d4e70eaff59c7ef21ac837a88c822d42d8880e70
1 package ArpHandler;
3 use Exporter;
4 @ISA = ("Exporter");
6 use strict;
7 use warnings;
8 use GOSA::GosaSupportDaemon;
9 use POSIX;
10 use Fcntl;
11 use Net::LDAP;
12 use Net::LDAP::LDIF;
13 use Net::LDAP::Entry;
14 use Net::DNS;
15 use Switch;
16 use Data::Dumper;
18 # Don't start if some of the modules are missing
19 my $start_service=1;
20 BEGIN{
21 unless(eval('use Socket qw(PF_INET SOCK_DGRAM inet_ntoa sockaddr_in)')) {
22 $start_service=0;
23 }
24 unless(eval('use POE qw(Component::Pcap Component::ArpWatch)')) {
25 $start_service=0;
26 }
27 }
29 END{}
31 my ($timeout, $mailto, $mailfrom, $user, $group);
32 my %daemon_children;
33 my ($ldap, $bind_phrase, $password, $ldap_base, $interface) ;
34 my $hosts_database={};
35 my $resolver=Net::DNS::Resolver->new;
37 $ldap_base = "dc=gonicus,dc=de" ;
38 $interface = "eth1";
40 sub get_module_info {
41 my @info = (undef,
42 undef,
43 undef,
44 undef,
45 "socket",
46 );
48 # Don't start if some of the modules are missing
49 if($start_service) {
50 eval {
51 $ldap = Net::LDAP->new("ldap.intranet.gonicus.de");
52 };
53 if (!$ldap) {
54 &main::daemon_log("Could not connect to LDAP Server!\n$@", 1);
55 }
57 # When interface is not configured (or 'all'), start arpwatch on all possible interfaces
58 if ((!defined($interface)) || $interface eq 'all') {
59 foreach my $device(&get_interfaces) {
60 # TODO: Need a better workaround for IPv4-to-IPv6 bridges
61 if($device =~ m/^sit\d+$/) {
62 next;
63 }
65 # If device has a valid mac address
66 # TODO: Check if this should be the right way
67 if(not(&get_mac($device) eq "00:00:00:00:00:00")) {
68 &main::daemon_log("Starting ArpWatch on $device", 1);
69 POE::Session->create(
70 inline_states => {
71 _start => sub {
72 &start(@_,$device);
73 },
74 _stop => sub {
75 $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
76 },
77 got_packet => \&got_packet,
78 },
79 );
80 }
81 }
82 } else {
83 foreach my $device(split(/[\s,]+/, $interface)) {
84 &main::daemon_log("Starting ArpWatch on $device", 1);
85 POE::Session->create(
86 inline_states => {
87 _start => sub {
88 &start(@_,$device);
89 },
90 _stop => sub {
91 $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
92 },
93 got_packet => \&got_packet,
94 },
95 );
96 }
97 }
98 }
99 return \@info;
100 }
102 sub process_incoming_msg {
103 return 1;
104 }
106 sub start {
107 my $device = (exists($_[ARG0])?$_[ARG0]:'eth0');
108 POE::Component::ArpWatch->spawn(
109 Alias => sprintf("arp_watch_$device"),
110 Device => $device,
111 Dispatch => 'got_packet',
112 Session => $_[SESSION],
113 );
115 $_[KERNEL]->post( sprintf("arp_watch_$device") => 'run' );
116 }
118 sub got_packet {
119 my ($kernel, $heap, $sender, $packet) = @_[KERNEL, HEAP, SENDER, ARG0];
121 if( $packet->{source_haddr} eq "00:00:00:00:00:00" ||
122 $packet->{source_haddr} eq "ff:ff:ff:ff:ff:ff" ||
123 $packet->{source_ipaddr} eq "0.0.0.0") {
124 return;
125 }
127 my $capture_device = sprintf "%s", $kernel->alias_list($sender) =~ /^arp_watch_(.*)$/;
129 if(!exists($hosts_database->{$packet->{source_haddr}})) {
130 my $dnsresult= $resolver->search($packet->{source_ipaddr});
131 my $dnsname= (defined($dnsresult))?$dnsresult->{answer}[0]->{ptrdname}:$packet->{source_ipaddr};
132 my $ldap_result=&get_host_from_ldap($packet->{source_haddr});
133 if(exists($ldap_result->{dn})) {
134 $hosts_database->{$packet->{source_haddr}}=$ldap_result;
135 if(!exists($ldap_result->{ipHostNumber})) {
136 $hosts_database->{$packet->{source_haddr}}->{ipHostNumber}=$packet->{source_ipaddr};
137 } else {
138 if(!($ldap_result->{ipHostNumber} eq $packet->{source_ipaddr})) {
139 &main::daemon_log(
140 "Current IP Address ".$packet->{source_ipaddr}.
