1 package ArpHandler;
3 use Exporter;
4 @ISA = ("Exporter");
6 use strict;
7 use warnings;
8 use GOSA::GosaSupportDaemon;
9 use POSIX;
10 use Fcntl;
11 use Net::LDAP;
12 use Net::LDAP::LDIF;
13 use Net::LDAP::Entry;
14 use Net::DNS;
15 use Switch;
16 use Data::Dumper;
18 # Don't start if some of the modules are missing
19 my $start_service=1;
20 BEGIN{
21 unless(eval('use Socket qw(PF_INET SOCK_DGRAM inet_ntoa sockaddr_in)')) {
22 $start_service=0;
23 }
24 unless(eval('use POE qw(Component::Pcap Component::ArpWatch)')) {
25 $start_service=0;
26 }
27 }
29 END{}
31 my ($timeout, $mailto, $mailfrom, $user, $group);
32 my %daemon_children;
33 my ($ldap, $bind_phrase, $password, $ldap_base, $interface) ;
34 my $hosts_database={};
35 my $resolver=Net::DNS::Resolver->new;
37 $ldap_base = "dc=gonicus,dc=de" ;
38 $interface = "all";
40 sub get_module_info {
41 my @info = (undef,
42 undef,
43 undef,
44 undef,
45 "socket",
46 );
48 # Don't start if some of the modules are missing
49 if($start_service) {
50 eval {
51 $ldap = Net::LDAP->new("ldap.intranet.gonicus.de");
52 };
53 if (!$ldap) {
54 &main::daemon_log("Could not connect to LDAP Server!\n$@", 1);
55 }
57 # When interface is not configured (or 'all'), start arpwatch on all possible interfaces
58 if ((!defined($interface)) || $interface eq 'all') {
59 foreach my $device(&get_interfaces) {
60 # TODO: Need a better workaround for IPv4-to-IPv6 bridges
61 if($device =~ m/^sit\d+$/) {
62 next;
63 }
65 # If device has a valid mac address
66 if(not(&get_mac($device) eq "00:00:00:00:00:00")) {
67 &main::daemon_log("Starting ArpWatch on $device", 1);
68 POE::Session->create(
69 inline_states => {
70 _start => sub {
71 &start(@_,$device);
72 },
73 _stop => sub {
74 $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
75 },
76 got_packet => \&got_packet,
77 },
78 );
79 }
80 }
81 } else {
82 foreach my $device(split(/[\s,]+/, $interface)) {
83 &main::daemon_log("Starting ArpWatch on $device", 1);
84 POE::Session->create(
85 inline_states => {
86 _start => sub {
87 &start(@_,$device);
88 },
89 _stop => sub {
90 $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
91 },
92 got_packet => \&got_packet,
93 },
94 );
95 }
96 }
97 }
98 return \@info;
99 }
101 sub process_incoming_msg {
102 return 1;
103 }
105 sub start {
106 my $device = (exists($_[ARG0])?$_[ARG0]:'eth0');
107 POE::Component::ArpWatch->spawn(
108 Alias => sprintf("arp_watch_$device"),
109 Device => $device,
110 Dispatch => 'got_packet',
111 Session => $_[SESSION],
112 );
114 $_[KERNEL]->post( sprintf("arp_watch_$device") => 'run' );
115 }
117 sub got_packet {
118 my $packet = $_[ARG0];
120 if( $packet->{source_haddr} eq "00:00:00:00:00:00" ||
121 $packet->{source_haddr} eq "ff:ff:ff:ff:ff:ff" ||
122 $packet->{source_ipaddr} eq "0.0.0.0") {
123 return;
124 }
126 if(!exists($hosts_database->{$packet->{source_haddr}})) {
127 my $dnsresult= $resolver->search($packet->{source_ipaddr});
128 my $dnsname= (defined($dnsresult))?$dnsresult->{answer}[0]->{ptrdname}:$packet->{source_ipaddr};
129 my $ldap_result=&get_host_from_ldap($packet->{source_haddr});
130 if(exists($ldap_result->{dn})) {
131 $hosts_database->{$packet->{source_haddr}}=$ldap_result;
132 if(!exists($ldap_result->{ipHostNumber})) {
133 $hosts_database->{$packet->{source_haddr}}->{ipHostNumber}=$packet->{source_ipaddr};
134 } else {
135 if(!($ldap_result->{ipHostNumber} eq $packet->{source_ipaddr})) {
136 &main::daemon_log(
137 "Current IP Address ".$packet->{source_ipaddr}.
