit({exit_code => 2}); |
|
} |
|
else |
|
{ |
|
# Scan it! |
|
call_nmap($anvil, $anvil->data->{switches}{network}); |
|
} |
|
} |
|
else |
|
{ |
|
# If the address is [bc|s|if]n[X], scan it. |
|
$anvil->Network->get_ips(); |
|
my $target = "local"; |
|
my $to_scan = []; |
|
foreach my $interface (sort {$a cmp $b} keys %{$anvil->data->{network}{$target}{interface}}) |
|
{ |
|
my $ip = $anvil->data->{network}{$target}{interface}{$interface}{ip}; |
|
my $subnet_mask = $anvil->data->{network}{$target}{interface}{$interface}{subnet_mask}; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
ip => $ip, |
|
subnet_mask => $subnet_mask, |
|
}}); |
|
if (($ip) && ($subnet_mask)) |
|
{ |
|
# Is this one we're interested in? |
|
my $network_name = $anvil->data->{switches}{network}; |
|
if ($interface =~ /^$network_name/) |
|
{ |
|
# Yup! |
|
my $network = $anvil->Network->get_network({ip => $ip, subnet_mask => $subnet_mask}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { network => $network }}); |
|
|
|
if ($network) |
|
{ |
|
# Scan it. |
|
my $address = $network."/".$subnet_mask; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { address => $address }}); |
|
push @{$to_scan}, $address; |
|
} |
|
} |
|
} |
|
} |
|
|
|
# Scan what we found |
|
foreach my $address (sort {$a cmp $b} @{$to_scan}) |
|
{ |
|
call_nmap($anvil, $address); |
|
} |
|
} |
|
} |
|
else |
|
{ |
|
# Scan all the networks we have. |
|
$anvil->Network->get_ips(); |
|
my $target = "local"; |
|
my $to_scan = []; |
|
foreach my $interface (sort {$a cmp $b} keys %{$anvil->data->{network}{$target}{interface}}) |
|
{ |
|
my $ip = $anvil->data->{network}{$target}{interface}{$interface}{ip}; |
|
my $subnet_mask = $anvil->data->{network}{$target}{interface}{$interface}{subnet_mask}; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
ip => $ip, |
|
subnet_mask => $subnet_mask, |
|
}}); |
|
if (($ip) && ($subnet_mask)) |
|
{ |
|
my $network = $anvil->Network->get_network({ip => $ip, subnet_mask => $subnet_mask}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { network => $network }}); |
|
|
|
if ($network) |
|
{ |
|
# Scan it. |
|
my $address = $network."/".$subnet_mask; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { address => $address }}); |
|
push @{$to_scan}, $address; |
|
} |
|
} |
|
} |
|
|
|
# Scan what we found |
|
foreach my $address (sort {$a cmp $b} @{$to_scan}) |
|
{ |
|
call_nmap($anvil, $address); |
|
} |
|
} |
|
|
|
# Update the rescan time to now, if no specific network was given. |
|
if (not $anvil->data->{switches}{network}) |
|
{ |
|
$anvil->Database->insert_or_update_variables({ |
|
debug => 3, |
|
variable_name => "network-scan::scanned", |
|
variable_value => time, |
|
variable_default => "", |
|
variable_description => "striker_0140", |
|
variable_section => "system", |
|
variable_source_uuid => $anvil->Get->host_uuid, |
|
variable_source_table => "hosts", |
|
}); |
|
} |
|
|
|
return(0); |
|
} |
|
|
|
# This calls nmap and parses |
|
sub call_nmap |
|
{ |
|
my ($anvil, $address) = @_; |
|
|
|
# The subnet can't be dotted decimal, so convert it to CIDR notation, if needed. |
|
my ($ip, $subnet_mask) = ($address =~ /^(\d+.*?)\/(\d.*)$/); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
ip => $ip, |
|
subnet_mask => $subnet_mask, |
|
}}); |
|
if ($anvil->Validate->ipv4({ip => $subnet_mask})) |
|
{ |
|
# Convert to CIDR |
|
my $cidr = $anvil->Convert->cidr({subnet_mask => $subnet_mask}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { cidr => $cidr }}); |
