![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7055784)
raw | patch | inline | side by side (parent: 7055784)
| author | janw <janw@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 30 Jan 2008 16:57:25 +0000 (16:57 +0000) | ||
| committer | janw <janw@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 30 Jan 2008 16:57:25 +0000 (16:57 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8678 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-si/modules/ArpHandler.pm | patch | blob | history |
index 539273a0634d7debd647bf5b29ccefd1c406bc97..ee7cdd5b6c21b04ef293472ea941323ac43d4007 100644 (file)
END{}
-#my ($timeout, $mailto, $mailfrom, $user, $group);
+my ($timeout, $mailto, $mailfrom, $user, $group);
my ($arp_activ, $arp_interface, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password);
my $hosts_database={};
my $resolver=Net::DNS::Resolver->new;
my %cfg_defaults =
(
-"arp" => {
- "arp_activ" => [\$arp_activ, "on"],
- "arp_interface" => [\$arp_interface, "all"],
- "ldap_uri" => [\$ldap_uri, ""],
- "ldap_base" => [\$ldap_base, ""],
- "ldap_admin_dn" => [\$ldap_admin_dn, ""],
- "ldap_admin_password" => [\$ldap_admin_password, ""],
- },
+ "arp" => {
+ "arp_activ" => [\$arp_activ, "on"],
+ "arp_interface" => [\$arp_interface, "all"],
+ },
+ "server" => {
+ "ldap_uri" => [\$ldap_uri, ""],
+ "ldap_base" => [\$ldap_base, ""],
+ "ldap_admin_dn" => [\$ldap_admin_dn, ""],
+ "ldap_admin_password" => [\$ldap_admin_password, ""],
+ },
);
#=== FUNCTION ================================================================
&read_configfile();
# Don't start if some of the modules are missing
- if(($arp_activ eq 'on') && $start_service) {
- eval {
- $ldap = Net::LDAP->new("ldap.intranet.gonicus.de");
- };
- if (!$ldap) {
- &main::daemon_log("Could not connect to LDAP Server!\n$@", 1);
- }
-
- # When interface is not configured (or 'all'), start arpwatch on all possible interfaces
- if ((!defined($arp_interface)) || $arp_interface eq 'all') {
- foreach my $device(&get_interfaces) {
- # TODO: Need a better workaround for IPv4-to-IPv6 bridges
- if($device =~ m/^sit\d+$/) {
- next;
- }
-
- # If device has a valid mac address
- # TODO: Check if this should be the right way
- if(not(&get_mac($device) eq "00:00:00:00:00:00")) {
- &main::daemon_log("Starting ArpWatch on $device", 1);
- POE::Session->create(
- inline_states => {
- _start => sub {
- &start(@_,$device);
- },
- _stop => sub {
- $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
- },
- got_packet => \&got_packet,
- },
- );
- }
- }
- } else {
- foreach my $device(split(/[\s,]+/, $arp_interface)) {
- &main::daemon_log("Starting ArpWatch on $device", 1);
- POE::Session->create(
- inline_states => {
- _start => sub {
- &start(@_,$device);
- },
- _stop => sub {
- $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
- },
- got_packet => \&got_packet,
- },
- );
- }
- }
- } else {
- &main::daemon_log("ArpHandler disabled. Not starting any capture processes");
- }
+ #if(($arp_activ eq 'on') && $start_service) {
+ # eval {
+ # $ldap = Net::LDAP->new($ldap_uri);
+ # };
+ # if (!$ldap) {
+ # &main::daemon_log("Could not connect to LDAP Server!\n$@", 1);
+ # } else {
+ # eval {
+ # $ldap->bind($ldap_admin_dn, password => $ldap_admin_password);
+ # };
+ # if($@) {
+ # &main::daemon_log("LDAP bind as $ldap_admin_dn failed! Trying anonymous bind", 1);
+ # $ldap->bind();
+ # }
+ # }
+
+ # # When interface is not configured (or 'all'), start arpwatch on all possible interfaces