138 " of host ".$ldap_result->{dnsname}.
139 " differs from LDAP (".$ldap_result->{ipHostNumber}.")", 4);
140 }
141 }
142 $hosts_database->{$packet->{source_haddr}}->{dnsname}=$dnsname;
143 &main::daemon_log("Host was found in LDAP as ".$ldap_result->{dn}, 6);
144 } else {
145 $hosts_database->{$packet->{source_haddr}}={
146 macAddress => $packet->{source_haddr},
147 ipHostNumber => $packet->{source_ipaddr},
148 dnsname => $dnsname,
149 };
150 &main::daemon_log("Host was not found in LDAP (".($hosts_database->{$packet->{source_haddr}}->{dnsname}).")",6);
151 &main::daemon_log(
152 "New Host ".($hosts_database->{$packet->{source_haddr}}->{dnsname}).
153 ": ".$hosts_database->{$packet->{source_haddr}}->{ipHostNumber}.
154 "/".$hosts_database->{$packet->{source_haddr}}->{macAddress},4);
155 }
156 } else {
157 if(!($hosts_database->{$packet->{source_haddr}}->{ipHostNumber} eq $packet->{source_ipaddr})) {
158 &main::daemon_log(
159 "IP Address change of MAC ".$packet->{source_haddr}.
160 ": ".$hosts_database->{$packet->{source_haddr}}->{ipHostNumber}.
161 "->".$packet->{source_ipaddr}, 4);
162 $hosts_database->{$packet->{source_haddr}}->{ipHostNumber}= $packet->{source_ipaddr};
163 }
164 &main::daemon_log("Host already in cache (".($hosts_database->{$packet->{source_haddr}}->{dnsname}).")",6);
165 }
166 }
168 sub get_host_from_ldap {
169 my $mac=shift;
170 my $result={};
172 my $ldap_result= search_ldap_entry(
173 $ldap,
174 $ldap_base,
175 "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))"
176 );
178 if($ldap_result->count==1) {
179 if(exists($ldap_result->{entries}[0]) &&
180 exists($ldap_result->{entries}[0]->{asn}->{objectName}) &&
181 exists($ldap_result->{entries}[0]->{asn}->{attributes})) {
183 for my $attribute(@{$ldap_result->{entries}[0]->{asn}->{attributes}}) {
184 if($attribute->{type} eq 'cn') {
185 $result->{cn} = $attribute->{vals}[0];
186 }
187 if($attribute->{type} eq 'macAddress') {
188 $result->{macAddress} = $attribute->{vals}[0];
189 }
190 if($attribute->{type} eq 'dhcpHWAddress') {
191 $result->{dhcpHWAddress} = $attribute->{vals}[0];
192 }
193 if($attribute->{type} eq 'ipHostNumber') {
194 $result->{ipHostNumber} = $attribute->{vals}[0];
195 }
196 }
197 }
198 $result->{dn} = $ldap_result->{entries}[0]->{asn}->{objectName};
199 }
201 return $result;
202 }
204 #=== FUNCTION ================================================================
205 # NAME: get_interfaces
206 # PARAMETERS: none
207 # RETURNS: (list of interfaces)
208 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
209 #===============================================================================
210 sub get_interfaces {
211 my @result;
212 my $PROC_NET_DEV= ('/proc/net/dev');
214 open(PROC_NET_DEV, "<$PROC_NET_DEV")
215 or die "Could not open $PROC_NET_DEV";
217 my @ifs = <PROC_NET_DEV>;
219 close(PROC_NET_DEV);
221 # Eat first two line
222 shift @ifs;
223 shift @ifs;
225 chomp @ifs;
226 foreach my $line(@ifs) {
227 my $if= (split /:/, $line)[0];
228 $if =~ s/^\s+//;
229 push @result, $if;
230 }
232 return @result;
233 }
235 #=== FUNCTION ================================================================
236 # NAME: get_mac
237 # PARAMETERS: interface name (i.e. eth0)
238 # RETURNS: (mac address)
239 # DESCRIPTION: Uses ioctl to get mac address directly from system.
