NetPass/CHANGES at master · jeffmurphy/NetPass · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
2004-08-03
	jcm 0.90 released

2004-08-09
	jcm 0.91 released

2004-08-12
	jcm 0.92 released

2004-08-20
	jcm 0.93 released

2004-08-27
	jcm defaulted snmp version to 2 for performance
	rgc installed updated snmp modules, ported netpass routines to
	    new module format
	cwm implemented a topology-mib based search for client macs

2004-08-28
	jcm worked out bugs in topo search. did some snmp traces to
            examine latency issues. changed def timeout to 15,
	    def maxrepetitions to 10.
	jcm added PORT_SEARCH_ALGO to conf file
	jcm added UNQUAR_ON_LINKUP to conf file

2004-08-30
        rgc modified Apache::Session to use filesystem instead of db
            so we can save on the dbh.
	rgc modified eula.mhtml to not connect to the database directly.
	    modified WelcomePage component to pass printable=1 in
            when loading the eula (to suppress the /header).
        jcm modified netpass init script to mkdir /dev/shm/sessions/...
            for Apache::Session
        jcm got rid of extra DBI->connect in autoloaded and just
            use the one from $npdbh
	rgc moved cookie detect to between the login page and the
	    scan page. added COOKIE_NAME to conf file
	jcm changed register table. new col "uqlinkup". when upgrading
            from 0.92 execute the follow SQL statement:

alter table register add uqlinkup        ENUM('yes', 'no') NOT NULL DEFAULT 'no';

2004-08-31
	jcm fixed PQUAR bug (bug was in dbh->getMessage)

2004-09-01
	jcm 0.94 released

2004-09-03
	jcm added option to <network> and <policy> to control
	    whether resetport.pl runs. this allows us to turn it on
	    (or off) for specific networks.

2004-09-07
	jcm fixed QUAR bug (mason doesnt delete session, so host
            goes directly to the COMPLETE phase)

2004-09-08
	jcm fixed QUAR bug for real this time. i think.
	jcm fixed bug causing web code to not store the client's
	    'os' in the database
	jcm fixes to get_next_switch in Baystack.pm Baystack3.pm

2004-09-09
	jcm fixes to BayStack.pm BayStack3.pm (get_ifDesc) to handle
            unstacked units properly.
	jcm lib/NetPass/WWW/Session.pm cookies directories changed to
	    /cookies. recommend using reiserfs on that.
	jcm 0.95 released

2004-09-14
	jcm added functionality to searchArpCache so we could produce
	    a report of # of machines live in quarantine
	jcm added bynet.mhtml report, created Admin/reports dir

2004-09-21
	jcm cp'd ScanLite.pm to NetPass/Nessus.pm
	    modified it to have a showSTATUS routine. modified new() so
	    we can pass in a callback and params. we use the callback
	    to implement the web progress bar. this allows to not have
	    to nessus->login for every plugin/every client, which we
	    this was causing problems.
	jcm modified Client/BeginScan to do the right thing if
	    nessus not available. also modified it to use callback
	    to implement progress bar.
	jcm modified nessus timeout (in BeginScan) from 1s to 20s.

2004-09-24
	jcm modifications to qc.mhtml, DB.pm and resetport.pl to finish
	    unq-on-linkup feature.

2004-09-28
	jcm removed calendar/menu css and js refs. they were unused. fixed
	    some logged_in refs so admin site login meshed with client
            login

2004-09-29
	jcm modifications to qc.mhtml to allow searching by status,
	    linkup setting. also mods to permit searching by multiple
	    macs (bulk search).
	jcm refactored some code into NetPass::Network module
	jcm enhanced bynet.mhtml so it's prettier and smarter.
	jcm adjusted timeout/retry in SNMP code
	jcm added time tracking to get_mac_port_table to help determine
	    when we've hit a slow switch

2004-09-30
	jcm fixed user.mhtml bug where non-admin would cause all admins
	    to get deleted
	jcm bynet.mhtml cleanup
	jcm altered portmover.pl so that if it just did work, it wont sleep
	jcm altered Admin/Login so that it redirects you back to the page
	    you were trying to access.

