add subnets for gateway. test first

html/admin/devices/edit_gw_subnets.php

@@ -0,0 +1,76 @@
+<?php
+
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/auth.php");
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/languages/" . HTML_LANG . ".php");
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/idfilter.php");
+
+$device=get_record($db_link,'devices',"id=".$id);
+$user_info = get_record_sql($db_link,"SELECT * FROM User_list WHERE id=".$device['user_id']);
+
+if (isset($_POST["s_remove"])) {
+    $s_id = $_POST["gs_id"];
+    foreach ($s_id as $key => $val) {
+        if (isset($val)) {
+            LOG_INFO($db_link, "Remove subnet from gateway id: $val");
+            delete_record($db_link, "gateway_subnets", "id=" . $val);
+        }
+    }
+    header("Location: " . $_SERVER["REQUEST_URI"]);
+    exit;
+}
+
+if (isset($_POST["s_create"])) {
+    if (!empty($_POST["new_subnet"])) {
+        $new['subnet_id'] = trim($_POST["new_subnet"]);
+        $new['device_id'] = $id;
+        LOG_INFO($db_link, "Add subnet id: ".$new['subnet_id']." for gateway id: ".$id);
+        insert_record($db_link, "gateway_subnets", $new);
+    }
+    header("Location: " . $_SERVER["REQUEST_URI"]);
+    exit;
+}
+
+unset($_POST);
+
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
+
+print_device_submenu($page_url);
+print_editdevice_submenu($page_url,$id,$device['device_type'],$user_info['login']);
+
+?>
+<div id="contsubmenu">
+<br>
+<?php print "<form name=def action='edit_gw_subnets.php?id=".$id."' method=post>"; ?>
+<?php print WEB_list_gateway_subnets."<b>"; print_url($device['device_name'],"/admin/devices/editdevice.php?id=$id"); ?>
+</b> <br>
+<table class="data">
+<tr align="center">
+	<td></td>
+	<td width=30><b>id</b></td>
+	<td><b><?php echo WEB_network_subnet; ?></b></td>
+	<td>
+	<input type="submit" onclick="return confirm('<?php print WEB_msg_delete; ?>?')" name="s_remove" value="<?php print WEB_btn_remove; ?>">
+	</td>
+</tr>
+<?php
+$gateway_subnets = get_records_sql($db_link,'SELECT gateway_subnets.*,subnets.subnet,subnets.comment FROM gateway_subnets LEFT JOIN subnets ON gateway_subnets.subnet_id = subnets.id WHERE gateway_subnets.device_id='.$id.' ORDER BY subnets.subnet ASC');
+foreach ( $gateway_subnets as $row ) {
+    print "<tr align=center>\n";
+    print "<td class=\"data\" style='padding:0'><input type=checkbox name=gs_id[] value='{$row['id']}'></td>\n";
+    print "<td class=\"data\"><input type=\"hidden\" name='n_id[]' value='{$row['id']}'>{$row['id']}</td>\n";
+    print "<td class=\"data\">".get_subnet_description($db_link,$row['subnet_id'])."</td>\n";
+    print "</tr>\n";
+    }
+?>
+<tr>
+<td colspan=2><?php print WEB_btn_add; print_gateway_select($db_link,"new_subnet",$id); ?>
+</td>
+<td>
+<input type="submit" name="s_create" value="<?php echo WEB_btn_add; ?>">
+</td>
+</tr>
+</table>
+</form>
+<?php
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/footer.php");
+?>