240 #===============================================================================
241 sub get_mac {
242 my $ifreq= shift;
243 my $result;
244 if ($ifreq && length($ifreq) > 0) {
245 if($ifreq eq "all") {
246 $result = "00:00:00:00:00:00";
247 } else {
248 my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list
250 socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
251 or die "socket: $!";
253 if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
254 my ($if, $mac)= unpack 'h36 H12', $ifreq;
256 if (length($mac) > 0) {
257 $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
258 $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
259 $result = $mac;
260 }
261 }
262 }
263 }
264 return $result;
265 }
267 #=== FUNCTION ================================================================
268 # NAME: add_ldap_entry
269 # PURPOSE: adds an element to ldap-tree
270 # PARAMETERS:
271 # RETURNS: none
272 # DESCRIPTION: ????
273 # THROWS: no exceptions
274 # COMMENTS: none
275 # SEE ALSO: n/a
276 #===============================================================================
277 #sub add_ldap_entry {
278 # my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus, $ip, $interface, $desc) = @_;
279 # my $dn = "cn=$mac,ou=incoming,$ldap_base";
280 # my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
281 # my $c_res = $s_res->count;
282 # if($c_res == 1) {
283 # daemon_log("WARNING: macAddress $mac already in LDAP", 1);
284 # return;
285 # } elsif($c_res > 0) {
286 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
287 # return;
288 # }
289 #
290 # # create LDAP entry
291 # my $entry = Net::LDAP::Entry->new( $dn );
292 # $entry->dn($dn);
293 # $entry->add("objectClass" => "goHard");
294 # $entry->add("cn" => $mac);
295 # $entry->add("macAddress" => $mac);
296 # if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)}
297 # if(defined $ip) {$entry->add("ipHostNumber" => $ip) }
298 # #if(defined $interface) { }
299 # if(defined $desc) {$entry->add("description" => $desc) }
300 #
301 # # submit entry to LDAP
302 # my $result = $entry->update ($ldap_tree);
303 #
304 # # for $result->code constants please look at Net::LDAP::Constant
305 # my $log_time = localtime( time );
306 # if($result->code == 68) { # entry already exists
307 # daemon_log("WARNING: $log_time: $dn ".$result->error, 3);
308 # } elsif($result->code == 0) { # everything went fine
309 # daemon_log("$log_time: add entry $dn to ldap", 1);
310 # } else { # if any other error occur
311 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
312 # }
313 # return;
314 #}
317 #=== FUNCTION ================================================================
318 # NAME: change_ldap_entry
319 # PURPOSE: ????
320 # PARAMETERS: ????
321 # RETURNS: ????
322 # DESCRIPTION: ????
323 # THROWS: no exceptions
324 # COMMENTS: none
325 # SEE ALSO: n/a
326 #===============================================================================
327 #sub change_ldap_entry {
328 # my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_;
329 #
330 # # check if ldap_entry exists or not
331 # my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
332 # my $c_res = $s_res->count;
333 # if($c_res == 0) {
334 # daemon_log("WARNING: macAddress $mac not in LDAP", 1);
335 # return;
336 # } elsif($c_res > 1) {
337 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
338 # return;
339 # }
340 #
341 # my $s_res_entry = $s_res->pop_entry();
342 # my $dn = $s_res_entry->dn();
343 # my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } );
344 #
345 # # for $result->code constants please look at Net::LDAP::Constant
346 # my $log_time = localtime( time );
347 # if($result->code == 32) { # entry doesnt exists
348 # &add_ldap_entry($mac, $gotoSysStatus);
349 # } elsif($result->code == 0) { # everything went fine
350 # daemon_log("$log_time: entry $dn changed successful", 1);
351 # } else { # if any other error occur
352 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
353 # }
354 #
355 # return;
356 #}
358 #=== FUNCTION ================================================================
359 # NAME: search_ldap_entry
360 # PURPOSE: ????
361 # PARAMETERS: [Net::LDAP] $ldap_tree - object of an ldap-tree
362 # string $sub_tree - dn of the subtree the search is performed
363 # string $search_string - either a string or a Net::LDAP::Filter object
364 # RETURNS: [Net::LDAP::Search] $msg - result object of the performed search
365 # DESCRIPTION: ????
