This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository mum. See http://git.chorem.org/mum.git commit ff95e7da31e16f9e61daa8480d30ec70475c348e Author: Alexis Guilbaud <guilbaud@codelutin.com> Date: Mon Feb 23 15:42:23 2015 +0100 autoconfiguration of host connections --- app/app.py | 30 ++++++++++++++----------- app/module_loader.py | 16 ++++++++++--- app/modules/detection_modules/nmap_detection.py | 13 ++++++----- app/modules/storage_modules/shelve_db.py | 27 +++++++++++++++++----- 4 files changed, 59 insertions(+), 27 deletions(-) diff --git a/app/app.py b/app/app.py index 33fbdbd..ba84339 100755 --- a/app/app.py +++ b/app/app.py @@ -34,7 +34,8 @@ class ThreadDetect(threading.Thread): def run(self): db = module_loader.load_db() - scanned_ip = module_loader.run_nmap_detection(self.ip_range, db, self.ws) + conn_mod_list = module_loader.get_conection_modules_list() + scanned_ip = module_loader.run_nmap_detection(self.ip_range, db, self.ws, conn_mod_list) self.ws.send(json.dumps({SUCCESS_MODULE: scanned_ip})) # now launching full detection for ip in json.loads(scanned_ip): @@ -120,18 +121,21 @@ def bower_files(filepath): @get('/websocket', apply=[websocket]) def receive(ws): while True: - response = ws.receive() - if response is not None: - msg = json.loads(response) - for code in msg: - if code == NMAP_SCAN_DEMAND: - start_first_detection(msg[NMAP_SCAN_DEMAND], ws) - elif code == GET_HOSTS_DEMAND: - db = module_loader.load_db() - ws.send(json.dumps({GET_HOSTS_RESPONSE: db.get_hosts()})) - del db - else: - break + try: + response = ws.receive() + if response is not None: + msg = json.loads(response) + for code in msg: + if code == NMAP_SCAN_DEMAND: + start_first_detection(msg[NMAP_SCAN_DEMAND], ws) + elif code == GET_HOSTS_DEMAND: + db = module_loader.load_db() + ws.send(json.dumps({GET_HOSTS_RESPONSE: db.get_hosts()})) + del db + else: + break + except: + break # Lancement du serveur a l'adresse 0.0.0.0:1337 diff --git a/app/module_loader.py b/app/module_loader.py index 71f0268..e61caed 100644 --- a/app/module_loader.py +++ b/app/module_loader.py @@ -24,7 +24,7 @@ def load_db(): return db_instance -def run_nmap_detection(ip_range, db, ws): +def run_nmap_detection(ip_range, db, ws, conn_mod_list): """ Instanciates the nmap_detection module from detection_modules, and runs the detection. :param ip_range: addresses to execute the nmap detection @@ -33,7 +33,7 @@ def run_nmap_detection(ip_range, db, ws): :return: a list containing the IP adresses checked """ nmap_mod = __import__("modules.detection_modules.nmap_detection", fromlist=modules.detection_modules) - nmap_mod_instance = getattr(nmap_mod, "nmap_detection")(db, ws) + nmap_mod_instance = getattr(nmap_mod, "nmap_detection")(db, ws, conn_mod_list) return nmap_mod_instance.check_ip_range(ip_range) @@ -72,7 +72,6 @@ def run_all_detection_modules(os, conn, db, ws): ws.send(json.dumps({"40": cnfe.__str__})) - def run_all_monitoring_modules(os, conn, db, ws): """ Instanciates and runs every monitoring_modules listed in the __init__.py file of the package corresponding to @@ -139,6 +138,17 @@ def get_info_mod_monitoring(os): return pack_mod_os.info_mod +def get_conection_modules_list(): + """ + Get a list containing the names of the different connection modules declared on the __init__.py file + of the connection_modules package. + :return: a list containing the names of the different connection modules declared on the __init__.py file + of the connection_modules package. + """ + pack_conn_os = __import__("modules.connection_modules", fromlist=modules.connection_modules.__all__) + return pack_conn_os.