141 " of host ".$ldap_result->{dnsname}.
142 " differs from LDAP (".$ldap_result->{ipHostNumber}.")", 4);
143 }
144 }
145 $hosts_database->{$packet->{source_haddr}}->{dnsname}=$dnsname;
146 &main::daemon_log("Host was found in LDAP as ".$ldap_result->{dn}, 6);
147 } else {
148 $hosts_database->{$packet->{source_haddr}}={
149 macAddress => $packet->{source_haddr},
150 ipHostNumber => $packet->{source_ipaddr},
151 dnsname => $dnsname,
152 };
153 &main::daemon_log("Host was not found in LDAP (".($hosts_database->{$packet->{source_haddr}}->{dnsname}).")",6);
154 &main::daemon_log(
155 "New Host ".($hosts_database->{$packet->{source_haddr}}->{dnsname}).
156 ": ".$hosts_database->{$packet->{source_haddr}}->{ipHostNumber}.
157 "/".$hosts_database->{$packet->{source_haddr}}->{macAddress},4);
158 }
159 $hosts_database->{$packet->{source_haddr}}->{device}= $capture_device;
160 } else {
161 if(!($hosts_database->{$packet->{source_haddr}}->{ipHostNumber} eq $packet->{source_ipaddr})) {
162 &main::daemon_log(
163 "IP Address change of MAC ".$packet->{source_haddr}.
164 ": ".$hosts_database->{$packet->{source_haddr}}->{ipHostNumber}.
165 "->".$packet->{source_ipaddr}, 4);
166 $hosts_database->{$packet->{source_haddr}}->{ipHostNumber}= $packet->{source_ipaddr};
167 }
168 &main::daemon_log("Host already in cache (".($hosts_database->{$packet->{source_haddr}}->{device})."->".($hosts_database->{$packet->{source_haddr}}->{dnsname}).")",6);
169 }
170 }
172 sub get_host_from_ldap {
173 my $mac=shift;
174 my $result={};
176 my $ldap_result= search_ldap_entry(
177 $ldap,
178 $ldap_base,
179 "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))"
180 );
182 if(defined($ldap_result) && $ldap_result->count==1) {
183 if(exists($ldap_result->{entries}[0]) &&
184 exists($ldap_result->{entries}[0]->{asn}->{objectName}) &&
185 exists($ldap_result->{entries}[0]->{asn}->{attributes})) {
187 for my $attribute(@{$ldap_result->{entries}[0]->{asn}->{attributes}}) {
188 if($attribute->{type} eq 'cn') {
189 $result->{cn} = $attribute->{vals}[0];
190 }
191 if($attribute->{type} eq 'macAddress') {
192 $result->{macAddress} = $attribute->{vals}[0];
193 }
194 if($attribute->{type} eq 'dhcpHWAddress') {
195 $result->{dhcpHWAddress} = $attribute->{vals}[0];
196 }
197 if($attribute->{type} eq 'ipHostNumber') {
198 $result->{ipHostNumber} = $attribute->{vals}[0];
199 }
200 }
201 }
202 $result->{dn} = $ldap_result->{entries}[0]->{asn}->{objectName};
203 }
205 return $result;
206 }
208 #=== FUNCTION ================================================================
209 # NAME: get_interfaces
210 # PARAMETERS: none
211 # RETURNS: (list of interfaces)
212 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
213 #===============================================================================
214 sub get_interfaces {
215 my @result;
216 my $PROC_NET_DEV= ('/proc/net/dev');
218 open(PROC_NET_DEV, "<$PROC_NET_DEV")
219 or die "Could not open $PROC_NET_DEV";
221 my @ifs = <PROC_NET_DEV>;
223 close(PROC_NET_DEV);
225 # Eat first two line
226 shift @ifs;
227 shift @ifs;
229 chomp @ifs;
230 foreach my $line(@ifs) {
231 my $if= (split /:/, $line)[0];
232 $if =~ s/^\s+//;
233 push @result, $if;
234 }
236 return @result;
237 }
239 #=== FUNCTION ================================================================
240 # NAME: get_mac
241 # PARAMETERS: interface name (i.e. eth0)
242 # RETURNS: (mac address)
243 # DESCRIPTION: Uses ioctl to get mac address directly from system.