366 # THROWS: no exceptions
367 # COMMENTS: none
368 # SEE ALSO: n/a
369 #===============================================================================
370 sub search_ldap_entry {
371 my ($ldap_tree, $sub_tree, $search_string) = @_;
372 my $msg = $ldap_tree->search( # perform a search
373 base => $sub_tree,
374 filter => $search_string,
375 ) or daemon_log("cannot perform search at ldap: $@", 1);
376 # if(defined $msg) {
377 # print $sub_tree."\t".$search_string."\t";
378 # print $msg->count."\n";
379 # foreach my $entry ($msg->entries) { $entry->dump; };
380 # }
382 return $msg;
383 }
387 #========= MAIN = main ========================================================
388 #daemon_log( "####### START DAEMON ######\n", 1 );
389 #&check_cmdline_param ;
390 #&check_pid;
391 #&open_fifo($fifo_path);
392 #
393 ## Just fork, if we"re not in foreground mode
394 #if( ! $foreground ) { $pid = fork(); }
395 #else { $pid = $$; }
396 #
397 ## Do something useful - put our PID into the pid_file
398 #if( 0 != $pid ) {
399 # open( LOCK_FILE, ">$pid_file" );
400 # print LOCK_FILE "$pid\n";
401 # close( LOCK_FILE );
402 # if( !$foreground ) { exit( 0 ) };
403 #}
404 #
405 #
406 #if( not -p $fifo_path ) { die "fifo file disappeared\n" }
407 #if($c_res == 1) {
408 # daemon_log("WARNING: macAddress $mac already in LDAP", 1);
409 # return;
410 # } elsif($c_res > 0) {
411 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
412 # return;
413 # }
414 #
415 # # create LDAP entry
416 # my $entry = Net::LDAP::Entry->new( $dn );
417 # $entry->dn($dn);
418 # $entry->add("objectClass" => "goHard");
419 # $entry->add("cn" => $mac);
420 # $entry->add("macAddress" => $mac);
421 # if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)}
422 # if(defined $ip) {$entry->add("ipHostNumber" => $ip) }
423 # #if(defined $interface) { }
424 # if(defined $desc) {$entry->add("description" => $desc) }
425 #
426 # # submit entry to LDAP
427 # my $result = $entry->update ($ldap_tree);
428 #
429 # # for $result->code constants please look at Net::LDAP::Constant
430 # my $log_time = localtime( time );
431 # if($result->code == 68) { # entry already exists
432 # daemon_log("WARNING: $log_time: $dn ".$result->error, 3);
433 # } elsif($result->code == 0) { # everything went fine
434 # daemon_log("$log_time: add entry $dn to ldap", 1);
435 # } else { # if any other error occur
436 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
437 # }
438 # return;
439 #}
442 #=== FUNCTION ================================================================
443 # NAME: change_ldap_entry
444 # PURPOSE: ????
445 # PARAMETERS: ????
446 # RETURNS: ????
447 # DESCRIPTION: ????
448 # THROWS: no exceptions
449 # COMMENTS: none
450 # SEE ALSO: n/a
451 #===============================================================================
452 #sub change_ldap_entry {
453 # my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_;
454 #
455 # # check if ldap_entry exists or not
456 # my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
457 # my $c_res = $s_res->count;
458 # if($c_res == 0) {
459 # daemon_log("WARNING: macAddress $mac not in LDAP", 1);
460 # return;
461 # } elsif($c_res > 1) {
462 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
463 # return;
464 # }
465 #
466 # my $s_res_entry = $s_res->pop_entry();
467 # my $dn = $s_res_entry->dn();
468 # my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } );
469 #
470 # # for $result->code constants please look at Net::LDAP::Constant
471 # my $log_time = localtime( time );
472 # if($result->code == 32) { # entry doesnt exists
473 # &add_ldap_entry($mac, $gotoSysStatus);
474 # } elsif($result->code == 0) { # everything went fine
475 # daemon_log("$log_time: entry $dn changed successful", 1);
476 # } else { # if any other error occur
477 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
478 # }
479 #
480 # return;
481 #}
483 #=== FUNCTION ================================================================
484 # NAME: search_ldap_entry
485 # PURPOSE: ????