__all__ + + def create_global_conf(db): """ Asks the database to create a global configuration in function of the monitoring modules descibed on the __init__.py diff --git a/app/modules/detection_modules/nmap_detection.py b/app/modules/detection_modules/nmap_detection.py index f8c379e..eb9bf21 100644 --- a/app/modules/detection_modules/nmap_detection.py +++ b/app/modules/detection_modules/nmap_detection.py @@ -6,10 +6,11 @@ import json class nmap_detection: - def __init__(self, db, ws): + def __init__(self, db, ws, conn_mod_list): self.db = db self.ws = ws self.scanned_ip = [] + self.conn_mod_list = conn_mod_list # function for splitting the different ranges of the IP adress # launch the nmap detection of each ip under this range @@ -85,10 +86,10 @@ class nmap_detection: while child.isalive(): child.expect('Completed', timeout=None) except pexpect.EOF: - try: - self.parse_res(ip) - except: - self.ws.send(json.dumps({"40": "Database error"})) + #try: + self.parse_res(ip) + #except: + # self.ws.send(json.dumps({"40": "Database error"})) except pexpect.TIMEOUT: self.ws.send(json.dumps({"40": "Timeout on nmap execution"})) except pexpect.ExceptionPexpect: @@ -142,6 +143,6 @@ class nmap_detection: dict_host['openports'] = list_dict_port # the host have its IP for ID on the db print dict_host - self.db.add_host(dict_host['addr'], json.dumps(dict_host)) + self.db.add_host(dict_host['addr'], json.dumps(dict_host), self.conn_mod_list) pexpect.run("rm -f res.xml") self.scanned_ip.append(ip) \ No newline at end of file diff --git a/app/modules/storage_modules/shelve_db.py b/app/modules/storage_modules/shelve_db.py index b3c2d7e..968d379 100644 --- a/app/modules/storage_modules/shelve_db.py +++ b/app/modules/storage_modules/shelve_db.py @@ -43,7 +43,7 @@ class shelve_db: # Add and save a new host after its first nmap detection # It also preconfigure with the default configuration, add the host to the group "all" and # creates empty structures for the monitoring and archive data. - def add_host(self, addr_host, nmap_res): + def add_host(self, addr_host, nmap_res, conn_mod_list): """ Called by the nmap_detection module. Add and save a new host after its first nmap detection @@ -63,7 +63,7 @@ class shelve_db: self.db["hosts"][addr_host]["conf"] = {} self.db["hosts"][addr_host]["conf"]["monitoring"] = self.db["global_conf"] self.db["hosts"][addr_host]["conf"]["groups"] = ["all"] # Every host is in group "all" - self.db["hosts"][addr_host]["conf"]["connections"] = {} + self.db["hosts"][addr_host]["conf"]["connections"] = self.init_conn(json.loads(nmap_res), conn_mod_list) self.db["hosts"][addr_host]["conf"]["subscribers"] = {} # Add current user automatically ? self.db["hosts"][addr_host]["conf"]["custom_info"] = "" self.db["hosts"][addr_host]["conf"]["interventions"] = [] @@ -74,9 +74,26 @@ class shelve_db: finally: self.close_db() - # Returns the essential data about all hosts under monitoring - # These are used by the front-end - # If no hosts have been added, the function will return an empty list + def init_conn(self, dict_nmap_res, conn_list): + """ + Returns an initialization for the connection configuration on a host. + :param dict_nmap_res: The result of the nmap detection formatted to datastructures. + :param conn_list: A list of all connection modules avaliable + :return: + """ + res = [] + cpt = 1 + for port in dict_nmap_res['openports']: + if port["portname"] in conn_list: + dict_conn = {} + dict_conn[port["portname"]] = { + "priority": cpt, + "portid": int(port["portid"]), + } + res.append(dict_conn) + cpt += 1 + return res + def get_hosts(self): """ Returns the essential data about all hosts under monitoring -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.