244 #===============================================================================
245 sub get_mac {
246 my $ifreq= shift;
247 my $result;
248 if ($ifreq && length($ifreq) > 0) {
249 if($ifreq eq "all") {
250 $result = "00:00:00:00:00:00";
251 } else {
252 my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list
254 socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
255 or die "socket: $!";
257 if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
258 my ($if, $mac)= unpack 'h36 H12', $ifreq;
260 if (length($mac) > 0) {
261 $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
262 $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
263 $result = $mac;
264 }
265 }
266 }
267 }
268 return $result;
269 }
271 #=== FUNCTION ================================================================
272 # NAME: add_ldap_entry
273 # PURPOSE: adds an element to ldap-tree
274 # PARAMETERS:
275 # RETURNS: none
276 # DESCRIPTION: ????
277 # THROWS: no exceptions
278 # COMMENTS: none
279 # SEE ALSO: n/a
280 #===============================================================================
281 #sub add_ldap_entry {
282 # my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus, $ip, $interface, $desc) = @_;
283 # my $dn = "cn=$mac,ou=incoming,$ldap_base";
284 # my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
285 # my $c_res = $s_res->count;
286 # if($c_res == 1) {
287 # daemon_log("WARNING: macAddress $mac already in LDAP", 1);
288 # return;
289 # } elsif($c_res > 0) {
290 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
291 # return;
292 # }
293 #
294 # # create LDAP entry
295 # my $entry = Net::LDAP::Entry->new( $dn );
296 # $entry->dn($dn);
297 # $entry->add("objectClass" => "goHard");
298 # $entry->add("cn" => $mac);
299 # $entry->add("macAddress" => $mac);
300 # if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)}
301 # if(defined $ip) {$entry->add("ipHostNumber" => $ip) }
302 # #if(defined $interface) { }
303 # if(defined $desc) {$entry->add("description" => $desc) }
304 #
305 # # submit entry to LDAP
306 # my $result = $entry->update ($ldap_tree);
307 #
308 # # for $result->code constants please look at Net::LDAP::Constant
309 # my $log_time = localtime( time );
310 # if($result->code == 68) { # entry already exists
311 # daemon_log("WARNING: $log_time: $dn ".$result->error, 3);
312 # } elsif($result->code == 0) { # everything went fine
313 # daemon_log("$log_time: add entry $dn to ldap", 1);
314 # } else { # if any other error occur
315 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
316 # }
317 # return;
318 #}
321 #=== FUNCTION ================================================================
322 # NAME: change_ldap_entry
323 # PURPOSE: ????
324 # PARAMETERS: ????
325 # RETURNS: ????
326 # DESCRIPTION: ????
327 # THROWS: no exceptions
328 # COMMENTS: none
329 # SEE ALSO: n/a
330 #===============================================================================
331 #sub change_ldap_entry {
332 # my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_;
333 #
334 # # check if ldap_entry exists or not
335 # my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
336 # my $c_res = $s_res->count;
337 # if($c_res == 0) {
338 # daemon_log("WARNING: macAddress $mac not in LDAP", 1);
339 # return;
340 # } elsif($c_res > 1) {
341 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
342 # return;
343 # }
344 #
345 # my $s_res_entry = $s_res->pop_entry();
346 # my $dn = $s_res_entry->dn();
347 # my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } );
348 #
349 # # for $result->code constants please look at Net::LDAP::Constant
350 # my $log_time = localtime( time );
351 # if($result->code == 32) { # entry doesnt exists
352 # &add_ldap_entry($mac, $gotoSysStatus);
353 # } elsif($result->code == 0) { # everything went fine
354 # daemon_log("$log_time: entry $dn changed successful", 1);
355 # } else { # if any other error occur
356 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
357 # }
358 #
359 # return;
360 #}
362 #=== FUNCTION ================================================================
363 # NAME: search_ldap_entry
364 # PURPOSE: ????
