Open-AudIT

What's on your network?
It is currently Thu Jan 18, 2018 5:49 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 16 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Sat Sep 30, 2006 1:51 am 
Offline
Moderator

Joined: Sat Mar 04, 2006 2:44 am
Posts: 193
Just in case anyone else finds this useful, I quickly hacked this together.

If you save this as say switchport.php
Then access it with
http://openaudit/swithport.php?ip=192.1 ... ity=public

It connects to the switch/router/whatever with the specified ip address and community string using snmp and gets the mac address database. It then uses open-audit to get the names of machines for the mac addresses.

I've tried it with a few 3com and cisco switches. If you have closed vlan's then you will need to specify the vlan number in the uri. ( e.g. http://openaudit/swithport.php?ip=192.1 ... ity=public
&vlan=200 )

Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<head>
<title>Switch</title>
</head>
<body>

<?php
  include "include_config.php";

  $dot1dTpFdbAddress = ".1.3.6.1.2.1.17.4.3.1.1";
  $dot1dTpFdbPort = ".1.3.6.1.2.1.17.4.3.1.2";
  $dot1dBasePortIfIndex = ".1.3.6.1.2.1.17.1.4.1.2";
  $community = "public";
  $ip = "";
  if (isset($_REQUEST["ip"])) {
    $ip = $_REQUEST["ip"];
  }
  if (isset($_REQUEST["community"])) {
    $community = $_REQUEST["community"];
  }
  if (isset($_REQUEST["vlan"])) {
    $community = $community . "@" . $_REQUEST["vlan"];
  }

 $db = mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
  mysql_select_db($mysql_database) or die("Could not select database");

  echo "<h1>" . gethostbyaddr($ip) . "</h1>\n";
  snmp_set_oid_numeric_print(TRUE);
  snmp_set_quick_print(TRUE);
  snmp_set_enum_print(TRUE);

  $addresses = snmprealwalk($ip, $community, $dot1dTpFdbAddress) or die("error dbAddress");
  $ports = snmprealwalk($ip, $community, $dot1dTpFdbPort) or die("error dbPort");
  $interfaces = snmprealwalk($ip, $community, $dot1dBasePortIfIndex) or die("error ifIndex");
  asort($ports,SORT_NUMERIC);

  echo "<table border=\"1\">\n";
  echo "<tr><th>Port</th><th>Interface</th><th>MAC</th><th>Name</th><th>Description</th><th>IP</th></tr>\n";

  foreach (array_keys($ports) as $oid) {
    $macoid = $dot1dTpFdbAddress . substr($oid,23);
    $mac = str_replace(" ",":",substr($addresses[$macoid],1,17));
    $intoid = $dot1dBasePortIfIndex . "." . $ports[$oid];
    echo "<tr>\n";
    print "<td>$ports[$oid]</td><td>$interfaces[$intoid]</td><td>$mac</td>";

    $sql = "select system_name, system_man_description, system.net_ip_address from system join network_card on net_uuid = system_uuid and net_timestamp = system_timestamp join system_man on system_uuid = system_man_uuid where net_mac_address = '$mac'";
    $result = mysql_query($sql);
    if (!$myrow = mysql_fetch_array($result)) {
      $sql = "select other_network_name, other_description, other_ip_address from other where other_mac_address = '$mac'";
      $result = mysql_query($sql);
      $myrow = mysql_fetch_array($result);
    }
    print "<td>" . $myrow[0] . "</td>\n";
    print "<td>" . $myrow[1] . "</td>\n";
    print "<td>" . $myrow[2] . "</td>\n";

    echo "</tr>\n";
}

echo "</table>\n";
?>

</body>
</html>


Top
 Profile  
 
 Post subject:
PostPosted: Sat Sep 30, 2006 2:26 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Looks cool, but I get

Code:
Fatal error: Call to undefined function snmp_set_oid_numeric_print() in C:\Program Files\xampp\htdocs\openaudit\switchport.php on line 30


Do I need any extra libs? I have extension=php_snmp.dll in php.ini

Also a neat idea would be to add this as a link on the networked other items page for any item defines as a suitable switch.. Might require a little thought though.


Top
 Profile  
 
 Post subject:
PostPosted: Sat Sep 30, 2006 2:42 am 
Offline
Moderator

Joined: Sat Mar 04, 2006 2:44 am
Posts: 193
yeah sorry, it was put together v quickly with no error checking.

You need snmp support enabled in php.

Just check you have php_snmp.dll in the php extensions directory and then you probably just need to uncomment
Code:
;extension=php_snmp.dll
in the php.ini.

Restart apache and you might be away!


Top
 Profile  
 
 Post subject:
PostPosted: Sat Sep 30, 2006 2:56 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
d.l.dave wrote:
yeah sorry, it was put together v quickly with no error checking.

You need snmp support enabled in php.