+ # if ((!defined($arp_interface)) || $arp_interface eq 'all') {
+ # foreach my $device(&get_interfaces) {
+ # # TODO: Need a better workaround for IPv4-to-IPv6 bridges
+ # if($device =~ m/^sit\d+$/) {
+ # next;
+ # }
+
+ # # If device has a valid mac address
+ # # TODO: Check if this should be the right way
+ # if(not(&get_mac($device) eq "00:00:00:00:00:00")) {
+ # &main::daemon_log("Starting ArpWatch on $device", 1);
+ # POE::Session->create(
+ # inline_states => {
+ # _start => sub {
+ # &start(@_,$device);
+ # },
+ # _stop => sub {
+ # $ldap->unbind if (defined($ldap));
+ # $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
+ # },
+ # got_packet => \&got_packet,
+ # },
+ # );
+ # }
+ # }
+ # } else {
+ # foreach my $device(split(/[\s,]+/, $arp_interface)) {
+ # &main::daemon_log("Starting ArpWatch on $device", 1);
+ # POE::Session->create(
+ # inline_states => {
+ # _start => sub {
+ # &start(@_,$device);
+ # },
+ # _stop => sub {
+ # $ldap->unbind if (defined($ldap));
+ # $_[KERNEL]->post( sprintf("arp_watch_$device") => 'shutdown' )
+ # },
+ # got_packet => \&got_packet,
+ # },
+ # );
+ # }
+ # }
+ #} else {
+ # &main::daemon_log("ArpHandler disabled. Not starting any capture processes");
+ #}
return \@info;
}
"New Host ".($hosts_database->{$packet->{source_haddr}}->{dnsname}).
": ".$hosts_database->{$packet->{source_haddr}}->{ipHostNumber}.
"/".$hosts_database->{$packet->{source_haddr}}->{macAddress},4);
+# &add_ldap_entry(
+# $ldap,
+# $ldap_base,
+# $hosts_database->{$packet->{source_haddr}}->{macAddress},
+# 'new-system',
+# $hosts_database->{$packet->{source_haddr}}->{ipHostNumber});
+# #,
+# #$hosts_database->{$packet->{source_haddr}}->{dnsName});
+#
+# case 8 {&add_ldap_entry($ldap, $ldap_base,
+# $mac, $ip, "new-system",
+# )}
}
$hosts_database->{$packet->{source_haddr}}->{device}= $capture_device;
} else {
# DESCRIPTION: ????
# THROWS: no exceptions
# COMMENTS: none
-# SEE ALSO: n/a
+# SEE ALSO: n/a/bin
#===============================================================================
-#sub add_ldap_entry {
-# my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus, $ip, $interface, $desc) = @_;
-# my $dn = "cn=$mac,ou=incoming,$ldap_base";
-# my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
-# my $c_res = $s_res->count;
-# if($c_res == 1) {
-# daemon_log("WARNING: macAddress $mac already in LDAP", 1);
-# return;
-# } elsif($c_res > 0) {
-# daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
-# return;
-# }
-#
-# # create LDAP entry
-# my $entry = Net::LDAP::Entry->new( $dn );
-# $entry->dn($dn);
-# $entry->add("objectClass" => "goHard");
-# $entry->add("cn" => $mac);
-# $entry->add("macAddress" => $mac);
-# if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)}
-# if(defined $ip) {$entry->add("ipHostNumber" => $ip) }
-# #if(defined $interface) { }
-# if(defined $desc) {$entry->add("description" => $desc) }
-#
-# # submit entry to LDAP
-# my $result = $entry->update ($ldap_tree);
-#
-# # for $result->code constants please look at Net::LDAP::Constant
-# my $log_time = localtime( time );
-# if($result->code == 68) { # entry already exists
-# daemon_log("WARNING: $log_time: $dn ".$result->error, 3);
-# } elsif($result->code == 0) { # everything went fine
-# daemon_log("$log_time: add entry $dn to ldap", 1);
-# } else { # if any other error occur
-# daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
-# }
-# return;
-#}
+sub add_ldap_entry {
+ my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus, $ip, $interface, $desc) = @_;