486 # PARAMETERS: [Net::LDAP] $ldap_tree - object of an ldap-tree
487 # string $sub_tree - dn of the subtree the search is performed
488 # string $search_string - either a string or a Net::LDAP::Filter object
489 # RETURNS: [Net::LDAP::Search] $msg - result object of the performed search
490 # DESCRIPTION: ????
491 # THROWS: no exceptions
492 # COMMENTS: none
493 # SEE ALSO: n/a
494 #===============================================================================
495 #sub search_ldap_entry {
496 # my ($ldap_tree, $sub_tree, $search_string) = @_;
497 # my $msg = $ldap_tree->search( # perform a search
498 # base => $sub_tree,
499 # filter => $search_string,
500 # ) or daemon_log("cannot perform search at ldap: $@", 1);
501 ## if(defined $msg) {
502 ## print $sub_tree."\t".$search_string."\t";
503 ## print $msg->count."\n";
504 ## foreach my $entry ($msg->entries) { $entry->dump; };
505 ## }
506 #
507 # return $msg;
508 #}
512 #========= MAIN = main ========================================================
513 #daemon_log( "####### START DAEMON ######\n", 1 );
514 #&check_cmdline_param ;
515 #&check_pid;
516 #&open_fifo($fifo_path);
517 #
518 ## Just fork, if we"re not in foreground mode
519 #if( ! $foreground ) { $pid = fork(); }
520 #else { $pid = $$; }
521 #
522 ## Do something useful - put our PID into the pid_file
523 #if( 0 != $pid ) {
524 # open( LOCK_FILE, ">$pid_file" );
525 # print LOCK_FILE "$pid\n";
526 # close( LOCK_FILE );
527 # if( !$foreground ) { exit( 0 ) };
528 #}
529 #
530 #
531 #if( not -p $fifo_path ) { die "fifo file disappeared\n" }
532 #sysopen(FIFO, $fifo_path, O_RDONLY) or die "can't read from $fifo_path: $!" ;
533 #
534 #while( 1 ) {
535 # # checke alle prozesse im hash daemon_children ob sie noch aktiv sind, wenn
536 # # nicht, dann entferne prozess aus hash
537 # while( (my $key, my $val) = each( %daemon_children) ) {
538 # my $status = waitpid( $key, &WNOHANG) ;
539 # if( $status == -1 ) {
540 # delete $daemon_children{$key} ;
541 # daemon_log("childprocess finished: $key", 3) ;
542 # }
543 # }
544 #
545 # # ist die max_process anzahl von prozesskindern erreicht, dann warte und
546 # # prüfe erneut, ob in der zwischenzeit prozesse fertig geworden sind
547 # if( keys( %daemon_children ) >= $max_process ) {
548 # sleep($max_process_timeout) ;
549 # next ;
550 # }
551 #
552 # my $msg = <FIFO>;
553 # if( not defined( $msg )) { next ; }
554 #
555 # chomp( $msg );
556 # if( length( $msg ) == 0 ) { next ; }
557 #
558 # my $forked_pid = fork();
559 ##=== PARENT = parent ==========================================================
560 # if ( $forked_pid != 0 ) {
561 # daemon_log("childprocess forked: $forked_pid", 3) ;
562 # $daemon_children{$forked_pid} = 0 ;
563 # }
564 ##=== CHILD = child ============================================================
565 # else {
566 # # parse the incoming message from arp, split the message and return
567 # # the values in an array. not defined values are set to "none"
568 # #my ($mac, $ip, $interface, $arp_sig, $desc) = &parse_input( $msg ) ;
569 # daemon_log( "childprocess read from arp: $fifo_path\nline: $msg", 3);
570 # my ($mac, $ip, $interface, $arp_sig, $desc) = split('\s', $msg, 5);
571 #
572 # # create connection to LDAP
573 # $#sysopen(FIFO, $fifo_path, O_RDONLY) or die "can't read from $fifo_path: $!" ;
574 #
575 #while( 1 ) {
576 # # checke alle prozesse im hash daemon_children ob sie noch aktiv sind, wenn