2004-10-01
	jcm enhanced bynet.mhtml so that it pings hosts in quar to give a more
	    accurate count. when upgrading to this release, you must install
	    the Net::Ping::External module.

sudo perl -MCPAN -e 'install Net::Ping::External'

	jcm added 'requestedBy' column to portMoves table.
	    use install.d/convertdb to upgrade your DB

2004-10-05
	mtb added reports/byos.mhtml, added reports/graph.cgi supporting script
            for byos. modified DB.pm to fix issue where OS register value would
            potentially be over-written by apps like weatherbug, etc.
	jcm added url to bynet.mhtml to reference byclient.mhtml when clients
            column was clicked on.
	jcm added byclient.mhtml to give client specific information
	jcm modified DB.pm to have a getRegisterInfo() routine for efficiently
	    and uniformly fetching info from register

2004-10-06
	jcm changed audit and register table so that the macAddress column is
	    type TINYTEXT instead of INTEGER. this should correct an occasional
            problem we had we searching on macAddresses. TINYTEXT is also case
            insensitive, which makes things a little easier. changed various pieces
            of supporting code, mostly to ensure zero-padding of macaddress.

2004-10-12
	jcm added install.d/convertdb to upgrade a 0.95 DB to a 0.96 DB

2004-10-24
	jcm modified messages (username, password, etc) so that they are
	    customizable from the conf file instead of being embedded into
	    the html, mason, etc code
	jcm bug fixes to byclient.mhtml bynet.mhtml
	jcm searchArpCache takes an optional param which causes it to
            exclude "incomplete" macs now.

2004-12-30
	jcm fixed bug where changing a port from managed to unmanaged would
	    cause a user on that port to become stuck in quarantine
	jcm worked on installation script

2004-12-31
	jcm added NetPass::Auth::LDAP, ..Auth::Unix and ..Auth::DB modules
	jcm moved NetPass::RADIUS to NetPass::Auth::Radius
	jcm moved doc/startup/* to install.d/init.d/*

2005-08-01
	jcm admin UI over-haul. segment access by network/group
	jcm client UI modifications. tie walk-thru messages to client's network
	mtb snort integration
	mtb netpass API
	jcm moved config file into database
	mtb migrated to mysql cluster
	mtb service watcher (npsvc)
	jcm macscan app
	jcm appstarter app
	jcm per-network/group policy settings
	mtb basic incident tracking
	jcm 'strikes' system
	mtb lots of bugs created
	jcm lots of bugs fixed

2005-08-10
	jcm bug fixes to appstarter. 'drop table appStarter' and re-create it according
		to the install.d/tables.sql definition
	jcm perms adjustments to ids cfg
	jcm bug fix in netpass.pm validate code
	jcm auth methods bug fix
	jcm netpass startup script changes
	jcm installer changes: install npsvc into inittab, configure conf file
	jcm installer changes: add NPAPI port to iptables.sh
	jcm npsvc: replace system() with fork/exec
	jcm bug in qc.mhtml related to someone with default:QuarAdmin perms being denied

2005-08-16
	jcm bug fix to NetPass.pm - invalid call to setMessage()
	jcm bug fix to Scan/index.mhtml - permissions problem if in both
		Reports and ScanAdmin acl
	jcm bug fix to ShowResults - didnt correctly display nessus scan
		results
	jcm bug fix to install - didnt install logrotate.d/apache logrotate.d/netpass
	jcm bug fix to Config.pm - altering network switches would cause
		bsw setting to be lost
	jcm bug fix to mr.mhtml - permissions problem if in both
                Reports and ScanAdmin acl
	jcm bug fixes to npsvc daemon
	jcm added npapid to ldirectord
	jcm added npapid-netpass-check.cgi checker so LVS can see if it's
		running or not.
	jcm altered /etc/init.d/netpass so most scripts run as 'netpass'
		and only those that require root run as root

2005-08-27
	jcm additions to appstarter so that the nessus (scanconfig) 'refresh plugins'
		button actually does something
	jcm altered qc.mhtml and byclient.mhtml so that they used the LDAP settings
		also tied them together so clicking on mac addr takes you from
		qc to byclient
	jcm added some code to reject google web accelerator if it accesses the
		admin pages
	jcm javascript fixes to Admin pages for IE compatibility

2005-08-31
	jcm bug fix. a non-responsive switch would abort the port search and leave
		users stuck in quarantine
	jcm disabled use of cookies for session tracking. placed session id in
		http POST instead. the problem was that toolbars like google
		would sue the same cookie store that IE uses. this would cause
		weird things to occur because the session state would become
		corrupt.
	jcm minor bug in fsp.pl - a diagnostic script.
	jcm bug fix to Admin/cmd/setresult.mhtml to fix a permissions problem where
		an network admin wouldnt be able to change the status of a client's
		result
	jcm bug fix to ScanAdmin audit messages (incorrectly ref'd logged_in)
	jcm bug fix in bynet report (macos arp padding issue)
	jcm bug fix in scan config (snort list limited to first 250)

2005-09-09
	jcm added sort by IP to various admin forms
	jcm added cisco tree search patch by NU
	jcm bug fix to quarctl form - couldnt change results status

2005-09-19
	jcm added feature to macscan: if the port contains unregistered macs _OR_
		macs that have been quarantined, and the port is not in quarantine,
		it will be placed in quarantine. OK macs (registered and not
		quarantined) will be given the multi-mac message)
	jcm changed number-of-switches-per-thread to 50 in macscan to try and control
		how many concurrent db queries it makes.
	jcm changed number-of-threads in resetport from 20 to 50 to see if it makes
		it more responsive.