html/admin/devices/editdevice.php

@@ -146,7 +146,7 @@ print "<td class='data' colspan=2>"; print_device_model_select($db_link,'f_devic
 print "<td class='data' ><input type='text' name='f_firmware' value='".$device['firmware']."'></td>\n";
 print "<td class='data' ><input type='text' name='f_SN' value='".$device['SN']."'></td>\n";
 print "</tr>\n";
-print "<tr><td>".WEB_location_name."</td><td colspan=2>".WEB_cell_comment."</td><td><td>";
+print "<tr><td colspan=2>".WEB_location_name."</td><td colspan=2>".WEB_cell_comment."</td>";
 print "</tr><tr>";
 print "<td class='data'>"; print_building_select($db_link, 'f_building_id', $device['building_id']); print "</td>\n";
 print "<td class='data' colspan=3><input type='text' size=50 name='f_comment' value='".$device['comment']."'></td>\n";
@@ -169,10 +169,12 @@ if ($device['device_type']==2) {
 if ($device['device_type']==0) {
     print "<tr><td>".WEB_device_dhcp_server."</td><td></td><td></td><td></td></tr>";
     print "<tr>";
-    print "<td class='data'>"; print_qa_select('f_dhcp', $device['dhcp']); print "</td>\n";
+    print "<td class='data'>"; print_qa_select('f_dhcp', $device['dhcp']); print "</td><td></td><td></td><td></td>\n";
     print "</tr>\n";
-    print "<tr><td colspan=4>"; print_url(WEB_list_l3_interfaces,"/admin/devices/edit_l3int.php?id=$id"); print "</td></tr>";
-    print "<tr><td colspan=4 class='data'>"; print get_l3_interfaces($db_link,$device['id']); print "</td></tr>";
+    print "<tr><td colspan=2>"; print_url(WEB_list_l3_interfaces,"/admin/devices/edit_l3int.php?id=$id"); print "</td>";
+    print "<td colspan=2>"; print_url(WEB_list_gateway_subnets,"/admin/devices/edit_gw_subnets.php?id=$id"); print "</td></tr>";
+    print "<tr><td colspan=2 class='data'>"; print get_l3_interfaces($db_link,$device['id']); print "</td>";
+    print "<td colspan=2 class='data'>"; print get_gw_subnets($db_link,$device['id']); print "</td></tr>";
     }
 
 //for all active network devices
@@ -184,7 +186,6 @@ if ($device['device_type']<=2) {
     print "<td class='data'><input type='text' name='f_password' value='********'></td>\n";
     print "<td class='data'>"; print_control_proto_select('f_protocol', $device['protocol']); print "</td>\n";
     print "<td class='data'><input type='text' name='f_control_port' value=".$device['control_port']."></td>\n";
-    print "<td class='data'></td>\n";
     print "</tr>";
     //snmp settings & discovery & nagios
     print "<tr><td>".WEB_snmp_version."</td><td>".WEB_network_discovery."</td><td>".WEB_nagios."</td><td></td></tr>";
@@ -218,7 +219,7 @@ if ($device['device_type']>2) {
     print "<tr><td class='data'>"; print_snmp_select('f_snmp_version', $device['snmp_version']); print "</td>\n";
     print "<td class='data'><input type='text' name='f_community' value=".$device['community']."></td>\n";
     print "<td class='data'><input type='text' name='f_rw_community' value=".$device['rw_community']."></td>\n";
-    print "<dtd></td></tr>";
+    print "<td></td></tr>";
     if ($device['snmp_version'] ==3) {
         print "<tr><td>".WEB_snmp_v3_user_ro."</td><td>".WEB_snmp_v3_user_rw."</td><td>".WEB_snmp_v3_ro_password."</td><td>".WEB_snmp_v3_rw_password."</td><td></td>";
 	    print "</tr><tr>";

html/admin/users/editauth.php

@@ -337,15 +337,16 @@ if ($auth_info['last_found'] == '0000-00-00 00:00:00') {
                 <td><input type="text" name="f_wiki" value="<?php echo $auth_info['WikiName']; ?>"></td>
                 <td><?php if (empty($device) or (!empty($device) and $device['device_type'] > 2)) {
                         print_qa_select('f_nagios', $auth_info['nagios']);
-                    } ?></td>
+                    } ?>
+                </td>
                 <td><?php if (empty($device) or (!empty($device) and $device['device_type'] > 2)) {
                         print_qa_select('f_link', $auth_info['link_check']);
-                    } ?></td>
+                    } ?>
+                </td>
                 <td></td>
             </tr>
             <tr>
-                <td colspan=2><input type="submit" name="moveauth" value=<?php print WEB_btn_move; ?>><?php print_login_select($db_link, 'f_new_parent', $auth_info['user_id']); ?></td>
-                <td><a href=/admin/logs/authlog.php?auth_id=<?php print $id; ?>><?php print WEB_log; ?></a></td>
+                <td colspan=3><input type="submit" name="moveauth" value=<?php print WEB_btn_move; ?>><?php print_login_select($db_link, 'f_new_parent', $auth_info['user_id']); ?></td>
                 <?php
                 if ($auth_info['deleted']) {
                     print "<td >" . WEB_deleted . ": " . $auth_info['changed_time'] . "</td>";
@@ -367,7 +368,7 @@ if ($auth_info['last_found'] == '0000-00-00 00:00:00') {
                 <td align=right><?php print "Dhcp event: " . $dhcp_str; ?></td>
             </tr>
             <tr>
-                <td><?php print WEB_cell_created . ": "; ?></td>
+                <td><a href=/admin/logs/authlog.php?auth_id=<?php print $id; ?>><?php print WEB_cell_created; ?></a></td>
                 <td><?php print $auth_info['timestamp']; ?></td>
                 <td align=right colspan=2><?php print_url(WEB_report_by_day, "/admin/reports/authday.php?id=$id"); ?></td>
             </tr>

