| 34 |
|
$file_list |
| 35 |
|
$fqdn |
| 36 |
|
$pidfile |
| 37 |
+ |
$retry_wait |
| 38 |
|
); |
| 39 |
|
|
| 40 |
|
if (@ARGV != 2) { |
| 45 |
|
$filter_manager_port = $ARGV[1]; |
| 46 |
|
|
| 47 |
|
$seq_no = 1; |
| 48 |
+ |
$retry_wait = 6; |
| 49 |
|
|
| 50 |
|
# write our PID to a file |
| 51 |
|
$pidfile = "/var/tmp/ihost.pid"; |
| 84 |
|
|
| 85 |
|
|
| 86 |
|
#----------------------------------------------------------------------- |
| 87 |
+ |
# wait_then_retry |
| 88 |
+ |
# Waits for the period of time specified in $retry_wait, then attempts |
| 89 |
+ |
# to reconfigure with the server. |
| 90 |
+ |
#----------------------------------------------------------------------- |
| 91 |
+ |
sub wait_then_retry() { |
| 92 |
+ |
print "Will retry configuration with filter manager in $retry_wait seconds.\n"; |
| 93 |
+ |
`sleep $retry_wait`; |
| 94 |
+ |
} |
| 95 |
+ |
|
| 96 |
+ |
|
| 97 |
+ |
#----------------------------------------------------------------------- |
| 98 |
|
# tcp_configure |
| 99 |
|
# Establishes a TCP connection to the specified i-scream filter manager. |
| 100 |
|
# The host then requests details from the server, such as the intervals |
| 102 |
|
#----------------------------------------------------------------------- |
| 103 |
|
sub tcp_configure() { |
| 104 |
|
|
| 105 |
< |
my($sock) = new IO::Socket::INET( |
| 106 |
< |
PeerAddr => $filter_manager_addr, |
| 107 |
< |
PeerPort => $filter_manager_port, |
| 108 |
< |
Proto => 'tcp' |
| 109 |
< |
) or die "Cannot connect!"; |
| 110 |
< |
if (!defined $sock) { |
| 111 |
< |
print "IHOST ERROR: Could not connect to $filter_manager_addr:$filter_manager_port.\n"; |
| 112 |
< |
print "Please check that there is an i-scream server at this address.\n"; |
| 113 |
< |
print "Program ended.\n"; |
| 114 |
< |
exit(1); |
| 115 |
< |
} |
| 105 |
> |
while (1) { |
| 106 |
> |
my($sock) = new IO::Socket::INET( |
| 107 |
> |
PeerAddr => $filter_manager_addr, |
| 108 |
> |
PeerPort => $filter_manager_port, |
| 109 |
> |
Proto => 'tcp' |
| 110 |
> |
) or die "Cannot connect!"; |
| 111 |
> |
if (!defined $sock) { |
| 112 |
> |
print "IHOST ERROR: Could not connect to $filter_manager_addr:$filter_manager_port.\n"; |
| 113 |
> |
print "Please check that there is an i-scream server at this address.\n"; |
| 114 |
> |
wait_then_retry(); |
| 115 |
> |
next; |
| 116 |
> |
} |
| 117 |
|
|
| 118 |
< |
# Now run through the configuration process... |
| 119 |
< |
my($response); |
| 118 |
> |
# Now run through the configuration process... |
| 119 |
> |
my($response); |
| 120 |
|
|
| 121 |
< |
print $sock "STARTCONFIG\n"; |
| 122 |
< |
$response = <$sock>; |
| 123 |
< |
if (!chop $response eq "OK") { |
| 124 |
< |
print "The i-scream server rejected the STARTCONFIG command. Terminated."; |
| 125 |
< |
exit(1); |
| 126 |
< |
} |
| 121 |
> |
print $sock "STARTCONFIG\n"; |
| 122 |
> |
$response = <$sock>; |
| 123 |
> |
if ($response && !($response eq "OK\n")) { |
| 124 |
> |
print "The i-scream server rejected the STARTCONFIG command.\n"; |
| 125 |
> |
close($sock); |
| 126 |
> |
wait_then_retry(); |
| 127 |
> |
next; |
| 128 |
> |
} |