365 # PARAMETERS: [Net::LDAP] $ldap_tree - object of an ldap-tree
366 # string $sub_tree - dn of the subtree the search is performed
367 # string $search_string - either a string or a Net::LDAP::Filter object
368 # RETURNS: [Net::LDAP::Search] $msg - result object of the performed search
369 # DESCRIPTION: ????
370 # THROWS: no exceptions
371 # COMMENTS: none
372 # SEE ALSO: n/a
373 #===============================================================================
374 sub search_ldap_entry {
375 my ($ldap_tree, $sub_tree, $search_string) = @_;
376 my $msg;
377 if(defined($ldap_tree)) {
378 my $msg = $ldap_tree->search( # perform a search
379 base => $sub_tree,
380 filter => $search_string,
381 ) or daemon_log("cannot perform search at ldap: $@", 1);
382 # if(defined $msg) {
383 # print $sub_tree."\t".$search_string."\t";
384 # print $msg->count."\n";
385 # foreach my $entry ($msg->entries) { $entry->dump; };
386 # }
387 }
388 return $msg;
389 }
393 #========= MAIN = main ========================================================
394 #daemon_log( "####### START DAEMON ######\n", 1 );
395 #&check_cmdline_param ;
396 #&check_pid;
397 #&open_fifo($fifo_path);
398 #
399 ## Just fork, if we"re not in foreground mode
400 #if( ! $foreground ) { $pid = fork(); }
401 #else { $pid = $$; }
402 #
403 ## Do something useful - put our PID into the pid_file
404 #if( 0 != $pid ) {
405 # open( LOCK_FILE, ">$pid_file" );
406 # print LOCK_FILE "$pid\n";
407 # close( LOCK_FILE );
408 # if( !$foreground ) { exit( 0 ) };
409 #}
410 #
411 #
412 #if( not -p $fifo_path ) { die "fifo file disappeared\n" }
413 #if($c_res == 1) {
414 # daemon_log("WARNING: macAddress $mac already in LDAP", 1);
415 # return;
416 # } elsif($c_res > 0) {
417 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
418 # return;
419 # }
420 #
421 # # create LDAP entry
422 # my $entry = Net::LDAP::Entry->new( $dn );
423 # $entry->dn($dn);
424 # $entry->add("objectClass" => "goHard");
425 # $entry->add("cn" => $mac);
426 # $entry->add("macAddress" => $mac);
427 # if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)}
428 # if(defined $ip) {$entry->add("ipHostNumber" => $ip) }
429 # #if(defined $interface) { }
430 # if(defined $desc) {$entry->add("description" => $desc) }
431 #
432 # # submit entry to LDAP
433 # my $result = $entry->update ($ldap_tree);
434 #
435 # # for $result->code constants please look at Net::LDAP::Constant
436 # my $log_time = localtime( time );
437 # if($result->code == 68) { # entry already exists
438 # daemon_log("WARNING: $log_time: $dn ".$result->error, 3);
439 # } elsif($result->code == 0) { # everything went fine
440 # daemon_log("$log_time: add entry $dn to ldap", 1);
441 # } else { # if any other error occur
442 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
443 # }
444 # return;
445 #}
448 #=== FUNCTION ================================================================
449 # NAME: change_ldap_entry
450 # PURPOSE: ????
451 # PARAMETERS: ????
452 # RETURNS: ????
453 # DESCRIPTION: ????
454 # THROWS: no exceptions
455 # COMMENTS: none
456 # SEE ALSO: n/a
457 #===============================================================================
458 #sub change_ldap_entry {
459 # my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_;
460 #
461 # # check if ldap_entry exists or not
462 # my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
463 # my $c_res = $s_res->count;
464 # if($c_res == 0) {
465 # daemon_log("WARNING: macAddress $mac not in LDAP", 1);
466 # return;
467 # } elsif($c_res > 1) {
468 # daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
469 # return;
470 # }
471 #
472 # my $s_res_entry = $s_res->pop_entry();
473 # my $dn = $s_res_entry->dn();
474 # my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } );
475 #
476 # # for $result->code constants please look at Net::LDAP::Constant
477 # my $log_time = localtime( time );
478 # if($result->code == 32) { # entry doesnt exists
479 # &add_ldap_entry($mac, $gotoSysStatus);
480 # } elsif($result->code == 0) { # everything went fine
481 # daemon_log("$log_time: entry $dn changed successful", 1);
482 # } else { # if any other error occur
483 # daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
484 # }
485 #
486 # return;
487 #}
489 #=== FUNCTION ================================================================
490 # NAME: search_ldap_entry
491 # PURPOSE: ????
