X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fmodules%2FArpHandler.pm;h=fec419de2e9cb68520eaa87c6576b3703ca87dde;hb=0c9caa52e58f2fa40da66941b58590a36dd09eb4;hp=89871783d747d79998ffbc767882e219dcd58f7f;hpb=a74eb41b9722b274369c971c2283393198ff789c;p=gosa.git diff --git a/gosa-si/modules/ArpHandler.pm b/gosa-si/modules/ArpHandler.pm index 89871783d..fec419de2 100644 --- a/gosa-si/modules/ArpHandler.pm +++ b/gosa-si/modules/ArpHandler.pm @@ -14,6 +14,8 @@ use Net::LDAP::Entry; use Net::DNS; use Switch; use Data::Dumper; +use Socket; +use utf8; # Don't start if some of the modules are missing my $start_service=1; @@ -35,7 +37,6 @@ END{} my ($timeout, $mailto, $mailfrom, $user, $group); my ($arp_enabled, $arp_interface, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password); my $hosts_database={}; -my $resolver=Net::DNS::Resolver->new; my $ldap; my %cfg_defaults = @@ -95,14 +96,12 @@ sub get_module_info { } } if(defined($ldap_uri) && length($ldap_uri)>0) { - $ldap = Net::LDAP->new($ldap_uri); - if (!$ldap) { + &main::refresh_ldap_handle(); + if (!$main::ldap_handle) { &main::daemon_log("Could not connect to LDAP Server at $ldap_uri!\n$@", 1); - } else { - $ldap->bind($ldap_admin_dn, password => $ldap_admin_password); } } else { - $ldap=undef; + $main::ldap_handle= undef; } # When interface is not configured (or 'all'), start arpwatch on all possible interfaces @@ -123,8 +122,6 @@ sub get_module_info { &start(@_,$device); }, _stop => sub { - $ldap->unbind if (defined($ldap)); - $ldap->disconnect if (defined($ldap)); $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' ) }, got_packet => \&got_packet, @@ -141,8 +138,6 @@ sub get_module_info { &start(@_,$device); }, _stop => sub { - $ldap->unbind if (defined($ldap)); - $ldap->disconnect if (defined($ldap)); $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' ) }, got_packet => \&got_packet, @@ -184,8 +179,7 @@ sub got_packet { my $capture_device = sprintf "%s", $kernel->alias_list($sender) =~ /^arp_watch_(.*)$/; if(!exists($hosts_database->{$packet->{source_haddr}})) { - my $dnsresult= $resolver->search($packet->{source_ipaddr}); - my $dnsname= (defined($dnsresult))?$dnsresult->{answer}[0]->{ptrdname}:$packet->{source_ipaddr}; + my $dnsname= gethostbyaddr(inet_aton($packet->{source_ipaddr}), AF_INET) || $packet->{source_ipaddr}; my $ldap_result=&get_host_from_ldap($packet->{source_haddr}); if(exists($ldap_result->{dn})) { $hosts_database->{$packet->{source_haddr}}=$ldap_result; @@ -216,7 +210,7 @@ sub got_packet { ": ".$hosts_database->{$packet->{source_haddr}}->{ipHostNumber}. "/".$hosts_database->{$packet->{source_haddr}}->{macAddress},4); &add_ldap_entry( - $ldap, + $main::ldap_handle, $ldap_base, $hosts_database->{$packet->{source_haddr}}->{macAddress}, 'new-system', @@ -233,7 +227,7 @@ sub got_packet { "->".$packet->{source_ipaddr}, 4); $hosts_database->{$packet->{source_haddr}}->{ipHostNumber}= $packet->{source_ipaddr}; &change_ldap_entry( - $ldap, + $main::ldap_handle, $ldap_base, $hosts_database->{$packet->{source_haddr}}->{macAddress}, 'ip-changed', @@ -249,9 +243,9 @@ sub get_host_from_ldap { my $mac=shift; my $result={}; - if(defined($ldap)) { + if(defined($main::ldap_handle)) { my $ldap_result= &search_ldap_entry( - $ldap, + $main::ldap_handle, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))" ); @@ -447,7 +441,7 @@ sub change_ldap_entry { if (defined($ip)) { $replace->{'ipHostNumber'} = $ip; } - my $result = $ldap->modify( $dn, replace => $replace ); + my $result = $main::ldap_handle->modify( $dn, replace => $replace ); # for $result->code constants please look at Net::LDAP::Constant if($result->code == 32) { # entry doesnt exists @@ -484,82 +478,8 @@ sub search_ldap_entry { base => $sub_tree, filter => $search_string, ) or &main::daemon_log("cannot perform search at ldap: $@", 1); - #if(defined $msg) { - # print $sub_tree."\t".$search_string."\t"; - # print $msg->count."\n"; - # foreach my $entry ($msg->entries) { $entry->dump; }; - #} } return $msg; } -# $ldap = Net::LDAP->new( "localhost" ) or die "$@"; -# $ldap->bind($bind_phrase, -# password => $password, -# ) ; -# -# switch($arp_sig) { -# case 0 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "ip-changed", -# )} -# case 1 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "mac-not-whitelisted", -# )} -# case 2 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "mac-in-blacklist", -# )} -# case 3 {&add_ldap_entry($ldap, $ldap_base, -# $mac, "new-mac-address", $ip, -# $interface, $desc, -# )} -# case 4 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "unauthorized-arp-request", -# )} -# case 5 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "abusive-number-of-arp-requests", -# )} -# case 6 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "ether-and-arp-mac-differs", -# )} -# case 7 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "flood-detected", -# )} -# case 8 {&add_ldap_entry($ldap, $ldap_base, -# $mac, $ip, "new-system", -# )} -# case 9 {&change_ldap_entry($ldap, $ldap_base, -# $mac, "mac-changed", -# )} -# } -# -# - # ldap search -# my $base_phrase = "dc=gonicus,dc=de"; -# my $filter_phrase = "cn=keinesorge"; -# my $attrs_phrase = "cn macAdress"; -# my $msg_search = $ldap->search( base => $base_phrase, -# filter => $filter_phrase, -# attrs => $attrs_phrase, -# ); -# $msg_search->code && die $msg_search->error; -# -# my @entries = $msg_search->entries; -# my $max = $msg_search->count; -# print "anzahl der entries: $max\n"; -# my $i; -# for ( $i = 0 ; $i < $max ; $i++ ) { -# my $entry = $msg_search->entry ( $i ); -# foreach my $attr ( $entry->attributes ) { -# if( not $attr eq "cn") { -# next; -# } -# print join( "\n ", $attr, $entry->get_value( $attr ) ), "\n\n"; -# } -# } - # - # # ldap add - # - # - # $ldap->unbind; - # exit; 1;