| 129 |
|
|
| 130 |
< |
print "Config started okay.\n"; |
| 130 |
> |
print "Config started okay.\n"; |
| 131 |
|
|
| 132 |
< |
print $sock "LASTMODIFIED\n"; |
| 133 |
< |
$response = <$sock>; |
| 134 |
< |
chop $response; |
| 135 |
< |
$last_modified = $response; |
| 132 |
> |
print $sock "LASTMODIFIED\n"; |
| 133 |
> |
$response = <$sock>; |
| 134 |
> |
if (!$response) { |
| 135 |
> |
print "The i-scream server did not return anything for the LASTMODIFIED command.\n"; |
| 136 |
> |
close($sock); |
| 137 |
> |
wait_then_retry(); |
| 138 |
> |
next; |
| 139 |
> |
} |
| 140 |
> |
chop $response; |
| 141 |
> |
$last_modified = $response; |
| 142 |
|
|
| 143 |
< |
print "Config last modified: ". (scalar localtime $last_modified/1000) . "\n"; |
| 143 |
> |
print "Config last modified: ". (scalar localtime $last_modified/1000) . "\n"; |
| 144 |
|
|
| 145 |
< |
print $sock "FILELIST\n"; |
| 146 |
< |
$response = <$sock>; |
| 147 |
< |
chop $response; |
| 148 |
< |
$file_list = $response; |
| 145 |
> |
print $sock "FILELIST\n"; |
| 146 |
> |
$response = <$sock>; |
| 147 |
> |
if (!$response) { |
| 148 |
> |
print "The i-scream server did not provide a configuration file list.\n"; |
| 149 |
> |
close($sock); |
| 150 |
> |
wait_then_retry(); |
| 151 |
> |
next; |
| 152 |
> |
} |
| 153 |
> |
chop $response; |
| 154 |
> |
$file_list = $response; |
| 155 |
|
|
| 156 |
< |
print "File list obtained: $file_list\n"; |
| 156 |
> |
print "File list obtained: $file_list\n"; |
| 157 |
|
|
| 158 |
< |
print $sock "FQDN\n"; |
| 159 |
< |
$response = <$sock>; |
| 160 |
< |
chop $response; |
| 161 |
< |
$fqdn = $response; |
| 158 |
> |
print $sock "FQDN\n"; |
| 159 |
> |
$response = <$sock>; |
| 160 |
> |
if (!$response) { |
| 161 |
> |
print "The i-scream server did not tell us our FQDN.\n"; |
| 162 |
> |
close($sock); |
| 163 |
> |
wait_then_retry(); |
| 164 |
> |
next; |
| 165 |
> |
} |
| 166 |
> |
chop $response; |
| 167 |
> |
$fqdn = $response; |
| 168 |
|
|
| 169 |
< |
print "FQDN returned: $fqdn\n"; |
| 169 |
> |
print "FQDN returned: $fqdn\n"; |
| 170 |
|
|
| 171 |
< |
print $sock "UDPUpdateTime\n"; |
| 172 |
< |
$response = <$sock>; |
| 173 |
< |
chop $response; |
| 174 |
< |
$udp_update_time = $response; |
| 171 |
> |
print $sock "UDPUpdateTime\n"; |
| 172 |
> |
$response = <$sock>; |
| 173 |
> |
if (!$response) { |
| 174 |
> |
print "The i-scream server did not give us a UDPUpdateTime.\n"; |
| 175 |
> |
close($sock); |
| 176 |
> |
wait_then_retry(); |
| 177 |
> |
next; |
| 178 |
> |
} |
| 179 |
> |
chop $response; |
| 180 |
> |
$udp_update_time = $response; |
| 181 |
|
|
| 182 |
< |
print $sock "TCPUpdateTime\n"; |
| 183 |
< |
$response = <$sock>; |
| 184 |
< |
chop $response; |
| 185 |
< |
$tcp_update_time = $response; |
| 182 |
> |
print $sock "TCPUpdateTime\n"; |
| 183 |
> |
$response = <$sock>; |
| 184 |
> |
if (!$response) { |
| 185 |
> |
print "The i-scream server did not give us a TCPUpdateTime.\n"; |
| 186 |
> |
close($sock); |
| 187 |
> |
wait_then_retry(); |
| 188 |
> |
next; |
| 189 |
> |
} |
| 190 |
> |
chop $response; |
| 191 |
> |
$tcp_update_time = $response; |
| 192 |
|
|