html/inc/common.php

@@ -480,6 +480,24 @@ function print_ou_select($db, $ou_name, $ou_value)
     print "</select>\n";
 }
 
+function get_subnet_description($db,$subnet_id)
+{
+if (empty($subnet_id)) { return '';}
+$result = get_record_sql($db,'SELECT * FROM subnets WHERE id='.$subnet_id);
+if (empty($result)) { return ''; }
+return $result;
+}
+
+function print_add_gw_subnets($db, $device_id, $gs_name)
+{
+    print "<select name=\"$gs_name\" >\n";
+    $t_gs = mysqli_query($db, "SELECT id,subnet,comment FROM subnets WHERE subnets.id NOT IN (SELECT subnet_id FROM gateway_subnets WHERE gateway_subnets.id=".$device_id.") ORDER BY subnet");
+    while (list($f_gs_id, $f_gs_name,$f_gs_comment) = mysqli_fetch_array($t_gs)) {
+        print_select_item($f_gs_name.'['.$f_gs_comment.']', $f_gs_id, 0);
+    }
+    print "</select>\n";
+}
+
 function print_ou_set($db, $ou_name, $ou_value)
 {
     print "<select name=\"$ou_name\">\n";
@@ -894,6 +912,19 @@ function get_l3_interfaces($db, $device_id)
     return trim($result);
 }
 
+function get_gw_subnets($db, $device_id)
+{
+$gw_subnets_sql='SELECT gateway_subnets.*,subnets.subnet,subnets.comment FROM gateway_subnets LEFT JOIN subnets ON gateway_subnets.subnet_id = subnets.id WHERE gateway_subnets.device_id='.$device_id.' ORDER BY subnets.subnet ASC';
+$gw_subnets=get_records_sql($db,$gw_subnets_sql);
+$result='';
+foreach ($gw_subnets as $row) {
+    if (!empty($row)) {
+        $result.=' '.$row['subnet'].'<br>';
+        }
+}
+return trim($result);
+}
+
 function print_queue_select($db, $queue_name, $queue_value)
 {
     print "<select name=\"$queue_name\">\n";
@@ -4172,6 +4203,14 @@ function update_record($db, $table, $filter, $newvalue)
         'alias' => '1',
     ];
 
+    if ($table === "User_auth") {
+        if (empty($newvalue["ip"])) { $newvalue["subnet_id"]=0; } else {
+            $newvalue['ip_int']=ip2long($newvalue["ip"]);
+            $auth_subnet=get_ip_subnet($db,$newvalue["ip"]);
+            if (empty($auth_subnet)) { $newvalue['subnet_id']=0; } else { $newvalue['subnet_id']=$auth_subnet['id']; }
+        }
+    }
+
     foreach ($newvalue as $key => $value) {
         if (!isset($value)) {
             $value = '';
@@ -4386,6 +4425,14 @@ function insert_record($db, $table, $newvalue)
         return;
     }
 
+    if ($table === "User_auth") {
+        if (empty($newvalue["ip"])) { $newvalue["subnet_id"]=0; } else {
+            $newvalue['ip_int']=ip2long($newvalue["ip"]);
+            $auth_subnet=get_ip_subnet($db,$newvalue["ip"]);
+            if (empty($auth_subnet)) { $newvalue['subnet_id']=0; } else { $newvalue['subnet_id']=$auth_subnet['id']; }
+        }
+    }
+
     $changed_log = '';
     $field_list = '';
     $value_list = '';

html/inc/languages/english.php

@@ -334,6 +334,7 @@ define("WEB_nagios_template","Nagios Template");
 /* edit_l3int */
 define("WEB_list_l3_interfaces","List of L3 interfaces");
 define("WEB_l3_interface_add","Add interface");
+define("WEB_list_gateway_subnets","List of subnets that work through the gateway");
 