2005-09-21
	jcm bug fix message editor click cancel causes admin session to be logged out
	jcm bug fix if you change the status of a client's "result" in QC, no audit log
		entry is made reflecting which admin changed the status

2005-10-12
	jcm bug fix. resetport.pl, bug in findThread caused most jobs to get assigned to
		same thread, possibly resulting in long delays.

2005-12-23
	jcm bug fix. resetport.pl. bug in quarantine/linkdown processing if you
		had linkflap tolerance enabled but port-polling disabled. it would
		ignore the linkflap tolerance setting.
	jcm resetport.pl added feature for port polling. if linkup on a port but
		no mac appears on the port for N seconds (settable) resetport will
		drop the port from the work queue.
	jcm bug fix. apparently i missed a routine in the install script, causing
		it to error out.

2005-12-23
	jcm NP 2.1 released

2006-01-03
	jcm bug fix in install-lvs.sh - added gcc, et al, to up2date install line
	jcm bug fix in iptables-lvs.sh - moved 'allow loopback INPUT traffic' to above
		INPUT drop all rule
	jcm bug fix in ldirectord.cf - set persistant to 600 for SNMP trap packets

2006-01-05
	jcm fixed getRegisterInfo so the return values matched the doc.
	jcm fixed bug in byclient report so it handled the rv from gri correctly
	jcm modified gri so it can handle a -switch and -port parameter
	jcm added bin/portinfo.pl report
	jcm changed the workLoad calculation in resetport

2006-01-18
	jcm bug#1409203 in qc.mhtml where changing the 'unquar when?' field would
		cause the port to be quarantined.
	jcm bug#1409317 last-seen and registered-on column headers were swapped on
		qc.mhtml
	jcm bug#1409318 ldap_popup (which wraps occurances of usernames on the admin
		pages) would have the npsess cgi var appended to it. stopped that
		from happening.

2006-01-19
	jcm bug#1410167 results in audit page didnt sort correctly and included
		duplicates.
	jcm features: audit page gets clickable mac, username fields. clicking on
		the mac column jumps to the byclient report. clicking the username
		opens an ldap lookup. also for messages of type
		"multi-mac: BAD neighbor $mac status ..." clicking on the neighbor
		$mac address will jump to the manual registration screen.
	jcm fixed table header in mr.mhtml which said "Search" even tho that
		didn't make sense.
	jcm feature: BeginScan now obeys the "What to do when Nessus is down?"
		setting (Config->General). If you set When_Down to "FAIL" then
		you need to also create a page called "msg:nessus_down" which
		will be displayed so that the user knows why they can't get
		out of quarantine.

2006-02-07
	jcm bug#1426340 fixed a bug where users who could authenticate (i.e via
		radius) but did not have any explicit permissions (group membership)
		would still get readonly access to certain pages
	jcm bug#1426335 fixed a bug on a few forms (IDS, Audit, Reports) allowed readonly
		access even if you werent in the appropriate readonly group(s)

2006-03-16
	jcm bug#1451624 table column in reports/byclient and audit page referenced
		'UBIT Name'
	jcm bug#1451626 user editored emitted debugging output in some circumstances
	jcm bug#1451625 remove a user from all groups, sometimes doesnt delete the
		user from the database

2006-03-20
	jcm added 'custom mac' to per-network configuration. this can be used to set the
		redirector's per-vlan mac address to the same as the router, which will
		let you disable garp. see Appendix D in the doc for a discussion.

2006-03-28
	jcm rebuilt apache to version 1.3.34 and posted binaries

2006-04-07
	jcm bug#1465448  Input validation on manual register form allowed invalid mac
		addresses to be registered.

2006-04-10
	jcm removed "port is already in that VLAN" check from NetPass.pm - occasionally
		a port would get stuck in both VLANs, and this check would stop NetPass
		from fixing that when it occurred.

2006-07-06
	jcm modified API.pm to allow quarantining even if autoquar is not enabled on
		a network (via a toggle)
	wcy modified LOG.pm to fix a STDOUT flush problem
	jcm modified macscan.pl to fix a bug where QUAR would be ignored
	jcm modified API.pm to allow quaranting by MAC as well as to expose a few
		more functions
	wcy modified DB.pm to allow fetching of register records by username