| 193 |
< |
print "UDP packet period: $udp_update_time seconds.\nTCP heartbeat period: $tcp_update_time seconds.\n"; |
| 193 |
> |
print "UDP packet period: $udp_update_time seconds.\nTCP heartbeat period: $tcp_update_time seconds.\n"; |
| 194 |
|
|
| 195 |
< |
print $sock "ENDCONFIG\n"; |
| 196 |
< |
$response = <$sock>; |
| 197 |
< |
chomp $response; |
| 198 |
< |
if (!$response eq "OK") { |
| 199 |
< |
print "ENDCONFIG command to server failed. Terminated.\n"; |
| 200 |
< |
exit(1); |
| 201 |
< |
} |
| 195 |
> |
print $sock "ENDCONFIG\n"; |
| 196 |
> |
$response = <$sock>; |
| 197 |
> |
if ($response && !($response eq "OK\n")) { |
| 198 |
> |
print "ENDCONFIG command to server failed. Terminated.\n"; |
| 199 |
> |
close($sock); |
| 200 |
> |
wait_then_retry(); |
| 201 |
> |
next; |
| 202 |
> |
} |
| 203 |
|
|
| 204 |
< |
print "Config ended.\n"; |
| 204 |
> |
print "Config ended.\n"; |
| 205 |
|
|
| 206 |
< |
print $sock "FILTER\n"; |
| 207 |
< |
$response = <$sock>; |
| 208 |
< |
unless (defined($response)) { |
| 209 |
< |
print "Failed: Could not get a filter address from the filter manager.\n"; |
| 210 |
< |
exit(1); |
| 211 |
< |
} |
| 212 |
< |
chop $response; |
| 213 |
< |
$response =~ /(.*);(.*);(.*)/; |
| 214 |
< |
($filter_addr, $udp_port, $tcp_port) = ($1, $2, $3); |
| 215 |
< |
unless (defined($filter_addr) && defined($udp_port) && defined($tcp_port)) { |
| 216 |
< |
print "Failed: Filter address response from server did not make sense: $response\n"; |
| 217 |
< |
exit(1); |
| 218 |
< |
} |
| 206 |
> |
print $sock "FILTER\n"; |
| 207 |
> |
$response = <$sock>; |
| 208 |
> |
if (!$response) { |
| 209 |
> |
print "Failed: Could not get a filter address from the filter manager.\n"; |
| 210 |
> |
close($sock); |
| 211 |
> |
wait_then_retry(); |
| 212 |
> |
next; |
| 213 |
> |
} |
| 214 |
> |
chop $response; |
| 215 |
> |
$response =~ /^(.*);(.*);(.*)/; |
| 216 |
> |
if ($response eq "ERROR") { |
| 217 |
> |
print "There are no active configured filters for your host.\n"; |
| 218 |
> |
close($sock); |
| 219 |
> |
wait_then_retry(); |
| 220 |
> |
next; |
| 221 |
> |
} |
| 222 |
> |
($filter_addr, $udp_port, $tcp_port) = ($1, $2, $3); |
| 223 |
> |
unless (defined($filter_addr) && defined($udp_port) && defined($tcp_port)) { |
| 224 |
> |
print "Failed: Filter address response from server did not make sense: $response\n"; |
| 225 |
> |
close($sock); |
| 226 |
> |
wait_then_retry(); |
| 227 |
> |
next; |
| 228 |
> |
} |
| 229 |
|
|
| 230 |
< |
print "Got filter data ($filter_addr, $udp_port, $tcp_port)\n"; |
| 230 |
> |
print "Got filter data ($filter_addr, $udp_port, $tcp_port)\n"; |
| 231 |
|
|
| 232 |
< |
print $sock "END\n"; |
| 233 |
< |
$response = <$sock>; |
| 234 |
< |
chop $response; |
| 235 |
< |
if ($response eq "OK") { |
| 236 |
< |
print "Host successfully configured via TCP.\n" |
| 237 |
< |
} |
| 238 |
< |
else { |
| 239 |
< |
print "The server failed the host configuration on the END command."; |
| 240 |
< |
exit(1); |
| 241 |
< |
} |
| 232 |
> |
print $sock "END\n"; |
| 233 |
> |
$response = <$sock>; |
| 234 |
> |
if ($response && ($response eq "OK\n")) { |