 /* editdevice */
 define("WEB_location_name","Location");

html/inc/languages/russian.php

@@ -333,7 +333,7 @@ define("WEB_nagios_template","Шаблон Нагиос");
 /* edit_l3int */
 define("WEB_list_l3_interfaces","Список L3 интерфейсов");
 define("WEB_l3_interface_add","Добавить интерфейс");
-
+define("WEB_list_gateway_subnets","Список подсетей, работающих через шлюз");
 /* editdevice */
 define("WEB_location_name","Расположение");
 define("WEB_device_access_control","Управление доступом");

scripts/eyelib/mysql.pm

@@ -431,6 +431,13 @@ my $dns_changed = 0;
 $rec_id = $old_record->{'id'} if ($old_record->{'id'});
 
 if ($table eq "User_auth") {
+
+    if (!$record->{'ip'}) { $record->{'subnet_id'}=0; } else {
+            $record->{'ip_int'}=StrToIp($record->{'ip'});
+            my $auth_subnet=get_ip_subnet($db,$record->{'ip'});
+            if (!$auth_subnet) { $record->{'subnet_id'}=0; } else { $record->{'subnet_id'}=$auth_subnet->{'id'}; }
+        }
+
     foreach my $field (keys %$record) {
         if (exists $acl_fields{$field}) { $record->{changed}="1"; }
         if (exists $dhcp_fields{$field}) { $record->{dhcp_changed}="1"; }
@@ -531,6 +538,12 @@ my $new_str='';
 my $dns_changed = 0;
 
 if ($table eq "User_auth") {
+    if (!$record->{'ip'}) { $record->{'subnet_id'}=0; } else {
+            $record->{'ip_int'}=StrToIp($record->{'ip'});
+            my $auth_subnet=get_ip_subnet($db,$record->{'ip'});
+            if (!$auth_subnet) { $record->{'subnet_id'}=0; } else { $record->{'subnet_id'}=$auth_subnet->{'id'}; }
+    }
+
     foreach my $field (keys %$record) {
         if (exists $acl_fields{$field}) { $record->{changed}="1"; }
         if (exists $dhcp_fields{$field}) { $record->{dhcp_changed}="1"; }

updates/2-4-14/device_subnets.sql

@@ -0,0 +1 @@
+CREATE TABLE `gateway_subnets` ( `id` INT NOT NULL AUTO_INCREMENT , `device_id` INT NULL DEFAULT NULL , `subnet_id` INT NULL DEFAULT NULL , PRIMARY KEY (`id`)) ENGINE = InnoDB;

updates/2-4-14/user_auth.sql

@@ -1,4 +1,4 @@
 ALTER TABLE `User_auth` CHANGE `dhcp_changed` `dhcp_changed` INT(11) NOT NULL DEFAULT '0';
 ALTER TABLE `User_auth` CHANGE `dns_name` `dns_name` VARCHAR(100) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL;
-DELETE FROM `User_auth_alias` WHERE `auth_id` in (SELECT `id` FROM `User_auth` WHERE `deleted`=1);
-DELETE FROM `User_auth_alias` WHERE `auth_id` in (SELECT `id` FROM `User_auth` WHERE `dns_name`='' or `dns_name` IS NULL);
+ALTER TABLE `User_auth` ADD `subnet_id` INT NULL DEFAULT NULL AFTER `ip_int`;
+ALTER TABLE `User_auth` ADD `802_1x` INT NOT NULL DEFAULT '0' AFTER `enabled`;

updates/2-4-14/user_auth_alias.sql

@@ -0,0 +1,2 @@
+DELETE FROM `User_auth_alias` WHERE `auth_id` in (SELECT `id` FROM `User_auth` WHERE `deleted`=1);
+DELETE FROM `User_auth_alias` WHERE `auth_id` in (SELECT `id` FROM `User_auth` WHERE `dns_name`='' or `dns_name` IS NULL);