+ my $dn = "cn=$mac,ou=incoming,$ldap_base";
+ my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
+ my $c_res = (defined($s_res))?$s_res->count:0;
+ if($c_res == 1) {
+ &main::daemon_log("WARNING: macAddress $mac already in LDAP", 1);
+ return;
+ } elsif($c_res > 0) {
+ &main::daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
+ return;
+ }
+
+ # create LDAP entry
+ my $entry = Net::LDAP::Entry->new( $dn );
+ $entry->dn($dn);
+ $entry->add("objectClass" => "goHard");
+ $entry->add("cn" => $mac);
+ $entry->add("macAddress" => $mac);
+ if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)}
+ if(defined $ip) {$entry->add("ipHostNumber" => $ip) }
+ #if(defined $interface) { }
+ if(defined $desc) {$entry->add("description" => $desc) }
+
+ # submit entry to LDAP
+ my $result = $entry->update ($ldap_tree);
+
+ # for $result->code constants please look at Net::LDAP::Constant
+ my $log_time = localtime( time );
+ if($result->code == 68) { # entry already exists
+ &main::daemon_log("WARNING: $log_time: $dn ".$result->error, 3);
+ } elsif($result->code == 0) { # everything went fine
+ &main::daemon_log("$log_time: add entry $dn to ldap", 1);
+ } else { # if any other error occur
+ &main::daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
+ }
+ return;
+}
#=== FUNCTION ================================================================
# COMMENTS: none
# SEE ALSO: n/a
#===============================================================================
-#sub change_ldap_entry {
-# my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_;
-#
-# # check if ldap_entry exists or not
-# my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
-# my $c_res = $s_res->count;
-# if($c_res == 0) {
-# daemon_log("WARNING: macAddress $mac not in LDAP", 1);
-# return;
-# } elsif($c_res > 1) {
-# daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
-# return;
-# }
-#
-# my $s_res_entry = $s_res->pop_entry();
-# my $dn = $s_res_entry->dn();
-# my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } );
-#
-# # for $result->code constants please look at Net::LDAP::Constant
-# my $log_time = localtime( time );
-# if($result->code == 32) { # entry doesnt exists
-# &add_ldap_entry($mac, $gotoSysStatus);
-# } elsif($result->code == 0) { # everything went fine
-# daemon_log("$log_time: entry $dn changed successful", 1);
-# } else { # if any other error occur
-# daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
-# }
-#
-# return;
-#}
+sub change_ldap_entry {
+ my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_;
+
+ # check if ldap_entry exists or not
+ my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
+ my $c_res = $s_res->count;
+ if($c_res == 0) {
+ daemon_log("WARNING: macAddress $mac not in LDAP", 1);
+ return;
+ } elsif($c_res > 1) {
+ daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
+ return;
+ }
+
+ my $s_res_entry = $s_res->pop_entry();
+ my $dn = $s_res_entry->dn();
+ my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } );
+
+ # for $result->code constants please look at Net::LDAP::Constant
+ my $log_time = localtime( time );
+ if($result->code == 32) { # entry doesnt exists
+ &add_ldap_entry($mac, $gotoSysStatus);
+ } elsif($result->code == 0) { # everything went fine
+ daemon_log("$log_time: entry $dn changed successful", 1);
+ } else { # if any other error occur
+ daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
+ }
+
+ return;
+}
#=== FUNCTION ================================================================