|
|
|
if (($cidr >= 0) && ($cidr <= 32)) |
|
{ |
|
$address = $ip."/".$cidr; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { address => $address }}); |
|
} |
|
} |
|
|
|
$anvil->data->{progress} += 10; |
|
update_progress($anvil, $anvil->data->{progress}, "log_0445,!!range!".$address."!!"); |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "log_0445", variables => { range => $address }}); |
|
|
|
# Make the call directly, instead of using 'System->call', so that we can show output as it's found. |
|
my $this_ip = ""; |
|
my $this_mac = ""; |
|
my $section = ""; |
|
my $shell_call = $anvil->data->{path}{exe}{nmap}." -sP -T4 --min-parallelism 100 --max-parallelism 256 ".$address; |
|
open (my $file_handle, $shell_call." 2>&1 |") or $anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, secure => 0, priority => "err", key => "log_0014", variables => { shell_call => $shell_call, error => $! }}); |
|
while(<$file_handle>) |
|
{ |
|
chomp; |
|
my $line = $_; |
|
$line =~ s/\n$//; |
|
$line =~ s/\r$//; |
|
$line = $anvil->Words->clean_spaces({'string' => $line}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { line => $line }}); |
|
|
|
$section .= $line."\n"; |
|
|
|
if ($line =~ /^Nmap scan report for (\d+\.\d+\.\d+\.\d+)$/i) |
|
{ |
|
$this_ip = $1; |
|
$this_mac = ""; |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
's1:this_mac' => $this_mac, |
|
's2:this_ip' => $this_ip, |
|
}}); |
|
} |
|
if ($line =~ /MAC Address: (.*?) \(/) |
|
{ |
|
$this_mac = $1; |
|
$this_mac = lc($this_mac); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
's1:this_mac' => $this_mac, |
|
's2:this_ip' => $this_ip, |
|
}}); |
|
|
|
# Sane? |
|
my $mac_valid = $anvil->Validate->hex({string => $this_mac, sloppy => 1}); |
|
my $ip_valid = $anvil->Validate->ipv4({ip => $this_ip}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { |
|
mac_valid => $mac_valid, |
|
ip_valid => $ip_valid, |
|
}}); |
|
|
|
# Store |
|
if (($mac_valid) && ($ip_valid)) |
|
{ |
|
$anvil->data->{progress} += 1; |
|
$anvil->data->{progress} = 95 if $anvil->data->{progress} > 95; |
|
my $company = $anvil->Network->get_company_from_mac({debug => 2, mac => $this_mac }); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { company => $company }}); |
|
|
|
update_progress($anvil, $anvil->data->{progress}, "log_0446,!!ip!".$this_ip."!!,!!mac!".$this_mac."!!,!!company!".$company."!!"); |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "log_0446", variables => { |
|
ip => $this_ip, |
|
mac => $this_mac, |
|
company => $company, |
|
}}); |
|
my ($mac_to_ip_uuid) = $anvil->Database->insert_or_update_mac_to_ip({ |
|
debug => 3, |
|
file => $THIS_FILE, |
|
line => __LINE__, |
|
mac_to_ip_mac_address => $this_mac, |
|
mac_to_ip_ip_address => $this_ip, |
|
update_note => 0, |
|
}); |
|
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 3, list => { mac_to_ip_uuid => $mac_to_ip_uuid }}); |
|
} |
|
else |
|
{ |
|
# Parse error |
|
$anvil->data->{progress} += 2; |
|
$section =~ s/\n//g; |
|
update_progress($anvil, $anvil->data->{progress}, "log_0444,!!ip!".$this_ip."!!,!!mac!".$this_mac."!!,!!section!".$section."!!"); |
|
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "alert", key => "log_0444", variables => { |
|
ip => $this_ip, |
|
mac => $this_mac, |
|
section => $section, |
|
}}); |
|
} |
|
|
|
$section = ""; |
|
} |
|
} |
|
close $file_handle; |
|
|
|
return(0); |
|
}
|
|
|