492 # PARAMETERS: [Net::LDAP] $ldap_tree - object of an ldap-tree
493 # string $sub_tree - dn of the subtree the search is performed
494 # string $search_string - either a string or a Net::LDAP::Filter object
495 # RETURNS: [Net::LDAP::Search] $msg - result object of the performed search
496 # DESCRIPTION: ????
497 # THROWS: no exceptions
498 # COMMENTS: none
499 # SEE ALSO: n/a
500 #===============================================================================
501 #sub search_ldap_entry {
502 # my ($ldap_tree, $sub_tree, $search_string) = @_;
503 # my $msg = $ldap_tree->search( # perform a search
504 # base => $sub_tree,
505 # filter => $search_string,
506 # ) or daemon_log("cannot perform search at ldap: $@", 1);
507 ## if(defined $msg) {
508 ## print $sub_tree."\t".$search_string."\t";
509 ## print $msg->count."\n";
510 ## foreach my $entry ($msg->entries) { $entry->dump; };
511 ## }
512 #
513 # return $msg;
514 #}
518 #========= MAIN = main ========================================================
519 #daemon_log( "####### START DAEMON ######\n", 1 );
520 #&check_cmdline_param ;
521 #&check_pid;
522 #&open_fifo($fifo_path);
523 #
524 ## Just fork, if we"re not in foreground mode
525 #if( ! $foreground ) { $pid = fork(); }
526 #else { $pid = $$; }
527 #
528 ## Do something useful - put our PID into the pid_file
529 #if( 0 != $pid ) {
530 # open( LOCK_FILE, ">$pid_file" );
531 # print LOCK_FILE "$pid\n";
532 # close( LOCK_FILE );
533 # if( !$foreground ) { exit( 0 ) };
534 #}
535 #
536 #
537 #if( not -p $fifo_path ) { die "fifo file disappeared\n" }
538 #sysopen(FIFO, $fifo_path, O_RDONLY) or die "can't read from $fifo_path: $!" ;
539 #
540 #while( 1 ) {
541 # # checke alle prozesse im hash daemon_children ob sie noch aktiv sind, wenn
542 # # nicht, dann entferne prozess aus hash
543 # while( (my $key, my $val) = each( %daemon_children) ) {
544 # my $status = waitpid( $key, &WNOHANG) ;
545 # if( $status == -1 ) {
546 # delete $daemon_children{$key} ;
547 # daemon_log("childprocess finished: $key", 3) ;
548 # }
549 # }
550 #
551 # # ist die max_process anzahl von prozesskindern erreicht, dann warte und
552 # # prüfe erneut, ob in der zwischenzeit prozesse fertig geworden sind
553 # if( keys( %daemon_children ) >= $max_process ) {
554 # sleep($max_process_timeout) ;
555 # next ;
556 # }
557 #
558 # my $msg = <FIFO>;
559 # if( not defined( $msg )) { next ; }
560 #
561 # chomp( $msg );
562 # if( length( $msg ) == 0 ) { next ; }
563 #
564 # my $forked_pid = fork();
565 ##=== PARENT = parent ==========================================================
566 # if ( $forked_pid != 0 ) {
567 # daemon_log("childprocess forked: $forked_pid", 3) ;
568 # $daemon_children{$forked_pid} = 0 ;
569 # }
570 ##=== CHILD = child ============================================================
571 # else {
572 # # parse the incoming message from arp, split the message and return
573 # # the values in an array. not defined values are set to "none"
574 # #my ($mac, $ip, $interface, $arp_sig, $desc) = &parse_input( $msg ) ;
575 # daemon_log( "childprocess read from arp: $fifo_path\nline: $msg", 3);
576 # my ($mac, $ip, $interface, $arp_sig, $desc) = split('\s', $msg, 5);
577 #
578 # # create connection to LDAP
579 # $#sysopen(FIFO, $fifo_path, O_RDONLY) or die "can't read from $fifo_path: $!" ;
580 #
581 #while( 1 ) {
582 # # checke alle prozesse im hash daemon_children ob sie noch aktiv sind, wenn