# NAME: search_ldap_entry
}
return $msg;
}
-
-
-
-#========= MAIN = main ========================================================
-#daemon_log( "####### START DAEMON ######\n", 1 );
-#&check_cmdline_param ;
-#&check_pid;
-#&open_fifo($fifo_path);
-#
-## Just fork, if we"re not in foreground mode
-#if( ! $foreground ) { $pid = fork(); }
-#else { $pid = $$; }
-#
-## Do something useful - put our PID into the pid_file
-#if( 0 != $pid ) {
-# open( LOCK_FILE, ">$pid_file" );
-# print LOCK_FILE "$pid\n";
-# close( LOCK_FILE );
-# if( !$foreground ) { exit( 0 ) };
-#}
-#
-#
-#if( not -p $fifo_path ) { die "fifo file disappeared\n" }
-#if($c_res == 1) {
-# daemon_log("WARNING: macAddress $mac already in LDAP", 1);
-# return;
-# } elsif($c_res > 0) {
-# daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
-# return;
-# }
-#
-# # create LDAP entry
-# my $entry = Net::LDAP::Entry->new( $dn );
-# $entry->dn($dn);
-# $entry->add("objectClass" => "goHard");
-# $entry->add("cn" => $mac);
-# $entry->add("macAddress" => $mac);
-# if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)}
-# if(defined $ip) {$entry->add("ipHostNumber" => $ip) }
-# #if(defined $interface) { }
-# if(defined $desc) {$entry->add("description" => $desc) }
-#
-# # submit entry to LDAP
-# my $result = $entry->update ($ldap_tree);
-#
-# # for $result->code constants please look at Net::LDAP::Constant
-# my $log_time = localtime( time );
-# if($result->code == 68) { # entry already exists
-# daemon_log("WARNING: $log_time: $dn ".$result->error, 3);
-# } elsif($result->code == 0) { # everything went fine
-# daemon_log("$log_time: add entry $dn to ldap", 1);
-# } else { # if any other error occur
-# daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
-# }
-# return;
-#}
-
-
-#=== FUNCTION ================================================================
-# NAME: change_ldap_entry
-# PURPOSE: ????
-# PARAMETERS: ????
-# RETURNS: ????
-# DESCRIPTION: ????
-# THROWS: no exceptions
-# COMMENTS: none
-# SEE ALSO: n/a
-#===============================================================================
-#sub change_ldap_entry {
-# my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_;
-#
-# # check if ldap_entry exists or not
-# my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))");
-# my $c_res = $s_res->count;
-# if($c_res == 0) {
-# daemon_log("WARNING: macAddress $mac not in LDAP", 1);
-# return;
-# } elsif($c_res > 1) {
-# daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1);
-# return;
-# }
-#
-# my $s_res_entry = $s_res->pop_entry();
-# my $dn = $s_res_entry->dn();
-# my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } );
-#
-# # for $result->code constants please look at Net::LDAP::Constant
-# my $log_time = localtime( time );
-# if($result->code == 32) { # entry doesnt exists
-# &add_ldap_entry($mac, $gotoSysStatus);
-# } elsif($result->code == 0) { # everything went fine
-# daemon_log("$log_time: entry $dn changed successful", 1);
-# } else { # if any other error occur
-# daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1);
-# }
-#
-# return;
-#}
-
-#=== FUNCTION ================================================================
-# NAME: search_ldap_entry
-# PURPOSE: ????
-# PARAMETERS: [Net::LDAP] $ldap_tree - object of an ldap-tree
-# string $sub_tree - dn of the subtree the search is performed
-# string $search_string - either a string or a Net::LDAP::Filter object
-# RETURNS: [Net::LDAP::Search] $msg - result object of the performed search
-# DESCRIPTION: ????