Just check you have php_snmp.dll in the php extensions directory and then you probably just need to uncomment
Code:
;extension=php_snmp.dll
in the php.ini.

Restart apache and you might be away!


Tried all that, but I'll give it another whirl Monday afternoon. I might update PHP at the same time, after all what could possibly go wrong? :roll:


Top
 Profile  
 
 Post subject:
PostPosted: Tue Oct 03, 2006 12:54 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
I gave it a go. Seems to work well.
I use Ubuntu, so I has to apt-get install php5-snmp, but after that, all good.
Have put it in Trunk, but there are no links to it from the menus (for now). We can add it in "officially" later.

Mark.


Top
 Profile  
 
 Post subject:
PostPosted: Tue Oct 03, 2006 10:25 pm 
Offline
Moderator

Joined: Sun Aug 06, 2006 1:13 am
Posts: 362
Location: Germany
SNMP:

It would be create, if we can gather data by snmp from all systems or only for the nmap-devices. I create a new thread for this.


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 04, 2006 2:40 am 
Mark, it doesn't look like you remembered to add it (as in, I don't see it in the trunk). It won't commit unless you tell svn to add the file.


Top
  
 
 Post subject:
PostPosted: Wed Oct 04, 2006 3:18 am 
This is actually quite useful. I know the ports on the switches have been given names, but of course, they are quite old and basically unusable. This is much faster than querying the mac addresses and hunting down what machine it is! I'd be interested in knowing what other kinds of info we can get (maybe even from servers if you install snmp?).


Top
  
 
 Post subject:
PostPosted: Wed Oct 11, 2006 12:43 am 
Offline
Newbie

Joined: Wed Oct 11, 2006 12:37 am
Posts: 3
Quote:
Looks cool, but I get

Code:

Fatal error: Call to undefined function snmp_set_oid_numeric_print() in C:\Program Files\xampp\htdocs\openaudit\switchport.php on line 30


Do I need any extra libs? I have extension=php_snmp.dll in php.ini


I'm getting the same error, and I have the extension loaded. I'm running OA from the same system I have CACTI loaded on. Is there a specific version of PHP that this code is written for? I'm using Windows that that makes a difference.


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 11, 2006 1:07 am 
Did you restart the apache server after loading the extension in php.ini? If not, that may be the cause. PHP should be running in isapi mode, so it loads with apache. Therefore, it only reads php.ini when apache is restarted.


Top
  
 
 Post subject:
PostPosted: Wed Oct 11, 2006 1:33 am 
Offline
Newbie

Joined: Wed Oct 11, 2006 12:37 am
Posts: 3
mikeyrb wrote:
Did you restart the apache server after loading the extension in php.ini? If not, that may be the cause. PHP should be running in isapi mode, so it loads with apache. Therefore, it only reads php.ini when apache is restarted.


The extension has been enabled for months. It's a required component to use CACTI. I'm not using Apache, I'm using IIS and PHP works fine for CACTI. Restarting IIS has not helped.


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 11, 2006 2:18 am 
Offline
Moderator

Joined: Sat Mar 04, 2006 2:44 am
Posts: 193
You also need PHP >= 4.3.0


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 11, 2006 2:37 am 
Offline
Newbie

Joined: Wed Oct 11, 2006 12:37 am
Posts: 3
I've got:
PHP Version 4.4.2

The SNMP section says:
UCD-SNMP Support enabled
UCD-SNMP Version ucd-snmp-4.2.3


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 11, 2006 2:43 am 
Offline
Moderator

Joined: Sat Mar 04, 2006 2:44 am
Posts: 193
Should probably add something like:

Code:
  if (function_exists("version_compare") and version_compare(phpversion(), "4.3.0", "<")) {
    die ("Sorry you need PHP version 4.3.0 or greater");
  }
  if (!extension_loaded('snmp')) {
    die ("Sorry you need to load the extension snmp")
  }


to the start


Top
 Profile  
 
 Post subject:
PostPosted: Thu Oct 12, 2006 4:42 am 
Offline
Newbie

Joined: Wed May 25, 2005 5:11 am
Posts: 49
Location: Toronto, Ontario, Canada
BobDole wrote:
mikeyrb wrote:
Did you restart the apache server after loading the extension in php.ini? If not, that may be the cause. PHP should be running in isapi mode, so it loads with apache. Therefore, it only reads php.ini when apache is restarted.


The extension has been enabled for months. It's a required component to use CACTI. I'm not using Apache, I'm using IIS and PHP works fine for CACTI. Restarting IIS has not helped.


I'm having the exactly same problem using IIS, and PHP 4.4.0.0. I've installed the php_snmp.dl extension and I believe I've installed Net-SNMP corrently (set the environment variables and the path statement etc). It just says: "Call to undefined function: snmp_set_oid_numeric_print()" so obviously php is not finding this function.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 16 posts ]  Go to page 1, 2  Next

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group