577 # # nicht, dann entferne prozess aus hash
578 # while( (my $key, my $val) = each( %daemon_children) ) {
579 # my $status = waitpid( $key, &WNOHANG) ;
580 # if( $status == -1 ) {
581 # delete $daemon_children{$key} ;
582 # daemon_log("childprocess finished: $key", 3) ;
583 # }
584 # }
585 #
586 # # ist die max_process anzahl von prozesskindern erreicht, dann warte und
587 # # prüfe erneut, ob in der zwischenzeit prozesse fertig geworden sind
588 # if( keys( %daemon_children ) >= $max_process ) {
589 # sleep($max_process_timeout) ;
590 # next ;
591 # }
592 #
593 # my $msg = <FIFO>;
594 # if( not defined( $msg )) { next ; }
595 #
596 # chomp( $msg );
597 # if( length( $msg ) == 0 ) { next ; }
598 #
599 # my $forked_pid = fork();
600 ##=== PARENT = parent ==========================================================
601 # if ( $forked_pid != 0 ) {
602 # daemon_log("childprocess forked: $forked_pid", 3) ;
603 # $daemon_children{$forked_pid} = 0 ;
604 # }
605 ##=== CHILD = child ============================================================
606 # else {
607 # # parse the incoming message from arp, split the message and return
608 # # the values in an array. not defined values are set to "none"
609 # #my ($mac, $ip, $interface, $arp_sig, $desc) = &parse_input( $msg ) ;
610 # daemon_log( "childprocess read from arp: $fifo_path\nline: $msg", 3);
611 # my ($mac, $ip, $interface, $arp_sig, $desc) = split('\s', $msg, 5);
612 #
613 # # create connection to LDAP
614 # $ldap = Net::LDAP->new( "localhost" ) or die "$@";
615 # $ldap->bind($bind_phrase,
616 # password => $password,
617 # ) ;
618 #
619 # switch($arp_sig) {
620 # case 0 {&change_ldap_entry($ldap, $ldap_base,
621 # $mac, "ip-changed",
622 # )}
623 # case 1 {&change_ldap_entry($ldap, $ldap_base,
624 # $mac, "mac-not-whitelisted",
625 # )}
626 # case 2 {&change_ldap_entry($ldap, $ldap_base,
627 # $mac, "mac-in-blacklist",
628 # )}
629 # case 3 {&add_ldap_entry($ldap, $ldap_base,
630 # $mac, "new-mac-address", $ip,
631 # $interface, $desc,
632 # )}
633 # case 4 {&change_ldap_entry($ldap, $ldap_base,
634 # $mac, "unauthorized-arp-request",
635 # )}
636 # case 5 {&change_ldap_entry($ldap, $ldap_base,
637 # $mac, "abusive-number-of-arp-requests",
638 # )}
639 # case 6 {&change_ldap_entry($ldap, $ldap_base,
640 # $mac, "ether-and-arp-mac-differs",
641 # )}
642 # case 7 {&change_ldap_entry($ldap, $ldap_base,
643 # $mac, "flood-detected",
644 # )}
645 # case 8 {&add_ldap_entry($ldap, $ldap_base,
646 # $mac, $ip, "new-system",
647 # )}
648 # case 9 {&change_ldap_entry($ldap, $ldap_base,
649 # $mac, "mac-changed",
650 # )}
651 # }
652 #
653 #
654 # ldap search
655 # my $base_phrase = "dc=gonicus,dc=de";
656 # my $filter_phrase = "cn=keinesorge";
657 # my $attrs_phrase = "cn macAdress";
658 # my $msg_search = $ldap->search( base => $base_phrase,
659 # filter => $filter_phrase,
660 # attrs => $attrs_phrase,
661 # );
662 # $msg_search->code && die $msg_search->error;
663 #
664 # my @entries = $msg_search->entries;
665 # my $max = $msg_search->count;
666 # print "anzahl der entries: $max\n";
667 # my $i;
668 # for ( $i = 0 ; $i < $max ; $i++ ) {
669 # my $entry = $msg_search->entry ( $i );
670 # foreach my $attr ( $entry->attributes ) {
671 # if( not $attr eq "cn") {
672 # next;
673 # }
674 # print join( "\n ", $attr, $entry->get_value( $attr ) ), "\n\n";
675 # }
676 # }
677 #
678 # # ldap add
679 #
680 #
681 # $ldap->unbind;
682 # exit;
683 # }
684 #
685 #}
687 1;