-# THROWS: no exceptions
-# COMMENTS: none
-# SEE ALSO: n/a
-#===============================================================================
-#sub search_ldap_entry {
-# my ($ldap_tree, $sub_tree, $search_string) = @_;
-# my $msg = $ldap_tree->search( # perform a search
-# base => $sub_tree,
-# filter => $search_string,
-# ) or daemon_log("cannot perform search at ldap: $@", 1);
-## if(defined $msg) {
-## print $sub_tree."\t".$search_string."\t";
-## print $msg->count."\n";
-## foreach my $entry ($msg->entries) { $entry->dump; };
-## }
-#
-# return $msg;
-#}
-
-
-
-#========= MAIN = main ========================================================
-#daemon_log( "####### START DAEMON ######\n", 1 );
-#&check_cmdline_param ;
-#&check_pid;
-#&open_fifo($fifo_path);
-#
-## Just fork, if we"re not in foreground mode
-#if( ! $foreground ) { $pid = fork(); }
-#else { $pid = $$; }
-#
-## Do something useful - put our PID into the pid_file
-#if( 0 != $pid ) {
-# open( LOCK_FILE, ">$pid_file" );
-# print LOCK_FILE "$pid\n";
-# close( LOCK_FILE );
-# if( !$foreground ) { exit( 0 ) };
-#}
-#
-#
-#if( not -p $fifo_path ) { die "fifo file disappeared\n" }
-#sysopen(FIFO, $fifo_path, O_RDONLY) or die "can't read from $fifo_path: $!" ;
-#
-#while( 1 ) {
-# # checke alle prozesse im hash daemon_children ob sie noch aktiv sind, wenn
-# # nicht, dann entferne prozess aus hash
-# while( (my $key, my $val) = each( %daemon_children) ) {
-# my $status = waitpid( $key, &WNOHANG) ;
-# if( $status == -1 ) {
-# delete $daemon_children{$key} ;
-# daemon_log("childprocess finished: $key", 3) ;
-# }
-# }
-#
-# # ist die max_process anzahl von prozesskindern erreicht, dann warte und
-# # prüfe erneut, ob in der zwischenzeit prozesse fertig geworden sind
-# if( keys( %daemon_children ) >= $max_process ) {
-# sleep($max_process_timeout) ;
-# next ;
-# }
-#
-# my $msg = <FIFO>;
-# if( not defined( $msg )) { next ; }
-#
-# chomp( $msg );
-# if( length( $msg ) == 0 ) { next ; }
-#
-# my $forked_pid = fork();
-##=== PARENT = parent ==========================================================
-# if ( $forked_pid != 0 ) {
-# daemon_log("childprocess forked: $forked_pid", 3) ;
-# $daemon_children{$forked_pid} = 0 ;
-# }
-##=== CHILD = child ============================================================
-# else {
-# # parse the incoming message from arp, split the message and return
-# # the values in an array. not defined values are set to "none"
-# #my ($mac, $ip, $interface, $arp_sig, $desc) = &parse_input( $msg ) ;
-# daemon_log( "childprocess read from arp: $fifo_path\nline: $msg", 3);
-# my ($mac, $ip, $interface, $arp_sig, $desc) = split('\s', $msg, 5);
-#
-# # create connection to LDAP
-# $#sysopen(FIFO, $fifo_path, O_RDONLY) or die "can't read from $fifo_path: $!" ;
-#
-#while( 1 ) {
-# # checke alle prozesse im hash daemon_children ob sie noch aktiv sind, wenn
-# # nicht, dann entferne prozess aus hash
-# while( (my $key, my $val) = each( %daemon_children) ) {
-# my $status = waitpid( $key, &WNOHANG) ;
-# if( $status == -1 ) {
-# delete $daemon_children{$key} ;
-# daemon_log("childprocess finished: $key", 3) ;
-# }
-# }
-#
-# # ist die max_process anzahl von prozesskindern erreicht, dann warte und
-# # prüfe erneut, ob in der zwischenzeit prozesse fertig geworden sind
-# if( keys( %daemon_children ) >= $max_process ) {
-# sleep($max_process_timeout) ;
-# next ;
-# }
-#
-# my $msg = <FIFO>;
-# if( not defined( $msg )) { next ; }
-#
-# chomp( $msg );
-# if( length( $msg ) == 0 ) { next ; }
-#
-# my $forked_pid = fork();
-##=== PARENT = parent ==========================================================
-# if ( $forked_pid != 0 ) {
-# daemon_log("childprocess forked: $forked_pid", 3) ;
-# $daemon_children{$forked_pid} = 0 ;
-# }
-##=== CHILD = child ============================================================
-# else {
-# # parse the incoming message from arp, split the message and return
-# # the values in an array. not defined values are set to "none"
-# #my ($mac, $ip, $interface, $arp_sig, $desc) = &parse_input( $msg ) ;
-# daemon_log( "childprocess read from arp: $fifo_path\nline: $msg", 3);
-# my ($mac, $ip, $interface, $arp_sig, $desc) = split('\s', $msg, 5);
-#
-# # create connection to LDAP
# $ldap = Net::LDAP->new( "localhost" ) or die "$@";
# $ldap->bind($bind_phrase,
# password => $password,
#
# $ldap->unbind;
# exit;
- # }
- #
- #}
1;