583 # # nicht, dann entferne prozess aus hash
584 # while( (my $key, my $val) = each( %daemon_children) ) {
585 # my $status = waitpid( $key, &WNOHANG) ;
586 # if( $status == -1 ) {
587 # delete $daemon_children{$key} ;
588 # daemon_log("childprocess finished: $key", 3) ;
589 # }
590 # }
591 #
592 # # ist die max_process anzahl von prozesskindern erreicht, dann warte und
593 # # prüfe erneut, ob in der zwischenzeit prozesse fertig geworden sind
594 # if( keys( %daemon_children ) >= $max_process ) {
595 # sleep($max_process_timeout) ;
596 # next ;
597 # }
598 #
599 # my $msg = <FIFO>;
600 # if( not defined( $msg )) { next ; }
601 #
602 # chomp( $msg );
603 # if( length( $msg ) == 0 ) { next ; }
604 #
605 # my $forked_pid = fork();
606 ##=== PARENT = parent ==========================================================
607 # if ( $forked_pid != 0 ) {
608 # daemon_log("childprocess forked: $forked_pid", 3) ;
609 # $daemon_children{$forked_pid} = 0 ;
610 # }
611 ##=== CHILD = child ============================================================
612 # else {
613 # # parse the incoming message from arp, split the message and return
614 # # the values in an array. not defined values are set to "none"
615 # #my ($mac, $ip, $interface, $arp_sig, $desc) = &parse_input( $msg ) ;
616 # daemon_log( "childprocess read from arp: $fifo_path\nline: $msg", 3);
617 # my ($mac, $ip, $interface, $arp_sig, $desc) = split('\s', $msg, 5);
618 #
619 # # create connection to LDAP
620 # $ldap = Net::LDAP->new( "localhost" ) or die "$@";
621 # $ldap->bind($bind_phrase,
622 # password => $password,
623 # ) ;
624 #
625 # switch($arp_sig) {
626 # case 0 {&change_ldap_entry($ldap, $ldap_base,
627 # $mac, "ip-changed",
628 # )}
629 # case 1 {&change_ldap_entry($ldap, $ldap_base,
630 # $mac, "mac-not-whitelisted",
631 # )}
632 # case 2 {&change_ldap_entry($ldap, $ldap_base,
633 # $mac, "mac-in-blacklist",
634 # )}
635 # case 3 {&add_ldap_entry($ldap, $ldap_base,
636 # $mac, "new-mac-address", $ip,
637 # $interface, $desc,
638 # )}
639 # case 4 {&change_ldap_entry($ldap, $ldap_base,
640 # $mac, "unauthorized-arp-request",
641 # )}
642 # case 5 {&change_ldap_entry($ldap, $ldap_base,
643 # $mac, "abusive-number-of-arp-requests",
644 # )}
645 # case 6 {&change_ldap_entry($ldap, $ldap_base,
646 # $mac, "ether-and-arp-mac-differs",
647 # )}
648 # case 7 {&change_ldap_entry($ldap, $ldap_base,
649 # $mac, "flood-detected",
650 # )}
651 # case 8 {&add_ldap_entry($ldap, $ldap_base,
652 # $mac, $ip, "new-system",
653 # )}
654 # case 9 {&change_ldap_entry($ldap, $ldap_base,
655 # $mac, "mac-changed",
656 # )}
657 # }
658 #
659 #
660 # ldap search
661 # my $base_phrase = "dc=gonicus,dc=de";
662 # my $filter_phrase = "cn=keinesorge";
663 # my $attrs_phrase = "cn macAdress";
664 # my $msg_search = $ldap->search( base => $base_phrase,
665 # filter => $filter_phrase,
666 # attrs => $attrs_phrase,
667 # );
668 # $msg_search->code && die $msg_search->error;
669 #
670 # my @entries = $msg_search->entries;
671 # my $max = $msg_search->count;
672 # print "anzahl der entries: $max\n";
673 # my $i;
674 # for ( $i = 0 ; $i < $max ; $i++ ) {
675 # my $entry = $msg_search->entry ( $i );
676 # foreach my $attr ( $entry->attributes ) {
677 # if( not $attr eq "cn") {
678 # next;
679 # }
680 # print join( "\n ", $attr, $entry->get_value( $attr ) ), "\n\n";
681 # }
682 # }
683 #
684 # # ldap add
685 #
686 #
687 # $ldap->unbind;
688 # exit;
689 # }
690 #
691 #}
693 1;