| 235 |
> |
print "Host successfully configured via TCP.\n" |
| 236 |
> |
} |
| 237 |
> |
else { |
| 238 |
> |
print "The server failed the host configuration on the END command.\n"; |
| 239 |
> |
close($sock); |
| 240 |
> |
wait_then_retry(); |
| 241 |
> |
next; |
| 242 |
> |
} |
| 243 |
|
|
| 244 |
< |
close($sock); |
| 244 |
> |
close($sock); |
| 245 |
|
|
| 246 |
< |
print "Configuration finished sucessfully!\n"; |
| 247 |
< |
|
| 246 |
> |
print "Configuration finished sucessfully!\n"; |
| 247 |
> |
last; |
| 248 |
> |
} |
| 249 |
|
return; |
| 250 |
|
} |
| 251 |
|
|
| 370 |
|
) or return; |
| 371 |
|
if (!defined $sock) { |
| 372 |
|
print "IHOST WARNING: Failed to deliver a heartbeat to the i-scream filter.\n"; |
| 373 |
+ |
&tcp_configure(); |
| 374 |
|
return; |
| 375 |
|
} |
| 376 |
|
|
| 379 |
|
|
| 380 |
|
print $sock "HEARTBEAT\n"; |
| 381 |
|
$response = <$sock>; |
| 382 |
< |
return if (!defined $response); |
| 323 |
< |
chop $response; |
| 324 |
< |
if (!$response eq "OK") { |
| 382 |
> |
if (!$response eq "OK\n") { |
| 383 |
|
close($sock); |
| 384 |
|
print "Server gave wrong response to HEARTBEAT: $response\n"; |
| 385 |
+ |
&tcp_configure(); |
| 386 |
|
return; |
| 387 |
|
} |
| 388 |
|
|
| 389 |
|
print $sock "CONFIG\n"; |
| 390 |
|
$response = <$sock>; |
| 391 |
< |
return if (!defined $response); |
| 333 |
< |
chop $response; |
| 334 |
< |
if (!$response eq "OK") { |
| 391 |
> |
if (!$response eq "OK\n") { |
| 392 |
|
close($sock); |
| 393 |
|
print "Server gave wrong response to CONFIG: $response\n"; |
| 394 |
+ |
&tcp_configure(); |
| 395 |
|
return; |
| 396 |
|
} |
| 397 |
|
|
| 398 |
|
print $sock "$file_list\n"; |
| 399 |
|
$response = <$sock>; |
| 400 |
< |
return if (!defined $response); |
| 343 |
< |
chop $response; |
| 344 |
< |
if (!$response eq "OK") { |
| 400 |
> |
if (!$response eq "OK\n") { |
| 401 |
|
close($sock); |
| 402 |
|
print "Server gave wrong response to file list: $response\n"; |
| 403 |
+ |
&tcp_configure(); |
| 404 |
|
return; |
| 405 |
|
} |
| 406 |
|
|
| 407 |
|
print $sock "$last_modified\n"; |
| 408 |
|
$response = <$sock>; |
| 409 |
< |
return if (!defined $response); |
| 353 |
< |
chop $response; |
| 354 |
< |
if ($response eq "ERROR") { |
| 409 |
> |
if ($response eq "ERROR\n") { |
| 410 |
|
close($sock); |
| 411 |
+ |
print "Server configuration changed. Reconfiguring with filter manager.\n"; |
| 412 |
|
&tcp_configure(); |
| 413 |
|
return; |
| 414 |
|
} |
| 415 |
< |
if (!$response eq "OK") { |
| 415 |
> |
if (!$response eq "OK\n") { |
| 416 |
|
close($sock); |
| 417 |
|
print "Server gave wrong response to HEARTBEAT: $response\n"; |
| 418 |
+ |
&tcp_configure(); |
| 419 |
|
return; |
| 420 |
|
} |
| 421 |
|
|
| 422 |
|
print $sock "ENDHEARTBEAT\n"; |
| 423 |
|
$response = <$sock>; |
| 424 |
< |
return if (!defined $response); |
| 368 |
< |
chop $response; |
| 369 |
< |
if (!$response eq "OK") { |
| 424 |
> |
if (!$response eq "OK\n") { |
| 425 |
|
close($sock); |
| 426 |
|
print "Server gave wrong response to ENDHEARTBEAT: $response\n"; |
| 427 |
+ |
&tcp_configure(); |
| 428 |
|
return; |
| 429 |
|
} |
| 430 |
|
|
